Currently, the command "acrnctl suspend" and "acrnctl resume"
is not used by user. This patch removes related code.
Tracked-On: #5921
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Currently, the command "acrnctl suspend" and "acrnctl resume"
is not used by user. This patch removes related code.
v1-->v2:
Remove vm_suspend.
Tracked-On: #5921
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Currently, Service VM may fail to shut down due to some enabled
VFs. ACRN doesn't disable VFs automatically.
In this patch, add a note for user to disable VFs before Service
VM shuts down.
Tracked-On: #5921
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Rename `CONFIG_IOMMU_BUS_NUM` to `ACFG_MAX_PCI_BUS_NUM`. Configure tool
will calculate `ACFG_MAX_PCI_BUS_NUM` base on the max pci num which is
used by VF. So user needn't care about `ACFG_MAX_PCI_BUS_NUM`, and memory
will be used resonable.
Tracked-On: #6942
Signed-off-by: Yuanyuan Zhao <yuanyuan.zhao@linux.intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Extract the max pci bus number from board information and generate the
common configuration macro ACFG_MAX_PCI_BUS_NUM automatically.
Tracked-On: #6942
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
remove is_valid_xsave_combination api,
assume the hardware or QEMU can guarantee that support
XSAVE on CPU side and XSAVE_XRSTR on VMX side or not.
will add offline-tool in QEMU platform to avoid the user
use wrong XSAVE configurations.
remov check VMX_PROCBASED_CTLS2_XSVE_XRSTR based on the above reason.
for VMX_PROCBASED_CTLS2_PAUSE_LOOP, now it will panic
if run ACRN over QEMU, here remove it from essential check,
and it will print error information when set this bit
if there is no the hardware capability.
v1-v2:
remove is_valid_xsave_combination
Tracked-On: #6584
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch adds an option CONFIG_KEEP_IRQ_DISABLED to hv (default n) and
config-tool so that when this option is 'y', all interrupts in hv root
mode will be permanently disabled.
With this option to be 'y', all interrupts received in root mode will be
handled in external interrupt vmexit after next VM entry. The postpone
latency is negligible. This new configuration is a requirement from x86
TEE's secure/non-secure interrupt flow support. Many race conditions can be
avoided when keeping IRQ off.
v5:
Rename CONFIG_ACRN_KEEP_IRQ_DISABLED to CONFIG_KEEP_IRQ_DISABLED
v4:
Change CPU_IRQ_ENABLE/DISABLE to
CPU_IRQ_ENABLE_ON_CONFIG/DISABLE_ON_CONFIG and guard them using
CONFIG_ACRN_KEEP_IRQ_DISABLED
v3:
CONFIG_ACRN_DISABLE_INTERRUPT -> CONFIG_ACRN_KEEP_IRQ_DISABLED
Add more comment in commit message
Tracked-On: #6571
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
"idle=halt " should be avoided in REE since we have to
keep the interrupt always masked in root mode.
Tracked-On: #6571
Signed-off-by: Jie Deng <jie.deng@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Previous upstreamed patches handles the secure/non-secure interrupts in
handle_x86_tee_int. However there is a corner case in which there might
be unhandled secure interrupts (in a very short time window) when TEE
yields vCPU. For this case we always make sure that no secure interrupts
are pending in TEE's vlapic before scheduling REE.
Also in previous patches, if non-secure interrupt comes when TEE is
handling its secure interrupts, hypervisor injects a predefined vector
into TEE's vlapic. TEE does not consume this vector in secure interrupt
handling routine so it stays in vIRR, but it should be cleared because the
actual interrupt will be consumed in REE after VM Entry.
v3:
Fix comments on interrupt priority
v2:
Add comments explaining the priority of secure/non-secure interrupts
Tracked-On: #6571
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The TEE_NOTIFICATION_VECTOR can sometimes be confused with TEE's PI
notification vector. So rename it to TEE_FIXED_NONSECURE_VECTOR for
better readability.
No logic change.
v3:
Add more comments in commit message.
Tracked-On: #6571
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Sometimes HV would like to know if there are specific interrupt
pending in vIRR, and clears them if necessary (such as in x86_tee case).
This patch adds two APIs: get_next_pending_intr and clear_pending_intr.
This patch also moves the inline api prio() from
vlapic.c to vlapic.h
v3:
Remove apicv_get_next_pending_intr and apicv_clear_pending_intr
and use vlapic_get_next_pending_intr and vlapic_clear_pending_intr
directly.
v2:
get_pending_intr -> get_next_pending_intr
apicv_basic/advanced_clear_pending_intr -> apicv_clear_pending_intr
apicv_basic/advanced_get_pending_intr -> apicv_get_next_pending_intr
has_pending_intr kept
Tracked-On: #6571
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
In pci_enumerate_ext_cap we assume the extended capability linked lists
are always legal and correct, which might not be true when there was a
faulty hardware. This patch adds checks (time to live) to guard against malformed
extended capability linked lists.
v2:
Add error printing when node_limit <= 0.
Tracked-On: #6571
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Though REE VM has its load order to be Service_VM, it does not offer
services as Service VM does. The only hypercalls allowed for REE are the
ones with GUEST_FLAG_REE.
Tracked-On: #6571
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch wraps the check of GUEST_FLAG_TEE/REE into functions
is_tee_vm/is_ree_vm for readability. No logic changes.
Tracked-On: #6571
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
For WaaG VM, the User VM name is hard coded in the
lifecycle manager, this User VM ("windows") is needed
for guest shutdown.
Note: libvirt will be used to do guest shutdown and
the WaaG VM name will be configurable in furture.
The lifecycle manager starup picture in WaaG VM is out
of data, update it in this patch.
Tracked-on: #6652
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
This patch updates recommendations to upgrade from a prior ACRN version
for v2.7, and updates the what's new summary.
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
The CONFIG_LOG_DESTINATION parameter selects where the logging messages
send to,serial console or memory or npk device MMIO region.
Now we want to remove it and check the loglevel of each channel,close the
output when the loglevel is ZERO.
Tracked-On: #6934
Signed-off-by: Chenli Wei <chenli.wei@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. remove LOG_DESTINATION in the related python code, schema and
all existing scenario XML files.
2. for MEM_LOGLEVEL, NPK_LOGLEVEL and CONSOLE_LOGLEVEL,
update the loglevel range to [0, 5] from [0, 6].
Tracked-On: #6934
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
fix memory leakage issue in function 'acrn_parse_cpu_affinity()',
memory pointed by 'cp' is not released before function return.
Tracked-On: #6919
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Currently, if board.xml and scenario.xml are specified,
the variable $(BOARD) and $(SCENARIO) are path, but the
parameters passed in to generate debian package should be
board and scenario name. So add a conversion function to
ensure that the function passed to the generated debian
package is board and scenario name.
Tracked-On: #6688
Signed-off-by: Hu Fenglin <fenglin.hu@intel.com>
- Replace SOS or Service OS with Service VM
- Replace UOS or User OS with User VM
- Replace VHM with HSM
Signed-off-by: Amy Reyes <amy.reyes@intel.com>
- Replace SOS or Service OS with Service VM
- Replace UOS or User OS with User VM
- Clean up some of the grammar
Signed-off-by: Amy Reyes <amy.reyes@intel.com>
- Replace UOS or User OS with User VM
- Replace SOS or Service OS with Service VM
- Clean up some of the grammar
Signed-off-by: Amy Reyes <amy.reyes@intel.com>
- Replace SOS or Service OS with Service VM
- Replace UOS or User OS with User VM
- Replace VHM with HSM
Signed-off-by: Amy Reyes <amy.reyes@intel.com>
- Replace SOS or Service OS with Service VM
- Replace UOS or User OS with User VM
- Capitalize ACRN Configurator
Signed-off-by: Amy Reyes <amy.reyes@intel.com>
Currently, in RTVM with multi vCPUs, lapic pass through is
configured, each vCPU works in x2apic mode. When one vCPU sends
IPI to all other vCPUs through writes ICR register with virtual
value 0x00000000000c00f8, this ICR writting will be intercepted,
the hypervisor passes destination shorthand field 11B (All Excluding
Self) in the virtual ICR value into physical ICR value during IPI
emulation, this IPI will be sent to each physical CPU core
in the platform according to 10.6.1 Interrupt Command Register (ICR),
Vol 3, SDM.
One vCPU in User VM with lapic pass through configuration can
send IPI with destination shorthand (10B or 11B) and any vector
(such as NMI or reboot vector) to other vCPUs, this IPI will sent
other VMs in the platform by hypervisor, this interference may
cause other VMs hang.
In this patch, set "Destination Shorthand" field of the
ICR value as 00B (No Shorthand) since the emulation is done
through sending IPI to each VCPU in dmask one by one.
Tracked-On: #6908
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Chen, Jason CJ <jason.cj.chen@intel.com>
remove LOG_BUF_SIZE in the related python code, schema and
all existing scenario XML files.
Tracked-On: #6690
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch introduces stateful VM which represents a VM that has its own
internal state such as a file cache, and adds a check before system
shutdown to make sure that stateless VM does not block system shutdown.
Tracked-On: #6571
Signed-off-by: Wang Yu <yu1.wang@intel.com>
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Replace UOS or User OS with User VM
- Replace SOS or Service OS with Service VM
- Capitalize Board Inspector and ACRN Configurator
- Clean up some of the grammar
Signed-off-by: Amy Reyes <amy.reyes@intel.com>
- Replace SOS or Service OS with Service VM
- Replace UOS or User OS with User VM
- Capitalize ACRN Configurator and Board Inspector
- Clean up some of the grammar
Signed-off-by: Amy Reyes <amy.reyes@intel.com>
Per the membership charter, the TSC members are maintained in the
CONTRIBUTING file in the project's GitHub repo. Update our contributing
documentation to include this file into our technical docs too.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Currently the MACRO(DM_OWNED_GUEST_FLAG_MASK) is generated
by config-tool. It's unnecessary to generate by tool since
it is fixed, the config-tool will remove this MACRO and
move it to vm_config.h
Tracked-On: #6366
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Because it is not configurable, config tool might not need to
define DM_OWNED_GUEST_FLAG_MASK. So we remove it in tool.
Tracked-On: #6366
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
GUEST_FLAG_SECURITY_VM only for pre-launch vm, should not be
programmed by device model, so we remove it in DM_OWNED_GUEST_FLAG_MASK.
Tracked-On: #6366
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
