- use strncmp() instead of comparing string pointers to make no
assumptions about the toolchain's literal pool
- re-shuffle the functions so they're consistent with mem.h
- make non-public functions static
- increase code re-use
Tracked-On: #2792
Signed-off-by: Peter Fang <peter.fang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
Per commit dbd9ab07e1, GUEST_CFG_OFFSET is
no longer needed.
Tracked-On: #2792
Signed-off-by: Peter Fang <peter.fang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
This patch add tutorial about using zephyr as guest.
Tracked-On: #2713
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
---
v3 -> v4:
- Addressed two minor comments from David
v2 -> v3:
- Detail section `Build Zephyr`
- Add missing sudo
- Automatically boot zephyr
- Other grammar, phrasing fix
v1 -> v2:
- NUC7i5DNH -> NUC7i5DNHE.
- Add note about doc to build acrn supported zephyr image.
- Refine section `Boot Zephyr as User OS`.
- Some minor fix.
Enhance the ACRN shell interactive help. It is close to a 1-1 mapping with
the online documentation but cut a little shorter in various places to make it
more user-friendly when using it from the ACRN console.
Tracked-On: #2829
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
To merge the multiboot bootargs within sbl_init_vm_boot_info(), buffer
overflow could happen when it doesn't provide correct 'dmax' argument
to strncpy_s().
Also, currently it doesn't check the availability of the dest buffer before
overwriting '\0' with a whitespace, which theoretically the dest string
could end up with no null terminator within it's array boundary.
This patch also creates a separate function to merge the cmdline strings,
because after the above fixes some lines in sbl_init_vm_boot_info()
function could have up to 7 tabs in front of the first character, which
looks messy and sbl_init_vm_boot_info() is getting too complicated.
Tracked-On: #2806
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Linux access TSC_ADJUST to verify it has not tampered every time when enter idle.
So for RTVM running rt-linux, the access will cause vm exit which affect real-time performance.
This commit pass through TSC_ADJUST to VM with lapic_pt, to avoid TSC_ADJUST caused vm_exit.
For other VMs, TSC_ADJUST msr access is still trapped and emulated.
Tracked-On: #2813
Signed-off-by: Yan, Like <like.yan@intel.com>
This patch hide Memory Protection Extention (MPX) capability from guest.
- vCPUID change:
Clear cpuid.07H.0.ebx[14]
Clear cpuid.0DH.0.eax[4:3]
- vMSR change:
Add MSR_IA32_BNDCFGS to un-supported MSR array.
- XCR0[4:3] is not allowed to set by guest.
Tracked-On: #2821
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Both sharing mode and partition mode should follow the same coding logic/style
for similar functions:
vdev cfgread/cfgwrite: should all return -ENODEV if the pci reg access is not handled by
it, but previously the partition mode code is not following this logic
vpci cfgread/cfgwrite: if the vdev cfgread/cfgwrite does not handle this reg,
pass on to next vdev cfgread/cfgwrite, if no vdev handles that req, passthru to
physical pci device
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Do the pci cfg read/write sanity checking before the request is dispatched to
submodules, so that the checking is centralized rather than scattered across multiple
files/places
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In preparation for vpci ops function removal, so that these functions can be
called directly instead by vpci code
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove vdev ops for partition mode, change related code to directly call the corresponding
functions instead
Remove struct pci_vdev_ops from vpci.h
Add @pre for pci_find_vdev_by_pbdf and pci_find_vdev_by_vbdf/partition_mode_vpci_init
Change the return value from int32_t to void to comply with misra c and
add ASSERT/panic in the functions (if necessary):
vdev_hostbridge_init
vdev_hostbridge_deinit
vdev_pt_init
vdev_pt_deinit
Still use pr_err in partition_mode_cfgread and partition_mode_cfgwrite to check if vdev cfgread/cfgwrite
access is aligned on 1/2/4 bytes, which is the only case that vdev cfgread/cfgwrite will return
nonzero, pr_err will be removed in subsequent patch titled "unify the sharing
mode and partition mode coding style for similar functions"
Remove @pre for local variables
Add ASSERT in partition_mode_pdev_init to check if pdev is NULL (user config
error)
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN uses global invalidation for all DMAR translation caches. Whenever
a UOS is shutdown or rebooted, it ends up clearing entries in translation
caches belonging to other VMs/domains. This patch adds support for
domain/device level invalidation for DMA translation caches and index
based invalidation for Interrupt Remapping Cache.
Tracked-On: #2738
Signed-off-by: Sainath Grandhi sainath.grandhi@intel.com
Acked-by: Eddie Dong eddie.dong@intel.com
strncpy_s(d, dmax, s, slen): the 'dmax' includes the null terminator, while
slen doesn't. Thus if (dmax == slen == strlen(s)), strncpy_s() chooses to
discard the last character from s and instead write '\0' to d[dmax - 1].
strnlen_s(s, maxsize): if there is no terminating null character in the
first maxsize characters pointed to by s, strnlen_s() returns maxsize.
So in the following example or similar cases, we need to increase the size
of d[] by 1 to accommodate the null terminator, and add '1' to the dmax
argument to strncpy_s().
uint8_t d[MAX_LEN];
size = strnlen_s(s, MAX_LEN);
strncpy_s(d, MAX_LEN, s, size);
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Add a tutorial on how to increase the disk size of a User OS (UOS)
based on Clear Linux. The tutorial is largely inspired from Clear Linux
tutorial and refers to it. It mostly explains how to resize the .img
file using the 'qemu-img' tool since ACRN does not have any dedicated
tool for manipulating virtual disk image files.
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Co-Authored-By: David B. Kinder <david.b.kinder@intel.com>
Add 'rdmsr' and 'wrmsr' to the "ACRN Shell Commands" documentation. Both are
already described via the interactive help command but not (yet) included in our
on-line documentation.
Tracked-On: #2684
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Currently board names are used inconsistently across the project.
* Name of defconfigs for various boards use lowercase.
* Directory of config files for various boards use lowercase.
* CONFIG_BOARD uses uppercase.
This confuses the configuration scripts and leads to unintended overwriting of
.config, as well as missing of board-specific headers during compilation because
the include paths are case-sensitive.
This patch converts the default board names to lowercase to resolve such
issues. Users are still free to define their own boards in either uppercase or
lowercase as long as they keep the cases consistent.
Tracked-On: #2794
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Preparing for hybrid mode:
- create vE820 for pre-launched VMs and do other init code when the
vm_config->type is PRE_LAUNCHED_VM.
- create ve820.c for each board because without wrapping by
CONFIG_PARTITION_MODE, ve820_entry[] needs to be visible even when
compiling target boards that haven't enabled pre-launched VMs.
- remove create_prelaunched_vm_e820() from vm.c and implement board
specific function for each $(CONFIG_BOARD)/ve820.c. The reasons being:
- don't need to define ve820_entry[32] for those boards that don't
support pre-launched VMs.
- more importantly, this makes it much easier to create different per-VM
vE820 when it's needed.
Tracked-On: #2291
Signed-off-by: Zide Chen <zide.chen@intel.com>
Previously vrtc is for partition mode only, now enable it for sharing mode;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Suppose run_ctx.cr0/cr4 are correct when do world switching, so call
vcpu_set_cr0/cr4() to update cr0/cr4 directly before resume to guest.
This design is only for trusty world switching.
Tracked-On: #2773
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove vdev ops for sharing mode, directly call the corresponding functions
instead of calling the ops callbacks (indirectly)
Remove alloc_pci_vdev() and merge its code into init_vdev_for_pdev() to simplify code
Remove @pre for local variables
Change the return value from int32_t to void to comply with misra c and
add ASSERT in the functions (if necessary) to verify the assumptions for debug build:
vmsi_init
vmsix_init
vmsi_deinit
vmsix_deinit
Add @pre for vmsix_init_helper and make it a void function, use ASSERT to verify
the assumption for debug build.
Add ASSERT in get_sos_vm
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This is to fix the following misra c violation:
Pointer param should be declared pointer to const. : vdev
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
No need to use these 2 variables as global (per pci_misx), can simply use local
variables in code instead.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Define has_msi_cap and has_msix_cap inline functions to do sanity checking for
msi and msix ops, the corresponding code block in existing code is replaced with
a call to these new functions.
A few minor coding style fix.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now we only configure "hide MTRR" explicitly to false for SOS. For other VMs,
we don't configure it which means hide_mtrr is false by default.
And remove global config MTRR_ENABLED
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
When a pci device assined to UOS, the virtual bdf is allocated by device model.
After the pci device un-assigned from UOS, it is back to SOS.
The virtual bdf should be restored.
The virtual bdf equals physical bdf for a pci device in SOS.
Tracked-On: #2788
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Physcial bdf is needed in hypervisor to find the right pci dev.
Tracked-On: #2788
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
VM use CLOS when set CLOS_REQUIRED in guest flags of vm_config. The
wrong comment is 'if guest_flags has CAT_ENABLED', and should be fixed
as 'if guest_flags has CLOS_REQUIRED'
Tracked-On: #2462
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
1. move seed_info structure from trusty.h to seed.h
2. replace "#include <hypervisor.h>" with necessary including headers
in seed.c/seed_abl.c/seed_sbl.c
Tracked-On: #2777
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The boards without IOC don't need to call get_sos_wakeup_reason function.
The HW IOC can be detected in runtime,via checking "/dev/cbc-early-signals" node.
Tracked-On:#1996
Signed-off-by: liuyonggang <yonggangx.liu@intel.com>
Acked-by: Yan, Like <like.yan@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Remove vmx_cr0/vmx_cr4 from ext_context structure, they are duplicated
with cr0/cr4 fields in run_context.
Switch cr0/cr4 of run_context structure on demand when do world switch.
Remove vmx_cr0_read_shadow/vmx_cr4_read_shadow from ext_context structure.
These fields should be same for both normal world and secure world.
Tracked-On: #2773
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The init page tables installed in either cpu_primary.S or trampoline.S
are 1:1 mapping and won't be changed in the future.
The 'actual' hypervisor page table installed in enable_paging() is 1:1
mapping currently but it could be changed in the future. Both hva2hpa() and
hpa2hva() are implemented based on these page tables and can't be used
when the init page tables take effect.
This patch does the following cleanup:
- remove all hva2hpa()/hpa2hva() before calling enable_paging()
- get_hv_image_base() returns HVA, not HPA. So add hva2hpa() for all cases
that are called afte enable_paging().
Tracked-On: #2700
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
Fix some stray UTF-8 punctuation and symbol characters, unnecessary
trademark symbols, and some misspellings missed during regular reviews.
Tracked-On: #2712
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Original design is to map trusty's memory to 512G~513G, but GR-MRB platform
does not support memory mapping bigger than 512G. So final implementation
is mapping trusty's memory to 511G~512G.
This patch update the documentation with latest implementation.
Tracked-On: #2742
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
This patch marks thre_int_pending as true when THR is empty.
Tracked-On: #2713
Signed-off-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Input parameter "bus" of assign_iommu_device/unassign_iommu_device may be from hypercall.
And the conext tables are static allocated according to CONFIG_IOMMU_BUS_NUM.
Need to check the bus value to avoid access invalid memory address with invalid value.
Tracked-On: #2743
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Now it will call the below function to create the corresponding pci_device_iterator
in passthrough device initialization. But it is not released in time.
So it needs to be released to fix the memory leak issue.
Tracked-On: #2762
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: He, Min <min.he@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
Otherwise it causes the memory leak.
V1->V2: Fix the leak of pi->arg as gvt structure also needs to be released.
Tracked-On: #2762
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: He, Min <min.he@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
It makes more sense by aligning directory name with board name.
Tracked-On: #2760
Signed-off-by: Tw <wei.tan@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
