Since we restore BAR values when writing Command Register if necessary. We don't
need to trap FLR and do the BAR restore then.
Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
When PCIe does Conventinal Reset or FLR, almost PCIe configurations and states will
lost. So we should save the configurations and states before do the reset and restore
them after the reset. This was done well by BIOS or Guest now. However, ACRN will trap
these access and handle them properly for security. Almost of these configurations and
states will be written to physical configuration space at last except for BAR values
for now. So we should do the restore for BAR values. One way is to do restore after
one type reset is detected. This will be too complex. Another way is to do the restore
when BIOS or guest tries to write the Command Register. This could work because:
1. The I/O Space Enable bit and Memory Space Enable bits in Command Register will reset
to zero.
2. Before BIOS or guest wants to enable these bits, the BAR couldn't be accessed.
3. So we could restore the BAR values before enable these bits if reset is detected.
Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Per SDM 10.12.5.1 vol.3, local APIC should keep LAPIC state after receiving
INIT. The local APIC ID register should also be preserved.
Tracked-On: #4267
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The patch abstract a vcpu_reset_internal() api for internal usage, the
function would not touch any vcpu state transition and just do vcpu reset
processing. It will be called by create_vcpu() and reset_vcpu().
The reset_vcpu() will act as a public api and should be called
only when vcpu receive INIT or vm reset/resume from S3. It should not be
called when do shutdown_vm() or hcall_sos_offline_cpu(), so the patch remove
reset_vcpu() in shutdown_vm() and hcall_sos_offline_cpu().
The patch also introduced reset_mode enum so that vcpu and vlapic could do
different context operation according to different reset mode;
Tracked-On: #4267
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Some MACROs in lapic.h are duplicated with apicreg.h, and some MACROs are
never referenced, remove them.
Tracked-On: #4268
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Structure pci_vbar is used to define the virtual BAR rather than physical BAR.
It's better to name as pci_vbar.
Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add severity definitions for different scenarios. The static
guest severity is defined according to guest configurations.
Also add sanity check to make sure the severity for all guests
are correct.
Tracked-On: #4270
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
For guest reset, if the highest severity guest reset will reset
system. There is vm flag to call out the highest severity guest
in specific scenario which is a static guest severity assignment.
There is case that the static highest severity guest is shutdown
and the highest severity guest should be transfer to other guest.
For example, in ISD scenario, if RTVM (static highest severity
guest) is shutdown, SOS should be highest severity guest instead.
The is_highest_severity_vm() is updated to detect highest severity
guest dynamically. And promote the highest severity guest reset
to system reset.
Also remove the GUEST_FLAG_HIGHEST_SEVERITY definition.
Tracked-On: #4270
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
For system S5, ACRN had assumption that SOS shutdown will trigger
system shutdown. So the system shutdown logical is:
1. Trap SOS shutdown
2. Wait for all other guest shutdown
3. Shutdown system
The new logical is refined as:
If all guest is shutdown, shutdown whole system
Tracked-On: #4270
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
ACRN hypervisor should trap guest doing PCI AF FLR. Besides, it should save some status
before doing the FLR and restore them later, only BARs values for now.
This patch will trap guest Conventional PCI Advanced Features Control Register write
operation if the device supports Conventional PCI Advanced Features Capability and
check whether it wants to do device AF FLR. If it does, call pdev_do_flr to do the job.
Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
ACRN hypervisor should trap guest doing PCIe FLR. Besides, it should save some status
before doing the FLR and restore them later, only BARs values for now.
This patch will trap guest Device Capabilities Register write operation if the device
supports PCI Express Capability and check whether it wants to do device FLR. If it does,
call pdev_do_flr to do the job.
Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
We don't use INIT signal notification method now. This patch
removes them.
Tracked-On: #3886
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
We have implemented a new notification method using NMI.
So replace the INIT notification method with the NMI one.
Then we can remove INIT notification related code later.
Tracked-On: #3886
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
There is a window where we may miss the current request in the
notification period when the work flow is as the following:
CPUx + + CPUr
| |
| +--+
| | | Handle pending req
| <--+
+--+ |
| | Set req flag |
<--+ |
+------------------>---+
| Send NMI | | Handle NMI
| <--+
| |
| |
| +--> vCPU enter
| |
+ +
So, this patch enables the NMI-window exiting to trigger the next vmexit
once there is no "virtual-NMI blocking" after vCPU enter into VMX non-root
mode. Then we can process the pending request on time.
Tracked-On: #3886
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
The NMI for notification should not be inject to guest. So,
this patch drops NMI injection request when we use NMI
to notify vCPUs. Meanwhile, ACRN doesn't support vNMI well
and there is no well-designed way to check if the NMI is
for notification or for guest now. So, we take all the NMIs as
notificaton NMI for hard rtvm temporarily. It means that the
hard rtvm will never receive NMI with this patch applied.
TODO: vNMI support is not ready yet. we will add it later.
Tracked-On: #3886
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
ACRN hypervisor needs to kick vCPU off VMX non-root mode to do some
operations in hypervisor, such as interrupt/exception injection, EPT
flush etc. For non lapic-pt vCPUs, we can use IPI to do so. But, it
doesn't work for lapic-pt vCPUs as the IPI will be injected to VMs
directly without vmexit.
Without the way to kick the vCPU off VMX non-root mode to handle pending
request on time, there may be fatal errors triggered.
1). Certain operation may not be carried out on time which may further
lead to fatal errors. Taking the EPT flush request as an example, once we
don't flush the EPT on time and the guest access the out-of-date EPT,
fatal error happens.
2). ACRN now will send an IPI with vector 0xF0 to target vCPU to kick the vCPU
off VMX non-root mode if it wants to do some operations on target vCPU.
However, this way doesn't work for lapic-pt vCPUs. The IPI will be delivered
to the guest directly without vmexit and the guest will receive a unexpected
interrupt. Consequently, if the guest can't handle this interrupt properly,
fatal error may happen.
The NMI can be used as the notification signal to kick the vCPU off VMX
non-root mode for lapic-pt vCPUs. So, this patch uses NMI as notification signal
to address the above issues for lapic-pt vCPUs.
Tracked-On: #3886
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Reserved bits in a 8-bit PAT field has been checked in pat_mem_type_invalid.
Remove this redundant check "(PAT_FIELD_RSV_BITS & field) != 0UL" in
write_pat_msr.
Tracked-On: #1842
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
This patch adds a helper function send_single_nmi. The fisrt caller
will soon come with the following patch.
Tracked-On: #3886
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
This patch installs a NMI handler in acrn IDT to handle
NMIs out of dispatch_exception.
Tracked-On: #3886
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
In current architecutre, the maximum vCPUs number per VM could not
exceed the pCPUs number. Given the MAX_PCPU_NUM macro is provided
in board configurations, so remove the MAX_VCPUS_PER_VM from Kconfig
and add a macro of MAX_VCPUS_PER_VM to reference MAX_PCPU_NUM directly.
Tracked-On: #4230
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
rename the macro since MAX_PCPU_NUM could be parsed from board file and
it is not a configurable item anymore.
Tracked-On: #4230
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove 'guest_init_pml4' and 'tmp_pg_array' in vm_arch
since they are not used.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Add yield support for schedule, which can give up pcpu proactively.
Tracked-On: #4178
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IO sensitive Round-robin scheduler aim to schedule threads with
round-robin policy. Meanwhile, we also enhance it with some fairness
configuration, such as thread will be scheduled out without properly
timeslice. IO request on thread will be handled in high priority.
This patch only add a skeleton for the sched_iorr scheduler.
Tracked-On: #4178
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
On some platforms, HPA regions for Virtual Machine can not be
contiguous because of E820 reserved type or PCI hole. In such
cases, pre-launched VMs need to be assigned non-contiguous memory
regions and this patch addresses it.
To keep things simple, current design has the following assumptions,
1. HPA2 always will be placed after HPA1
2. HPA1 and HPA2 don’t share a single ve820 entry.
(Create multiple entries if needed but not shared)
3. Only support 2 non-contiguous HPA regions (can extend
at a later point for multiple non-contiguous HPA)
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Tracked-On: #4195
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. disable physical MSI before writing the virtual MSI CFG space
2. do the remap_vmsi if the guest wants to enable MSI or update MSI address or data
3. disable INTx and enable MSI after step 2.
The previous Message Control check depends on the guest write MSI Message Control
Register at the offset of Message Control Register. However, the guest could access
this register at the offset of MSI Capability ID register. This patch remove this
constraint. Also, The previous implementation didn't really disable MSI when guest
wanted to disable MSI.
Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
With cpu-sharing enabled, there are more than 1 vcpu on 1 pcpu, so the
smp_call handler should switch the vmcs to the target vcpu's vmcs. Then
get the info.
dump_vcpu_reg and dump_guest_mem should run on certain vmcs, otherwise,
there will be #GP error.
Renaming:
vcpu_dumpreg -> dump_vcpu_reg
switch_vmcs -> load_vmcs
Tracked-On: #4178
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Deterministic is important for RTVM. The mitigation for MCE on
Page Size Change converts a large page to 4KB pages runtimely during
the vmexit triggered by the instruction fetch in the large page.
These vmexits increase nondeterminacy, which should be avoided for RTVM.
This patch builds 4KB page mapping in EPT for RTVM to avoid these vmexits.
Tracked-On: #4101
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Only apply the software workaround on the models that might be
affected by MCE on page size change. For these models that are
known immune to the issue, the mitigation is turned off.
Atom processors are not afftected by the issue.
Also check the CPUID & MSR to check whether the model is immune to the issue:
CPU is not vulnerable when both CPUID.(EAX=07H,ECX=0H).EDX[29] and
IA32_ARCH_CAPABILITIES[IF_PSCHANGE_MC_NO] are 1.
Other cases not listed above, CPU may be vulnerable.
This patch also changes MACROs for MSR IA32_ARCH_CAPABILITIES bits to UL instead of U
since the MSR is 64bit.
Tracked-On: #4101
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
After changing init_vmcs to smp call approach and do it before
launch_vcpu, it could work with noop scheduler. On real sharing
scheudler, it has problem.
pcpu0 pcpu1 pcpu1
vmBvcpu0 vmAvcpu1 vmBvcpu1
vmentry
init_vmcs(vmBvcpu1) vmexit->do_init_vmcs
corrupt current vmcs
vmentry fail
launch_vcpu(vmBvcpu1)
This patch mark a event flag when request vmcs init for specific vcpu. When
it is running and checking pending events, will do init_vmcs firstly.
Tracked-On: #4178
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The default PCI mmcfg base is stored in ACPI MCFG table, when
CONFIG_ACPI_PARSE_ENABLED is set, acpi_fixup() function will
parse and fix up the platform mmcfg base in ACRN boot stage;
when it is not set, platform mmcfg base will be initialized to
DEFAULT_PCI_MMCFG_BASE which generated by acrn-config tool;
Please note we will not support platform which has multiple PCI
segment groups.
Tracked-On: #4157
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
xsave area:
legacy region: 512 bytes
xsave header: 64 bytes
extended region: < 3k bytes
So, pre-allocate 4k area for xsave. Use certain instruction to save or
restore the area according to hardware xsave feature set.
Tracked-On: #4166
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ptirq_msix_remap doesn't do the real remap, that's the vmsi_remap and vmsix_remap_entry
does. ptirq_msix_remap only did the preparation.
Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Major changes:
1. Correct handling of device multi-function capability
We only check function zero for this feature. If it has it, we continue
looking at all remaining functions, ignoring those with invalid vendors.
The PCI spec says we are not to probe beyond function zero if it does
not exist or indicates it is not a multi-function device.
2a. Walk *ALL* buses in the PCI space, however,
Before walking the PCI hierarchy, post-processed ACPI DMAR info is parsed
and a map is created between all device-scopes across all DRHDs and the
corresponding IOMMU index.
This map is used at the time of walking the PCI hierarchy. If a BDF that
ACRN is currently working on, is found in the above-mentioned map, the
BDF device is mapped to the corresponding DRHD in the map.
If the BDF were a bridge type, realized with "Header Type" in config space,
the BDF device along with all its downstream devices are mapped to the
corresponding DRHD in the map.
To avoid walking previously visited buses, we maintain a bitmap that
stores which bus is walked when we handle Bridge type devices.
Once ACPI information is included into ACRN about the PCI-Express Root
Complexes / PCI Host Bridges, we can avoid the final loop which probes
all remainder buses, and instead jump to the next Host Bridge bus.
From prior patches, init_pdev returns the pdev structure it created to
the caller. This allows us to complete initialization by updating its
drhd_idx to the correct DRHD.
Tracked-On: #4134
Signed-off-by: Alexander Merritt <alex.merritt@intel.com>
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
We add new member pci_pdev.drhd_idx associating the DRHD
(IOMMU) with this pdev, and a method to convert a pbdf of a device to
this index by searching the pdev list.
Partial patch: drhd_index initialization handled in subsequent patch.
Tracked-On: #4134
Signed-off-by: Alexander Merritt <alex.merritt@intel.com>
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Add some encapsulation of utilities which read PCI header space using
wrapper functions. Also contain verification of PCI vendor to its own
function, rather than having hard-coded integrals exposed among other
code.
Tracked-On: #4134
Signed-off-by: Alexander Merritt <alex.merritt@intel.com>
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
add shell command to support dump dump guest memory
e.g.
dump_guest_mem vm_id, gva, length
Tracked-On: #4144
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The current code declare pci_bar structure following the PCI bar spec. However,
we could not tell whether the value in virtual BAR configuration space is valid
base address base on current pci_bar structure. We need to add more fields which
are duplicated instances of the vBAR information. Basides these fields which will
added, bar_base_mapped is another duplicated instance of the vBAR information.
This patch try to reshuffle the pci_bar structure to declare pci_bar structure
following the software implement benefit not the PCI bar spec.
Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
In 64-bit mode, processor pushes SS and RSP onto stack unconditionally.
Also when dumping the exception info, it makes more sense to dump
the RSP at the point of interrupt, rather than the RSP after pushing
context (including GPRs)
Tracked-On: #4102
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Issue description:
-----------------
Machine Check Error on Page Size Change
Instruction fetch may cause machine check error if page size
and memory type was changed without invalidation on some
processors[1][2]. Malicious guest kernel could trigger this issue.
This issue applies to both primary page table and extended page
tables (EPT), however the primary page table is controlled by
hypervisor only. This patch mitigates the situation in EPT.
Mitigation details:
------------------
Implement non-execute huge pages in EPT.
This patch series clears the execute permission (bit 2) in the
EPT entries for large pages. When EPT violation is triggered by
guest instruction fetch, hypervisor converts the large page to
smaller 4 KB pages and restore the execute permission, and then
re-execute the guest instruction.
The current patch turns on the mitigation by default.
The follow-up patches will conditionally turn on/off the feature
per processor model.
[1] Refer to erratum KBL002 in "7th Generation Intel Processor
Family and 8th Generation Intel Processor Family for U Quad Core
Platforms Specification Update"
https://www.intel.com/content/dam/www/public/us/en/documents/specification-updates/7th-gen-core-family-spec-update.pdf
[2] Refer to erratum SKL002 in "6th Generation Intel Processor
Family Specification Update"
https://www.intel.com/content/www/us/en/products/docs/processors/core/desktop-6th-gen-core-family-spec-update.html
Tracked-On: #4101
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
MISRA C requires specified bounds for arrays declaration, previous declaration
of platform_clos_array in board.h does not meet the requirement.
Tracked-On: #3987
Signed-off-by: Victor Sun <victor.sun@intel.com>
The DMAR info is board specific so move the structure definition to board.c.
As a configruation file, the whole board.c could be generated by acrn-config
tool for each board.
Please note we only provide DMAR info MACROs for nuc7i7dnb board. For other
boards, ACPI_PARSE_ENABLED must be set to y in Kconfig to let hypervisor parse
DMAR info, or use acrn-config tool to generate DMAR info MACROs if user won't
enable ACPI parse code for FuSa consideration.
The patch also moves the function of get_dmar_info() to vtd.c, so dmar_info.c
could be removed.
Tracked-On: #3977
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The value of CONFIG_MAX_IOMMU and MAX_DRHDS are identical to DRHD_COUNT
which defined in platform ACPI table, so remove CONFIG_MAX_IOMMU_NUM
from Kconfig and link these three MACROs together.
Tracked-On: #3977
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now the e820 structure store ACRN HV memory layout, not the physical memory layout.
Rename e820 to hv_hv_e820 to show this explicitly.
Tracked-On: #4007
Signed-off-by: Li Fei1 <fei1.li@intel.com>
After adding PCI BAR remap support, mmio_node may unregister when there's others
access it. This patch add a lock to protect mmio_node access.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Concurrent access on PCI device may happened if UOS try to access PCI configuration
space on different vCPUs through IO port. This patch just adds a global PCI lock for
each VM to prevent the concurrent access.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Refine PCI CONFIG_ADDRESS Register definition as its physical layout.
In this case, we could read/write PCI CONFIG_ADDRESS Register atomically.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Since guest could re-program PCI device MSI-X table BAR, we should add mmio
emulation handler unregister.
However, after add unregister_mmio_emulation_handler API, emul_mmio_regions
is no longer accurate. Just replace it with max_emul_mmio_regions which records
the max index of the emul_mmio_node.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
In theory, guest could re-program PCI BAR address to any address. However, ACRN
hypervisor only support [0, top_address_space) EPT memory mapping. So we need to
check whether the PCI BAR re-program address is within this scope.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
kick means to notify one thread_object. If the target thread object is
running, send a IPI to notify it; if the target thread object is
runnable, make reschedule on it.
Also add kick_vcpu API in vcpu layer to notify vcpu.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
After moving softirq to following interrupt path, softirq handler might
break in the schedule spinlock context and try to grab the lock again,
then deadlock.
Disable interrupt with schedule spinlock context.
For the IRQ disable/restore operations:
CPU_INT_ALL_DISABLE(&rflag)
CPU_INT_ALL_RESTORE(rflag)
each takes 50~60 cycles.
renaming: get_schedule_lock -> obtain_schedule_lock
Tracked-On: #3813
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch decouple some scheduling logic and abstract into a scheduler.
Then we have scheduler, schedule framework. From modulization
perspective, schedule framework provides some APIs for other layers to
use, also interact with scheduler through scheduler interaces.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
To get pcpu_id from sched_control quickly and easier.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
- The default behaviors of PIO & MMIO handlers are same
for all VMs, no need to expose dedicated APIs to register
default hanlders for SOS and prelaunched VM.
Tracked-On: #3904
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Currently the parameter of init_ept_mem_ops is
'struct acrn_vm *vm' for this api,change it to
'struct memory_ops *mem_ops' and 'vm_id' to avoid
the reversed dependency, page.c is hardware layer and vm structure
is its upper-layer stuff.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Let init thread end with run_idle_thread(), then idle thread take over and
start to do scheduling.
Change enter_guest_mode() to init_guest_mode() as run_idle_thread() is removed
out of it. Also add run_thread() in schedule module to run
thread_object's thread loop directly.
rename: switch_to_idle -> run_idle_thread
Tracked-On: #3813
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
sleep one thread_object means to prevent it from being scheduled.
wake one thread_object is an opposite operation of sleep.
This patch also add notify_mode in thread_object to indicate how to
deliver the request.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now, we have three valid status for thread_object:
THREAD_STS_RUNNING,
THREAD_STS_RUNNABLE,
THREAD_STS_BLOCKED.
This patch also provide several helpers to check the thread's status and
a status set wrapper function.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
schedule infrastructure is per pcpu, so move its initialization to each
pcpu's initialization.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
To support cpu sharing, multiple vcpu can run on same pcpu. We need do
necessary vcpu context switch. This patch add below actions in context
switch.
1) fxsave/fxrstor;
2) save/restore MSRs: MSR_IA32_STAR, MSR_IA32_LSTAR,
MSR_IA32_FMASK, MSR_IA32_KERNEL_GS_BASE;
3) switch vmcs.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
With cpu sharing enabled, per_cpu vcpu cannot work properly as we might
has multiple vcpus running on one pcpu.
Add a schedule API sched_get_current to get current thread_object on
specific pcpu, also add a vcpu API get_running_vcpu to get corresponding
vcpu of the thread_object.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
With cpu sharing enabled, we will map acrn_vcpu to thread_object
in scheduling. From modulization perspective, we'd better hide the
pcpu_id in acrn_vcpu and move it to thread_object.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Two time related synthetic MSRs are implemented in this patch. Both of
them are partition wide MSR.
- HV_X64_MSR_TIME_REF_COUNT is read only and it is used to return the
partition's reference counter value in 100ns units.
- HV_X64_MSR_REFERENCE_TSC is used to set/get the reference TSC page,
a sequence number, an offset and a multiplier are defined in this
page by hypervisor and guest OS can use them to calculate the
normalized reference time since partition creation, in 100ns units.
Tracked-On: #3831
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch implements the minimum set of TLFS functionality. It
includes 6 vCPUID leaves and 3 vMSRs.
- 0x40000001 Hypervisor Vendor-Neutral Interface Identification
- 0x40000002 Hypervisor System Identity
- 0x40000003 Hypervisor Feature Identification
- 0x40000004 Implementation Recommendations
- 0x40000005 Hypervisor Implementation Limits
- 0x40000006 Implementation Hardware Features
- HV_X64_MSR_GUEST_OS_ID Reporting the guest OS identity
- HV_X64_MSR_HYPERCALL Establishing the hypercall interface
- HV_X64_MSR_VP_INDEX Retrieve the vCPU ID from hypervisor
Tracked-On: #3832
Signed-off-by: wenwumax <wenwux.ma@intel.com>
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Currently we are using a 1:1 mapping logic for pcpu:vcpu. So don't need
a runqueue for it. Removing it as preparation work to abstract scheduler
framework.
Tracked-On: #3813
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
PRMRR related MSRs need to be configured by platform BIOS / bootloader.
These settings are not allowed to be changed by guest.
VMs currently have no requirement to access these MSRs even when vSGX is enabled.
So, this patch disables PRMRR related MSRs in VM.
Tracked-On: #3739
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
--remove unnecessary includes
--remove unnecssary forward-declaration for 'struct vhm_request'
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
The MSI Message Address and Message Data have no valid data after Power-ON. So
there's no need to initialize them by reading the data from physical PCI configuration
space.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
- update the function argument type to union
Declaring argument as pointer is not necessary since it
only does the comparison.
Tracked-On: #1842
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
As we introduced vcpu_affinity[] to assign vcpus to different pcpus, the
old policy and functions are not needed. Remove them.
Tracked-On: #3663
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add this vcpu_affinity[] for each VM to indicate the assignment policy.
With it, pcpu_bitmap is not needed, so remove it from vm_config.
Instead, vcpu_affinity is a must for each VM.
This patch also add some sanitize check of vcpu_affinity[]. Here are
some rules:
1) only one bit can be set for each vcpu_affinity of vcpu.
2) two vcpus in same VM cannot be set with same vcpu_affinity.
3) vcpu_affinity cannot be set to the pcpu which used by pre-launched VM.
v4: config SDC with CONFIG_MAX_KATA_VM_NUM
v5: config SDC with CONFIG_MAX_PCPU_NUM
Tracked-On: #3663
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
There is plan that define each VM configuration statically in HV and let
DM just do VM creating and destroying. So DM need get vcpu_num
information when VM creating.
This patch return the vcpu_num via the API param. And also initial the
VMs' cpu_num for existing scenarios.
Tracked-On: #3663
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Sometimes we need know the number of 1 in one bitmap. This patch provide
a inline function bitmap_weight for it.
Tracked-On: #3663
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now, we create vcpus while VM being created in hypervisor. The
create vcpu hypercall will not be used any more. For compatbility,
keep the hypercall HC_CREATE_VCPU do nothing.
v4: Don't remove HC_CREATE_VCPU hypercall, let it do nothing.
Tracked-On: #3663
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
it will panic if phys_cpu_num > CONFIG_MAX_PCPU_NUM
during init_pcpu_pre,after that no need to check it again.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Initialize vBAR configure space when doing vPCI BAR initialization. At this time,
we access the physical device as we needs, no need to cache physical PCI device
BAR information beforehand.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
TSC would be reset to 0 when enter suspend state on some platform.
This will fail the secure timer checking in secure world because
secure world leverage the TSC as source of secure timer which should
be increased monotonously.
This patch save/restore TSC in host suspend/resume path to guarantee
the mono increasing TSC.
Note: There should no timer setup before TSC resumed.
Tracked-On: #3697
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now the structures(run_context & ext_context) are defined
in vcpu.h,and they are used in the lower-layer modules(wakeup.S),
this patch move down the structures from vcpu.h to cpu.h
to avoid reversed dependency.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now the structures(union source & struct intr_source) are defined
in ptdev.h,they are used in vtd.c and assign.c,
vtd is the hardware layer and ptdev is the upper-layer module
from the modularization perspective, this patch move down
these structures to avoid reversed dependency.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Using per_cpu list to record ptdev interrupts is more reasonable than
recording them per-vm. It makes dispatching such interrupts more easier
as we now do it in softirq which happens following interrupt context of
each pcpu.
Tracked-On: #3663
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
From modulization perspective, it's not suitable to put pcpu and vm
related request operations in schedule. So move them to pcpu and vm
module respectively. Also change need_offline return value to bool.
Tracked-On: #3663
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Now, we have assumption that SOS control whether the platform
should enter S5 or not. So when SOS tries enter S5, we just
forward the S5 request to native port which make sure platform
S5 is totally aligned with SOS S5.
With higher serverity guest introduced,this assumption is not
true any more. We need to extend the platform S5 process to
handle higher severity guest:
- For DM launched RTVM, we need to make sure these guests
is off before put the whole platfrom to S5.
- For pre-launched VM, there are two cases:
* if os running in it support S5, we wait for guests off.
* if os running in it doesn't support S5, we expect it
will invoke one hypercall to notify HV to shutdown it.
NOTE: this case is not supported yet. Will add it in the
future.
Tracked-On: #3564
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
PCI BAR physical base address will never changed. Cache it to avoid calculating
it every time when we access it.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
pcpu_active_bitmap was read continuously in wait_pcpus_offline(),
acrn_vcpu->running was read continuously in pause_vcpu(),
add volatile keyword to ensure that such accesses are not
optimised away by the complier.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
change the input parameter from vcpu to eptp in order to let this api
more generic, no need to care normal world or secure world.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Currently, the clos id of the cpu cores in vmx root mode is the same as non-root mode.
For RTVM, if hypervisor share the same clos id with non-root mode, the cacheline may
be polluted due to the hypervisor code execution when vmexit.
The patch adds hv_clos in vm_configurations.c
Hypervisor initializes clos setting according to hv_clos during physical cpu cores initialization.
For RTVM, MSR auto load/store areas are used to switch different settings for VMX root/non-root
mode for RTVM.
Tracked-On: #2462
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
-- remove some unnecessary includes
-- fix a typo
-- remove unnecessary void before launch_vms
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
ACRN HV is designed/implemented with "invariant TSC" capability, which wasn't checked at boot time.
This commit adds the "invairant TSC" detection, ACRN fails to boot if there wasn't "invariant TSC" capability.
Tracked-On: #3636
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now that ACPI is enabled for pre-launched VMs, we can remove all mptable code.
Tracked-On: #3601
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Statically define the per vm RSDP/XSDT/MADT ACPI template tables in vacpi.c,
RSDP/XSDT tables are copied to guest physical memory after checksum is
calculated. For MADT table, first fix up process id/lapic id in its lapic
subtable, then the MADT table's checksum is calculated before it is copies to
guest physical memory.
Add 8-bit checksum function in util.h
Tracked-On: #3601
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Move 8-bit sum code to a separate new function calculate_sum8() in
util.h and replace the old code with a call to calculate_sum8()
Minor code cleanup in found_rsdp() to make it more readable. Both break and
continue statements are used in a single for loop, changed to only use break
statement to make the logic simpler.
Fixed some coding style issues reported by checkpatch.pl for file
hypervisor/boot/acpi_base.c
Tracked-On: #3601
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
EPT tables are shared by MMU and IOMMU.
Some IOMMUs don't support page-walk coherency, the cpu cache of EPT entires
should be flushed to memory after modifications, so that the modifications
are visible to the IOMMUs.
This patch adds a new interface to flush the cache of modified EPT entires.
There are different implementations for EPT/PPT entries:
- For PPT, there is no need to flush the cpu cache after update.
- For EPT, need to call iommu_flush_cache to make the modifications visible
to IOMMUs.
Tracked-On: #3607
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
VT-d shares the EPT tables as the second level translation tables.
For the IOMMUs that don't support page-walk coherecy, cpu cache should
be flushed for the IOMMU EPT entries that are modified.
For the current implementation, EPT tables for translating from GPA to HPA
for EPT/IOMMU are not modified after VM is created, so cpu cache invlidation is
done once per VM before starting execution of VM.
However, this may be changed, runtime EPT modification is possible.
When cpu cache of EPT entries is invalidated when modification, there is no need
invalidate cpu cache globally per VM.
This patch exports iommu_flush_cache for EPT entry cache invlidation operations.
- IOMMUs share the same copy of EPT table, cpu cache should be flushed if any of
the IOMMU active doesn't support page-walk coherency.
- In the context of ACRN, GPA to HPA mapping relationship is not changed after
VM created, skip flushing iotlb to avoid potential performance penalty.
Tracked-On: #3607
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
-- move 'RFLAGS_AC' to cpu.h
-- move 'VMX_SUPPORT_UNRESTRICTED_GUEST' to msr.h
and rename it to 'MSR_IA32_MISC_UNRESTRICTED_GUEST'
-- move 'get_vcpu_mode' to vcpu.h
-- remove deadcode 'vmx_eoi_exit()'
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move some data structures and APIs related host reset
from vm_reset.c to pm.c, these are not related with guest.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Now, we use native gdt saved in boot context for guest and assume
it could be put to same address of guest. But it may not be true
after the pre-launched VM is introduced. The gdt for guest could
be overwritten by guest images.
This patch make 32bit protect mode boot not use saved boot context.
Insteadly, we use predefined vcpu_regs value for protect guest to
initialize the guest bsp registers and copy pre-defined gdt table
to a safe place of guest memory to avoid gdt table overwritten by
guest images.
Tracked-On: #3532
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently, 'flags' is defined and set but never be used
in the flow of handling i/o request after then.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the definition of port i/o handler, struct acrn_vm * pointer
is redundant as input, as context of acrn_vm is aleady linked
in struct acrn_vcpu * by vcpu->vm, 'vm' is not required as input.
this patch removes argument '*vm' from 'io_read_fn_t' &
'io_write_fn_t', use '*vcpu' for them instead.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
fix violations touched below:
1.Cast operation on a constant value
2.signed/unsigned implicity conversion
3.return value unused.
V1->V2:
1.bitmap api will return boolean type, not need to check "!= 0", deleted.
2.The behaves ~(uint32_t)X and (uint32_t)~X are not defined in ACRN hypervisor Coding Guidelines,
removed the change of it.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
This patch moves vmx_rdmsr_pat/vmx_wrmsr_pat from vmcs.c to vmsr.c,
so that these two functions would become internal functions inside
vmsr.c.
This approach improves the modularity.
v1 -> v2:
* remove 'vmx_rdmsr_pat'
* rename 'vmx_wrmsr_pat' with 'write_pat_msr'
Tracked-On: #1842
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
When assgined a PCI PTDev to post-launched VM from SOS, using a pointer to point to
the real struct pci_vdev. When post-launched VM access its PTDev configure space in
SOS address space, using this real struct pci_vdev.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Add a field (vdev_ops) in struct acrn_vm_pci_dev_config to configure a PCI CFG
operation for an emulated PCI device. Use pci_pt_dev_ops for PCI_DEV_TYPE_PTDEV
by default if there's no such configure.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add emulated PCI device configure for SOS to prepare for add support for customizing
special pci operations for each emulated PCI device.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Now almost the vPCI device information could be obtain from PCI device configure
in VM configure. init_vdevs could make things more easier.
And rename init_vdevs to vpci_init_vdevs, init_vdev to vpci_init_vdevs to avoid
MISRA-C violations.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Dongsheng Zhang <dongsheng.x.zhang@intel.com>
Align SOS pci device configure with pre-launched VM and filter pre-launched VM's
PCI PT device from SOS pci device configure.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
pci_dev_config in VM configure stores all the PCI devices for a VM. Besides PT
devices, there're other type devices, like virtual host bridge. So rename ptdev
to pci_dev for these configure.
Tracked-On: #3475
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In some case, guest need to get more information under virtual environment,
like guest capabilities. Basically this could be done by hypercalls, but
hypercalls are designed for trusted VM/SOS VM, We need a machenism to report
these information for normal VMs. In this patch, vCPUID leaf 0x40000001 will
be used to satisfy this needs that report some extended information for guest
by CPUID.
Tracked-On: #3498
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently the Px Cx supported SoCs which listed in cpu_state_tbl.c is limited,
and it is not a wise option to build a huge state table data base to support
Px/Cx for other SoCs. This patch give a alternative solution that build a board
specific cpu state table in board.c which could be auto-generated by offline
tool, then the CPU Px/Cx of customer board could be enabled;
Hypervisor will search the cpu state table in cpu_state_tbl[] first, if not
found then go check board_cpu_state_tbl. If no matched cpu state table is found
then Px/Cx will not be supported;
Tracked-On: #3477
Signed-off-by: Victor Sun <victor.sun@intel.com>
After "commit f0e1c5e init vcpu host stack when reset vcpu", SOS resume form S3
wants to schedule to vcpu_thread not the point where SOS enter S3. So we should
schedule to idel first then reschedule to execute vcpu_thread.
Tracked-On: #3387
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Based on SDM Vol2 the monitor uses the RAX register to setup the address
monitored by HW. The mwait uses the rax/rcx as the hints that the process
will enter. It is incorrect that the same value is used for monitor/mwait.
The ecx in mwait specifies the optional externsions.
At the same time it needs to check whether the the value of monitored addr
is already expected before entering mwait. Otherwise it will have possible
lockup.
V1->V2: Add the asm wrappper of monitor/mwait to avoid the mixed usage of
inline assembly in wait_sync_change
v2-v3: Remove the unnecessary line break in asm_monitor/asm_mwait.
Follow Fei's comment to remove the mwait ecx hint setting that
treats the interrupt as break event. It only needs to check whether the
value of psync_change is already expected.
Tracked-On: #3442
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
When need hpa and hva translation before init_paging, we need hpa2hva_early and
hva2hpa_early since init_paging may modify hva2hpa to not be identical mapping.
Tracked-On: #2987
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Enable uart as early as possible to make things easier for debugging.
After this we could use printf to output information to the uart. As for
pr_xxx APIs, they start to work when init_logmsg is called.
Tracked-On: #2987
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
This is a followup patch to fix the coding style issue introduced
in by commit "c2d25aafb889ade954af8795df2405a94024d860":
The unmodified pointer should be defined as const
Also addressed one comments from Fei to use reversed function call
in vpci_init_pt_dev and vpci_deinit_pt_dev.
Tracked-On: #3241
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
softirq shouldn't be bounded to vcpu thread. One issue for this
is shell (based on timer) can't work if we don't start any guest.
This change also is trying best to make softirq handler running
with irq enabled.
Also update the irq disable/enabel in vmexit handler to align
with the usage in vcpu_thread.
Tracked-On: #3387
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit adds ops to vlapic structure, and add an *ops parameter to vlapic_reset().
At vlapic reset, the ops is set to the global apicv_ops, and may be assigned
to other ops later.
Tracked-On: #3227
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
When initialize secondary pcpu, pass INVALID_CPU_ID as param of init_pcpu_pre()
looks weird, so change the param type to bool to represent whether the pcpu is
a BSP or AP.
Tracked-On: #3420
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In x86 architecture, word/doubleword/quadword aligned read/write on its boundary
is atomic, so we may remove atomic load/store.
As for atomic set/clear, use bitmap_set/claer seems more reasonable. After replace
them all, we could remove them too.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
vCPU schedule state change is under schedule lock protection. So there's no need
to be atomic.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN Coding guidelines requires type conversion shall be explicity. However,
there's no need for this case since we could return bool directly.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now sched_object and sched_context are protected by scheduler_lock. There's no
chance to use runqueue_lock to protect schedule runqueue if we have no plan to
support schedule migration.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
And use vhostbridge for both SOS and pre-launched VM.
Tracked-On: #3241
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It will be used to define pci vdev own ops. And high level API
will call this ops intead of invoking device specific functions
directly.
Tracked-On: #3241
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In current design, devicemodel passes VM UUID to create VMs and hypervisor
would check the UUID whether it is matched with the one in VM configurations.
Kata container would maintain few UUIDs to let ACRN launch the VM, so
hypervisor need to add these UUIDs in VM configurations for Kata running.
In the hypercall of hcall_get_platform_info(), hypervisor will report the
maximum Kata container number it will support. The patch will add a Kconfig
to indicate the maximum Kata container number that SOS could support.
In current stage, only one Kata container is supported by SOS on SDC scenario
so add one UUID for Kata container in SDC VM configuration. If we want to
support Kata on other scenarios in the future, we could follow the example
of this patch;
Tracked-On: #3402
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN Coding guidelines requires two different types pointer can't
convert to each other, except void *.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN Coding guidelines requires two different types pointer can't
convert to each other, except void *.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
ACRN Coding guidelines requires type conversion shall be explicity.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In almost case, vLAPIC will only be accessed by the related vCPU. There's no
synchronization issue in this case. However, other vCPUs could deliver interrupts
to the current vCPU, in this case, the IRR (for APICv base situation) or PIR
(for APICv advanced situation) and TMR for both cases could be accessed by more
than one vCPUS simultaneously. So operations on IRR or PIR should be atomical
and visible to other vCPUs immediately. In another case, vLAPIC could be accessed
by another vCPU when create vCPU or reset vCPU which could be supposed to be
consequently.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
In spite of vhm_req status could be updated in HV and DM on different CPUs, they
only change vhm_req status when they detect vhm_req status has been updated by
each other. So vhm_req status will not been misconfigured. However, before HV
sets vhm_req status to REQ_STATE_PENDING, vhm_req buffer filling should be visible
to DM. Add a write memory barrier to guarantee this.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Hypervisor exposes mitigation technique for Speculative
Store Bypass(SSB) to guests and allows a guest to determine
whether to enable SSBD mitigation by providing direct guest
access to IA32_SPEC_CTRL.
Before that, hypervisor should check the SSB mitigation support
on underlying processor, this patch is to add this capability check.
Tracked-On: #3385
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
ACRN Coding guidelines requires parameters need to add const prefix when the
parameter is not modified in its function or recursion function call.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
cancel_event_injection is not need any more if we do 'scheudle' prior to
acrn_handle_pending_request. Commit "921288a6672: hv: fix interrupt
lost when do acrn_handle_pending_request twice" bring 'schedule'
forward, so remove cancel_event_injection related stuff.
Tracked-On: #3374
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
ACRN Coding guidelines requires no dead code.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Microarchitectural Data Sampling (MDS) is a hardware vulnerability
which allows unprivileged speculative access to data which is available
in various CPU internal buffers.
1. Mitigation on ACRN:
1) Microcode update is required.
2) Clear CPU internal buffers (store buffer, load buffer and
load port) if current CPU is affected by MDS, when VM entry
to avoid any information leakage to guest thru above buffers.
3) Mitigation is not needed if ARCH_CAP_MDS_NO bit (bit5)
is set in IA32_ARCH_CAPABILITIES MSR (10AH), in this case,
current processor is no affected by MDS vulnerability, in other
cases mitigation for MDS is required.
2. Methods to clear CPU buffers (microcode update is required):
1) L1D cache flush
2) VERW instruction
Either of above operations will trigger clearing all
CPU internal buffers if this CPU is affected by MDS.
Above mechnism is enumerated by:
CPUID.(EAX=7H, ECX=0):EDX[MD_CLEAR=10].
3. Mitigation details on ACRN:
if (processor is affected by MDS)
if (processor is not affected by L1TF OR
L1D flush is not launched on VM Entry)
execute VERW instruction when VM entry.
endif
endif
4. Referrence:
Deep Dive: Intel Analysis of Microarchitectural Data Sampling
https://software.intel.com/security-software-guidance/insights/
deep-dive-intel-analysis-microarchitectural-data-sampling
Deep Dive: CPUID Enumeration and Architectural MSRs
https://software.intel.com/security-software-guidance/insights/
deep-dive-cpuid-enumeration-and-architectural-msrs
Tracked-On: #3317
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Reviewed-by: Jason CJ Chen <jason.cj.chen@intel.com>
ACRN hypervisor always print CPU microcode update
warning message on KBL NUC platform, even after
BIOS was updated to the latest.
'check_cpu_security_cap()' returns false if
no ARCH_CAPABILITIES MSR support on current platform,
but this MSR may not be available on some platforms.
This patch is to remove this pre-condition.
Tracked-On: #3317
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Jason CJ Chen <jason.cj.chen@intel.com>
Rename vbdf to bdf for the following reasons:
Use the same coding style as struct pci_pdev, as pci_pdev uses bdf instead of pbdf
pci_vdev implies the its bdf is virtual, no need to prefix bdf with the v
prefix (redundant)
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Enable 64-bit bar emulation, if pbar is of type PCIBAR_MEM64, vbar will also be
of type PCIBAR_MEM64 instead of PCIBAR_MEM32
With 64-bit bar emulation code in place, we can remove enum pci_bar_type type
from struct pci_bar as bar type can be derived from struct pci_bar's reg member
by using the pci_get_bar_type function
Rename functions:
pci_base_from_size_mask --> git_size_masked_bar_base
Remove unused functions
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
The current implement will trigger shutdown vm request on the BSP VCPU on the VM,
not the VCPU will trap out because triple fault. However, if the BSP VCPU on the VM
is handling another IO emulation, it may overwrite the triple fault IO request on
the vhm_request_buffer in function acrn_insert_request. The atomic operation of
get_vhm_req_state can't guarantee the vhm_request_buffer will not access by another
IO request if it is not running on the corresponding VCPU. So it should trigger
triple fault shutdown VM IO request on the VCPU which trap out because of triple
fault exception.
Besides, rt_vm_pm1a_io_write will do the right thing which we shouldn't do it in
triple_fault_shutdown_vm.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Since spinlock ptdev_lock is used to protect ptdev entry, there's no need to
use atomic operation to protect ptdev active flag in split of it's wrong used
to protect ptdev entry. And refine active flag data type to bool.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
According to SDM, bit N (physical address width) to bit 63 should be masked when calculate
host page frame number.
Currently, hypervisor doesn't set any of these bits, so gpa2hpa can work as expectd.
However, any of these bit set, gpa2hpa return wrong value.
Hypervisor never sets bit N to bit 51 (reserved bits), for simplicity, just mask bit 52 to bit 63.
Tracked-On: #3352
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Create 2 functions from code:
pci_base_from_size_mask
vdev_pt_remap_mem_vbar
Use vbar in place of vdev->bar[idx] by setting vbar to &vdev->bar[idx]
Change base to uint64_t to accommodate 64-bit MMIO bar size masking in
subsequent commits
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
At this point, uint64_t base in struct pci_bar is not used by any code, so we
can remove it.
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Define/Use variable in place of code to improve readability:
Define new local variable struct pci_bar *vbar, and use vbar-> in place of vdev->bar[idx].
Define new local variable uint64_t vbar_base in init_vdev_pt
Rename uint64_t vbar[PCI_BAR_COUNT] of struct acrn_vm_pci_ptdev_config to uint64_t vbar_base[PCI_BAR_COUNT]
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
To remember the previously mapped/registered vbar base
For the following reasons:
register_mmio_emulation_handler() will throw an error if the the same addr_lo is
alreayd registered before
We are going to remove the base member from struct pci_bar, so we cannot use vdev->bar[idx].base
in the code any more
In subsequent commits, we will assume vdev_pt_remap_generic_mem_vbar() is called after a new
vbar base is set, mainly because of 64-bit mmio bar handling, so we need a
separate bar_base_mapped[] array to track the previously mapped vbar bases.
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
vcpu is never scan because of scan tool will be crashed!
After modulization, the vcpu can be scaned by the scan tool.
Clean up the violations in vcpu.c.
Fix the violations:
1.No brackets to then/else.
2.Function return value not checked.
3.Signed/unsigned coversion without cast.
V1->V2:
change the type of "vcpu->arch.irq_window_enabled" to bool.
V2->V3:
add "void *" prefix on the 1st parameter of memset.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The sbuf is allocated for each pcpu by hypercall from SOS. Before launch
Guest OS, the script will offline cpus, which will trigger vcpu reset and
then reset sbuf pointer. But sbuf only initiate once by SOS, so these
cpus for Guest OS has no sbuf to use. Thus, when run 'acrntrace' on SOS,
there is no trace data for Guest OS.
To fix the issue, only reset the sbuf for SOS.
Tracked-On: #3335
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
Use nr_bars instead of PCI_BAR_COUNT to check bar access offset.
As while normal pci device has max 6 bars, pci bridge only has 2 bars,
so for pci normal pci device, pci cfg offsets 0x10-0x24 are for bar access,
but for pci bridge, only 0x10-0x14 are for bar access (0x18-0x24 are
for other accesses).
Rename function:
pci_bar_access --> is_bar_offset
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
nr_bars in struct pci_pdev is used to store the actual # of bars (
6 for normal pci device and 2 for pci bridge), nr_bars will be used in subsequent
patches
Use uint32_t for bar related variables (bar index, etc) to unify the bar
related code (no casting between uint32_t and uint8_t)
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
union pci_bar uses bit fields and follows the PCI bar spec definition to define the
bar flags portion and base address, this is to keep the same hardware format for vbar
register. The base/type of union pci_bar are still kept to minimize code changes
in one patch, they will be removed in subsequent patches.
define pci_pdev_get_bar_base() function to extract bar base address given a 32-bit raw
bar value
define a utility function pci_get_bar_type() to extract bar types
from raw bar value to simply code, as this function will be used in multiple
places later on: this function can be called on reg->value stored in struct
pci_bar to derive bar type.
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Add get_offset_of_caplist() function to return capability offset based on header type:
For normal pci device and bridge, its capability offset is at offset 0x34
For cardbus, its capability offset is at offset 0x14
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
find_pci_pdev is not used any more, remove it.
Tracked-On: #3241
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The current implement will cache each ISR vector in ISR vector stack and do
ISR vector stack check when updating PPR. However, there is no need to do this
because:
1) We will not touch vlapic->isrvec_stk[0] except doing vlapic_reset:
So we don't need to do vlapic->isrvec_stk[0] check.
2) We only deliver higher priority interrupt from IRR to ISR:
So we don't need to check whether vlapic->isrvec_stk interrupts is always increasing.
3) There're only 15 different priority interrupt, It will not happened that more that
15 interrupts could been delivered to ISR:
So we don't need to check whether vlapic->isrvec_stk_top will larger than
ISRVEC_STK_SIZE which is 16.
This patch try to remove ISR vector stack and use isrv to cache the vector number for
the highest priority bit that is set in the ISR.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Remove couple of run-time ASSERTs in ioapic module by checking for the
number of interrupt pins per IO-APICs against the configured MAX_IOAPIC_LINES
in the initialization flow.
Also remove the need for two MACROs specifying the max. number of
interrupt lines per IO-APIC and add a config item MAX_IOAPIC_LINES for the
same.
Tracked-On: #3299
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The has_rt_vm walk through all VMs to check RT VM flag and if
there is no any RT VM, then return false otherwise return true.
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
The ept_flush_leaf_page API is used to flush address space
from a ept page entry, user can use it to match walk_ept_mr to
flush VM address space.
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The walk_ept_table API is used to walk through EPT table for getting
all of present pages, user can get each page entry and its size
from the walk_ept_table callback.
The get_ept_entry is used to getting EPT pointer of the vm, if current
context of mv is secure world, return secure world EPT pointer, otherwise
return normal world EPT pointer.
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
flush_address_space is used to flush address space by clflushopt instruction.
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
CLFLUSHOPT is used to invalidate from every level of the cache hierarchy
in the cache coherence domain the cache line that contains the linear
address specified with memory operand. If that cache line contains
modified date at any level of the cache hierarchy, that data is written
back to memory.
If the platform does not support CLFLUSHOPT instruction, boot will fail.
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The current implement doesn't clear which access type we support for
APIC-Access VM Exit:
1) linear access for an instruction fetch
-- APIC-access page is mapped as UC which doesn't support fetch
2) linear access (read or write) during event delivery
-- Which is not happened in normal case except the guest went wrong, such as,
set the IDT table in APIC-access page. In this case, we don't need to support.
3) guest-physical access during event delivery;
guest-physical access for an instruction fetch or during instruction execution
-- Do we plan to support enable APIC in real mode ? I don't think so.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Rename MSI-X struct, pci_msix, member from tables to table_entries
Tracked-On: #3265
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch introduces check_vm_vlapic_state API instead of is_lapic_pt_enabled
to check if all the vCPUs of a VM are using x2APIC mode and LAPIC
pass-through is enabled on all of them.
When the VM is in VM_VLAPIC_TRANSITION or VM_VLAPIC_DISABLED state,
following conditions apply.
1) For pass-thru MSI interrupts, interrupt source is not programmed.
2) For DM emulated device MSI interrupts, interrupt is not delivered.
3) For IPIs, it will work only if the sender and destination are both in x2APIC mode.
Tracked-On: #3253
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch introduces vLAPIC state for a VM. The VM vLAPIC state can
be one of the following
* VM_VLAPIC_X2APIC - All the vCPUs/vLAPICs (Except for those in Disabled mode) of this
VM use x2APIC mode
* VM_VLAPIC_XAPIC - All the vCPUs/vLAPICs (Except for those in Disabled mode) of this
VM use xAPIC mode
* VM_VLAPIC_DISABLED - All the vCPUs/vLAPICs of this VM are in Disabled mode
* VM_VLAPIC_TRANSITION - Some of the vCPUs/vLAPICs of this VM (Except for those in Disabled mode)
are in xAPIC and the others in x2APIC
Upon a vCPU updating the IA32_APIC_BASE MSR to switch LAPIC mode, this
API is called to sync the vLAPIC state of the VM. Upon VM creation and reset,
vLAPIC state is set to VM_VLAPIC_XAPIC, as ACRN starts the vCPUs vLAPIC in
XAPIC mode.
Tracked-On: #3253
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
is_xapic_enabled API returns true if vLAPIC is in xAPIC mode. In
all other cases, it returns false.
Tracked-On: #3253
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove static and inline attributes to the API is_x2apic_enabled
and declare a prototype in vlapic.h. Also fix the check performed on guest
APICBASE_MSR value to query vLAPIC mode.
Tracked-On: #3253
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
When the SOS kernel/pre-launched OS access the 0xCF8/0xCFC, it will cause
the vm-exit and then the hypervisor tries to emulate the PCI_cfg access.
0xCF8 write: The bdf/reg is captured. cache_reg = value & (0xFF);
0xCFC-0xCFF read/write: offset = address - 0xCFC. Then cached_reg + offset is
used as the offset to access the pci_cfg.
If the aligned reg is passed in 0xCF8 register, it can work well. But when
the unaligned reg is passed in 0xCF8 register, the cached_reg + offset will cause
that the incorrect pci_cfg offset is accessed. For example:
The cached_reg = 0x02(Device_ID offset) based on the value passed from 0xCF8
offset = 2 based on 0xCFC-0xCFF address.
Then cached_reg + offset is used as the offset(PCI_CMD_REG)
In fact the unaligned reg can work well on the real HW.
So the cached_reg should be aligned to handle the unaligned reg passed in
0xCF8 reg.
Tracked-On: #3249
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
V1:Initial Patch
Modularize vpic. The current patch reduces the usage
of acrn_vm inside the vpic.c file.
Due to the global natire of register_pio_handler, where
acrn_vm is being passed, some usage remains.
These needs to be a separate "interface" file.
That will come in smaller newer patch provided
this patch is accepted.
V2:
Incorporated comments from Jason.
V3:
Fixed some MISRA-C Violations.
Tracked-On: #1842
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
Reviewed-by: Xu, Anthony <anthony.xu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
When the lapic is passthru, vpic and vioapic cannot be used anymore. In
current code, user can still inject vpic interrupt to Guest OS, this is
not allowed.
This patch remove the vpic and vioapic initiate functions during
creating VM with lapic passthru. But the APIs in vpic and vioapic are
called in many places, for these APIs, follow the below principles:
1. For the APIs which will access uninitiated variables, and may case
hypervisor hang, add @pre to make sure user should call them after vpic or
vioapic is initiated.
2. For the APIs which only return some static value, do noting with them.
3. For the APIs which user will called to inject interrupt, such as
vioapic_set_irqline_lock or vpic_set_irqline, add condition in these
APIs to make sure it only inject interrupt when vpic or vioapic is
initiated. This change is to make sure the vuart or hypercall need not
to care whether lapic is passthru or the vpic and vioapic is initiated
or not.
Tracked-On: #3227
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
On SDC scenario, SOS VM id is fixed to 0 so some hypercalls from guest
are using hardcoded "0" to represent SOS VM, this would bring issues
for HYBRID scenario which SOS VM id is non-zero.
Now introducing a new VM id concept for DM/VHM hypercall APIs, that
return a relative VM id which is from SOS view when create VM for post-
launched VMs. DM/VHM could always treat their own vm id is "0". When they
make hypercalls, hypervisor will convert the VM id to the absolute id
when dispatch the hypercalls.
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
According to SDM vol1 13.3:
Write 1 to reserved bit of XCR0 will trigger GP.
This patch make ACRN behavior align with SDM definition.
Tracked-On: #3239
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The VM IDs which is high or equal then CONFIG_MAX_VM_NUM are all
invalid VM IDs, the MACRO has never been referenced in code, so
remove it;
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
The vcpu num could be calculated based on pcpu_bitmap when prepare_vcpu()
is done, so remove this redundant configuration item;
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Zephyr kernel is stripped ram image, its entry and load address
are explicitly defined in vm configurations, hypervisor will load
Zephyr directly based on these configurations.
Currently we only support boot Zephyr from protected mode.
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Previously multiboot mods[0] is designed for kernel module for all
pre-launched VMs including SOS VM, and mods[0].mm_string is used
to store kernel cmdline. This design could not satisfy the requirement
of hybrid mode scenarios that each VM might use their own kernel image
also ramdisk image. To resolve this problem, we will use a tag in
mods mm_string field to specify the module type. If the tag could
be matched with os_config of VM configurations, the corresponding
module would be loaded;
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Different kernel has different load method, it should be configurable
in vm configurations;
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
The guest OS of ACRN will not be limited to Linux, so refine the struct
of sw_linux to more generic sw_module_info. Currently bootargs and ramdisk
are only supported modules but we can include more modules in future;
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
is_msix, part of ptirq_msi_info, is not used in the code.
Tracked-On: #3205
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Present SGX related MSRs to guest if SGX is supported.
- MSR_IA32_SGXLEPUBKEYHASH0 ~ MSR_IA32_SGXLEPUBKEYHASH3:
SGX Launch Control is not supported, so these MSRs are read only.
- MSR_IA32_SGX_SVN_STATUS:
read only
- MSR_IA32_FEATURE_CONTROL:
If SGX is support in VM, opt-in SGX in this MSR.
- MSR_SGXOWNEREPOCH0 ~ MSR_SGXOWNEREPOCH1:
The two MSRs' scope is package level, not allow guest to change them.
Still leave them in unsupported_msrs array.
Tracked-On: #3179
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
If sgx is supported in guest, present SGX capabilities to guest.
There will be only one EPC section presented to guest, even if EPC
memory for a guest is from muiltiple physcial EPC sections.
Tracked-On: #3179
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add EPC information in vm configuration structure.
EPC information contains the EPC base and size allocated to a VM.
Tracked-On: #3179
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Get the platform EPC resource and partiton the EPC resource for VMs
according to VM configurations.
Don't support sgx capability in SOS VM.
init_sgx is called during platform bsp initialization.
If init_sgx() fails, consider it as configuration error, panic the system.
init_sgx() fails if one of the following happens when at least one VM requests
EPC resource if no enough EPC resource for all VMs.
No further check if sgx is not supported by platform or not opted-in in BIOS,
just disable SGX support for VMs.
Tracked-On: #3179
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
VM Name length is restricted to 32 characters. kata creates
a VM name with GUID added as a part of VM name making it around
80 characters. So increasing this size to 128.
v1->v2:
It turns out that MAX_VM_OS_NAME_LEN usage in DM and HV are for
different use cases. So removing the macro from acrn_common.h.
Definied macro MAX_VMNAME_LEN for DM purposes in dm.h. Retaining
original macron name MAX_VM_OS_NAME_LEN for HV purposes but defined
in vm_config.h.
Tracked-On: #3138
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Define a static mptable array and each VM could index its vmptable by
vm id, then mptable is not needed in vm configurations;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
At the time the guest is switching to X2APIC mode, different VCPUs in the
same VM could expect the setting of the per VM msr_bitmap differently,
which could cause problems.
Considering different approaches to address this issue:
1) only guest BSP can update msr_bitmap when switching to X2APIC.
2) carefully re-write the update_msr_bitmap_x2apic_xxx() functions to
make sure any bit in the bitmap won't be toggled by the VCPUs.
3) make msr_bitmap as per VCPU.
We chose option 3) because it's simple and clean, though it takes more
memory than other options.
BTW, need to remove const modifier from update_msr_bitmap_x2apic_xxx()
functions to get it compiled.
Tracked-On: #3166
Signed-off-by: Zide Chen <zide.chen@intel.com>
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- add the GUEST_FLAG_HIGHEST_SEVERITY flag to indicate that the guest has
privilege to reboot the host system.
- this flag is statically assigned to guest(s) in vm_configurations.c in
different scenarios.
- implement reset_host() function to reset the host. First try the ACPI
reset register if available, then try the 0xcf9 PIO.
Tracked-On: #3145
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
And make other related changes accordingly:
Remove pci_pdev_enumeration_cb define
Create init_vdevs() to iterate through the pdev list and create vdev for each pdev
Export num_pci_pdev and pci_pdev_array as globals in header file
Minor cosmetic fix:
Remove trailing whitespace
Tracked-On: #3022
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
ACRN supports LAPIC emulation for guests using x86 APICv. When guest OS/BIOS
switches from xAPIC to x2APIC mode of operation, ACRN also supports switching
froom LAPIC emulation to LAPIC passthrough to guest. User/developer needs to
configure GUEST_FLAG_LAPIC_PASSTHROUGH for guest_flags in the corresponding
VM's config for ACRN to enable LAPIC passthrough.
This patch does the following
1)Fixes a bug in the abovementioned feature. For a guest that is
configured with GUEST_FLAG_LAPIC_PASSTHROUGH, during the time period guest is
using xAPIC mode of LAPIC, virtual interrupts are not delivered. This can be
manifested as guest hang when it does not receive virtual timer interrupts.
2)ACRN exposes physical topology via CPUID leaf 0xb to LAPIC PT VMs. This patch
removes that condition and exposes virtual topology via CPUID leaf 0xb.
Tracked-On: #3136
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
This patch removes hard-coded interfaces in .rst files and
refers to the definition via doxygen style comments.
This patch mainly focus on Hypervisor part.
Other parts will be covered in seperate patches.
Tracked-On: #1595
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
the pcpu just write its own vmcs, not need spinlock.
and the arch.lock not used other places, remove it too.
Tracked-On: #3130
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
For pre-launched VMs, currently we set all vbars to 0s initially in
bar emulation code, guest OS will reprogram the bars when it sees the bars are uninited (0s).
We consider this is not the right solution, change to populate the
vbars (to non zero valid pci hole address) based on the vbar base
addresses predefined in vm_config.
Store a pointer to acrn_vm_pci_ptdev_config in struct pci_vdev
Tracked-On: #3022
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
now only SOS need decide boot with de-privilege or direct boot mode, while
for other pre-launched VMs, they should use direct boot mode.
this patch merge boot/guest/direct_boot_info.c &
boot/guest/deprivilege_boot_info.c into boot/guest/vboot_info.c,
and change init_direct_vboot_info() function name to init_general_vm_boot_info().
in init_vm_boot_info(), depend on get_sos_boot_mode(), SOS may choose to init
vm boot info by setting the vm_sw_loader to deprivilege specific one; for SOS
using DIRECT_BOOT_MODE and all other VMS, they will use general_sw_loader as
vm_sw_loader and go through init_general_vm_boot_info() for virtual boot vm
info filling.
this patch also move spurious handler initilization for de-privilege mode from
boot/guest/deprivilege_boot.c to boot/guest/vboot_info.c, and just set it in
deprivilege sw_loader before irq enabling.
Changes to be committed:
modified: Makefile
modified: arch/x86/guest/vm.c
modified: boot/guest/deprivilege_boot.c
deleted: boot/guest/deprivilege_boot_info.c
modified: boot/guest/direct_boot.c
renamed: boot/guest/direct_boot_info.c -> boot/guest/vboot_info.c
modified: boot/guest/vboot_wrapper.c
modified: boot/include/guest/deprivilege_boot.h
modified: boot/include/guest/direct_boot.h
modified: boot/include/guest/vboot.h
new file: boot/include/guest/vboot_info.h
modified: common/vm_load.c
modified: include/arch/x86/guest/vm.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Create the init_vdev_pt() function to host bar emulation initialization code
Add design philosophy for bar emulation
Move common functions to pci.h as they are generic and can be used by other
files.
Rename is_valid_bar to is_bar_supported and keep it as a private local function
in pci_pt.c
Tracked-On: #3056
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
remove some unnecessary includes,
some can cause reverse dependency.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
modified: acpi_parser/acpi_ext.c
modified: acpi_parser/dmar_parse.c
modified: boot/acpi_base.c
modified: boot/guest/direct_boot_info.c
modified: include/arch/x86/per_cpu.h
Handle the PIO reset register that is defined in host ACPI:
Parse host FADT table to get the host reset register info, and emulate
it for Service OS:
- return all '1' for guest reads because the read behavior is not defined
in ACPI.
- ignore guest writes with the reset value to stop it from resetting host;
if guest writes other values, passthru it to hardware in case the reset
register supports other functionalities.
Tracked-On: #2700
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch implements triple fault vmexit handler and base on VM types:
- post-launched VMs: shutdown_target_vm() injects S5 PIO write to request
DM to shut down the target VM.
- pre-launched VMs: shut down the guest.
- SOS: similarly, but shut down all the non real-time post-launched VMs that
depend to SOS before shutting down SOS.
Tracked-On: #2700
Signed-off-by: Zide Chen <zide.chen@intel.com>
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- post-launched RTVM: intercept both PIO ports so that hypervisor has a
chance to set VM_POWERING_OFF flag.
- all other type of VMs: deny these 2 ports from guest access so that
guests are not able to reset host.
Tracked-On: #2700
Signed-off-by: Zide Chen <zide.chen@intel.com>
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
For pre-launched VMs and SOS, VM shutdown should not be executed in the
current VM context.
- implement NEED_SHUTDOWN_VM request so that the BSP of the target VM can shut
down the guest in idle thread.
- implement shutdown_vm_from_idle() to shut down target VM.
Tracked-On: #2700
Signed-off-by: Zide Chen <zide.chen@intel.com>
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Previously we use Kconfig of DMAR_PARSE_ENABLED to choose pre-defined DMAR info
or parse it at runtime, at the same time we use MACRO of CONFIG_CONSTANT_ACPI
to decide whether parse PM related ACPI info at runtime. This looks redundant
so use a unified ACPI_PARSE_ENABLED Kconfig to replace them.
Tracked-On: #3107
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
now this MACRO is used in atomic.h and bits.h,
move it from cpu.h to atomic.h to avoid
reverse dependency(i.e. from lower layer to upper one)
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
This patch removes the dynamic memory allocation in dmar_parse.c.
v1 -> v2:
- rename 'const_dmar.c' to 'dmar_info.c' and move it to
'boot' directory
- add CONFIG_DMAR_PARSE_ENABLED check for function declaration
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Add MSR_IA32_MISC_ENABLE to emulated_guest_msrs to enable the emulation.
Init MSR_IA32_MISC_ENABLE for guest.
Tracked-On: #2834
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
According to SDM Vol4 2.1, modify vcpuid according to msr ia32_misc_enable:
- Clear CPUID.01H: ECX[3] if guest disabled monitor/mwait.
- Clear CPUID.80000001H: EDX[20] if guest set XD Bit Disable.
- Limit the CPUID leave maximum value to 2 if guest set Limit CPUID MAXVal.
Tracked-On: #2834
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Guest MSR_IA32_MISC_ENABLE read simply returns the value set by guest.
Guest MSR_IA32_MISC_ENABLE write:
- Clear EFER.NXE if MSR_IA32_MISC_ENABLE_XD_DISABLE set.
- MSR_IA32_MISC_ENABLE_MONITOR_ENA:
Allow guest to control this feature when HV doesn't use this feature and hw has no bug.
vcpuid update according to the change of the msr will be covered in following patch.
Tracked-On: #2834
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Merge two parts of different definitions for MSR_IA32_MISC_ENABLE fields.
- use the prefix "MSR_IA32_" to align with others
- Change MSR_IA32_MISC_ENABLE_XD to MSR_IA32_MISC_ENABLE_XD_DISABLE to
align the meaning of the filed since it is "XD bit disable"
Use UL instead of U as the filed bit mask because MSR_IA32_MISC_ENABLE is 64-bit.
Tracked-On: #2834
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
currently, ACRN hypervisor can either boot from sbl/abl or uefi, that's
why we have different firmware method under bsp & boot dirs.
but the fact is that we actually have two different operations based on
different guest boot mode:
1. de-privilege-boot: ACRN hypervisor will boot VM0 in the same context as
native(before entering hypervisor) - it means hypervisor will co-work with
ACRN UEFI bootloader, restore the context env and de-privilege this env
to VM0 guest.
2. direct-boot: ACRN hypervisor will directly boot different pre-launched
VM(including SOS), it will setup guest env by pre-defined configuration,
and prepare guest kernel image, ramdisk which fetch from multiboot modules.
this patch is trying to:
- rename files related with firmware, change them to guest vboot related
- restruct all guest boot stuff in boot & bsp dirs into a new boot/guest dir
- use de-privilege & direct boot to distinguish two different boot operations
this patch is pure file movement, the rename of functions based on old assumption will
be in the following patch.
Changes to be committed:
modified: ../efi-stub/Makefile
modified: ../efi-stub/boot.c
modified: Makefile
modified: arch/x86/cpu.c
modified: arch/x86/guest/vm.c
modified: arch/x86/init.c
modified: arch/x86/irq.c
modified: arch/x86/trampoline.c
modified: boot/acpi.c
renamed: bsp/cmdline.c -> boot/cmdline.c
renamed: bsp/firmware_uefi.c -> boot/guest/deprivilege_boot.c
renamed: boot/uefi/uefi_boot.c -> boot/guest/deprivilege_boot_info.c
renamed: bsp/firmware_sbl.c -> boot/guest/direct_boot.c
renamed: boot/sbl/multiboot.c -> boot/guest/direct_boot_info.c
renamed: bsp/firmware_wrapper.c -> boot/guest/vboot_wrapper.c
modified: boot/include/acpi.h
renamed: bsp/include/firmware_uefi.h -> boot/include/guest/deprivilege_boot.h
renamed: bsp/include/firmware_sbl.h -> boot/include/guest/direct_boot.h
renamed: bsp/include/firmware.h -> boot/include/guest/vboot.h
modified: include/arch/x86/multiboot.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace the vm state VM_STATE_INVALID to VM_POWERED_OFF.
Also replace is_valid_vm() with is_poweroff_vm().
Add API is_created_vm() to identify VM created state.
Tracked-On: #3082
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
vm_config.h has included types.h/acrn_common.h/vm_configurations.h,
acrn_common.h has included types.h, so remove the redundant includes;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Previously ACPI PM1A register info was hardcoded to 0 in HV for generic boards,
but SOS still can know the real PM1A info so the system would hang if user
trigger S3 in SOS. Enabling PM1A register info fixup will let HV be able to
intercept the operation on PM1A and then make basic function of S3 work for
all boards;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IRTE is freed if ptirq entry is released from remove_msix_remapping() or
remove_intx_remapping(). But if it's called from ptdev_release_all_entries(),
e.g. SOS shutdown/reboot, IRTE is not freed.
This patch adds a release_cb() callback function to do any architectural
specific cleanup. In x86, it's used to release IRTE.
On VM shutdown, vpci_cleanup() needs to remove MSI/MSI-X remapping on
ptirq entries, thus it should be called before ptdev_release_all_entries().
Tracked-On: #2700
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Rename 'type' in struct io_request to 'io_type' to be more readable.
Tracked-On: #3061
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Rename structure acrn_vm_type to acrn_vm_load_order as it is used to
indicate the load order instead of the VM type.
Tracked-On: #2291
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Shared buffer is allocated by VM and is protected by SMAP.
Accessing to shared buffer between stac/clac pair will invalidate
SMAP protection.This patch is to remove these cases.
Fix minor stac/clac mis-usage,and add comments as stac/clac usage BKM
Tracked-On: #2526
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In Linux 8250 driver, it has different flags for UART ports. For COM1,
COM2 and COM3, UPF_SKIP_TEST is set, which is used to skip the loopback
test for the port. But for COM4, UPF_SKIP_TEST is not set, so when
probing COM4, the driver will access MCR and MSR registers to make sure
the port is exsit. So, add support for MSR and MCR.
Default ports info:
COM1, ttyS0, 0x3F8
COM2, ttyS1, 0x2F8
COM3, ttyS2, 0x3E8
COM4, ttyS3, 0x2E8
Tracked-On: #2987
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove debug command 'vuart' which is used to change VM's console's base
and irq before bringing up with uefi.
But after vuart's resuffle, the gloable variables vuart_com_irq and
vuart_com_base is not used anymore, vuart gets the base and irq from
its configuration. So the command can not work.
Tracked-On: #2987
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move the console related code from dm/vuart.c to debug/console.c as
console is not supported in release version.
Tracked-On: #2987
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
As there is a requirement for conmunication between VMs on uart port,
but for Pre-launched VM, the only way is to create vuart for each VM and
connect them at hypervisor side. So, the vuart code should be moved from
/debug to /dm so that they can also be used in release version.
For the console related code, as no need to support in release version,
so leave them at debug directory.
Tracked-On: #2987
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The name NORMAL_VM does not clearly reflect the attribute that these VMs
are launched "later". POST_LAUNCHED_VM is closer to the fact
that these VMs are launched "later" by one of the VMs launched by ACRN.
Tracked-On: #3034
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Enable connection mode for vuart, so that vuart in different VMs can set up
connection.
In pre-launched VM's configuration file, ttyS1 is set to be the connection
port. To enable it in post-launched VM, just add vuart configuration.
Tracked-On: #2987
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In previous code, only for pre-launched VM, hypervisor would create
vuart console for each VM. But for post-launched VM, no vuart is
created.
In this patch, create vuart according to configuration in structure
acrn_vm_config. As the new configuration is set for pre-launched VM and
post-launched VM, and the vuart initialize process is common for each
VM, so, remove CONFIG_PARTITION_MODE from vuart related code.
Tracked-On: #2987
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add vuart config in acrn_vm_config struct, support configuring 2 vuarts for
each VM. The first vuart is used to work as VM's console. The second vuart
is used to connect to other VM's vuart. When the port base for a vuart
is set to 0, hypervisor will not create this vuart.
Tracked-On: #2987
Signed-off-by: Victor Sun <victor.sun@intel.com>
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
According to SDM 10.6.1, if dest fields is 0xffU for register
ICR operation, that means the IPI is for broadcast.
According to SDM 10.12.9, 0xffffffffU of dest fields for x2APIC
means IPI is for broadcast.
We add new parameter to vlapic_calc_dest() to show whether the
dest is for broadcast. For IPI, we will set it according to
dest fields. For ioapic and MSI, we hardcode it to false because
no broadcast for ioapic and MSI.
Tracked-On: #3003
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It is better to use an unified MACRO. So, this patch moves AP_MASK to cpu.h
and removes the defination of the MACRO spanning different source files.
Tracked-On: #2991
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch adds prefix 'p' before 'cpu' to physical cpu related functions.
And there is no code logic change.
Tracked-On: #2991
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In theory, we should trap out all the x2apic MSR access if APICv is not enabled.
When "Use TPR shadow" and "Virtualize x2APIC mode" are enabled, we could disable
TPR interception; when APICv is fully enabled, besides TPR, we could disable all
MSR read, EOI and self-IPI interception; when we pass through lapic to guest, we
could disable all the MSR access interception except XAPICID/LDR read and ICR write.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
When in fully APICv mode, we enable VID. All pending delivery interrupts
will inject to VM before VM entry. So there is no pending delivery interrupt.
However, if VID is not enabled, we can only inject pending delivery interrupt
one by one. So we always need to do this check.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
apicv_advanced_inject_intr is used if APICv fully features are supported,
it uses PIR to inject interrupt. otherwise, apicv_basic_inject_intr is used.
it will use VMCS INTR INFO field to inject irq.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
The APICv ops is decided once the APICv feature on the physical platform is detected.
We will use apicv_advanced_ops if the physical platform support fully APICv feature;
otherwise, we will use apicv_basic_ops.
This patch only wrap the accept interrupt API for them.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
The physical core of lapic_pt vm should be reset for security and
correctness when shutdown the vm.
Tracked-On: #2991
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch makes the following changes:
- Add one parameter 'mask' to start_cpus for later use.
- Set cpu state as DEAD instead of dead loop when fail to start cpu.
- Panic when there are any failures when start cpus in init_cpu_post and host_enter_s3.
Tracked-On: #2991
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently vpid is not released in reset_vcpu() hence the vpid resource
could be exhausted easily if guests are re-launched.
This patch assigns vpid according to the fixed mapping of runtime vm_id
and vcpu_id to guarantee the uniqueness of vpid.
Tracked-On: #2700
Signed-off-by: Zide Chen <zide.chen@intel.com>
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- The target vm in most of hypercalls should be a NORMAL_VM, in some
exceptions it might be a SOS_VM, we should validate them.
- Please be aware that some hypercall might have limitation on specific
target vm like RT or SAFETY VMs, this leaves "TODO" in future;
- Unify the coding style:
int32_t hcall_foo(vm, target_vm_id, ...)
{
int32_t ret = -1;
...
if ((is_valid_vm(target_vm) && is_normal_vm(target_vm)) {
ret = ....
}
return ret;
}
Tracked-On: #2978
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
When shutting down SOS VM, the shared sbuf is released from guest OS, but
the per cpu sbuf pointers in hypervisor keep inact. This creates a problem
that after SOS is re-launched, hypervisor could write to the shared
buffer that no longer exists.
This patch implements sbuf_reset() and call it from reset_vcpu() to
reset sbuf pointers.
Tracked-On: #2700
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Add TPR below threshold implement for "Virtual-interrupt delivery" not support.
Windows will use it to delay interrupt handle.
Complete all the interrupts in IRR as long as they are higher priority than
current TPR. Once current IRR priority is less than current TPR enable TPR
threshold to IRR, so that if guest reduces the TPR threshold, it would be good
to take below TPR threshold exit and let interrupts to go thru.
Tracked-On: #1842
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Enable vMCE feature to boot windows guest.
vMCE is set in EDX from Microsoft TLFS spec, to support windows guest
vMCA and vMCE should be supported by guest CPUID.
Support MSR_IA32_MCG_CAP and MSR_IA32_MCG_STATUS reading when vMCE is enabled,
but they are not emulated yet, so return 0 directly.
Tracked-On: #1867
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the presence of SOS, ACRN uses fallback_iommu_domain which is the same
used by SOS, to assign domain to devices during ACRN init. Also it uses
fallback_iommu_domain when DM requests ACRN to remove device from UOS domain.
This patch changes the design of assign/remove_iommu_device to avoid the
concept of fallback_iommu_domain and its setup. This way ACRN can commonly
treat pre-launched VMs bringup w.r.t. IOMMU domain creation.
Tracked-On: #2965
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
add new hypercall get platform information,
such as physical CPU number.
Tracked-On: #2538
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN builds mptable for pre-launched VMs. It uses CONFIG_PARTITION_MODE
to compile mptable source code and related support. This patch removes
the macro and checks if the type of VM is pre-launched to build mptable.
Tracked-On: #2941
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently VM id of NORMAL_VM is allocated dymatically, we need to make
VM id statically for FuSa compliance.
This patch will pre-configure UUID for all VMs, then NORMAL_VM could
get its VM id/configuration from vm_configs array by indexing the UUID.
If UUID collisions is found in vm configs array, HV will refuse to
load the VM;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Return true if vm configs is sanitized successfully, otherwise return false;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The code mixed the usage on term of UUID and GUID, now use UUID to make
code more consistent, also will use lowercase (i.e. uuid) in variable name
definition.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We could call vlapic API directly, remove vlapic_rdmsr/wrmsr to make things easier.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
renamed: include/dm/pci.h -> include/hw/pci.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Now the io_emul.c is relates with arch,io_req.c is common,
move some APIs from io_emul.c to io_req.c as common like these APIs:
register_pio/mmio_emulation_handler
dm_emulate_pio/mmio_complete
pio_default_read/write
mmio_default_access_handler
hv_emulate_pio/mmio etc
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move ‘emul_pio[]/default_io_read/default_io_write’
from struct vm_arch to struct acrn_vm
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- this api is related with arch_x86, then move to x86 folder
-- rename 'set_vhm_vector' to 'set_vhm_notification_vector'
-- rename 'acrn_vhm_vector' to 'acrn_vhm_notification_vector'
-- add an API 'get_vhm_notification_vector'
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN uses CONFIG_PARTITION_MODE macro to compile out CPU_IRQ_ENABLE/DISABLE
APIs. With vector remapping enabled for pre-launched VMs, this is of no use.
And for VMs with LAPIC pass-thru, interrupts stay disabled in vmexit loop
with the help of is_lapic_pt() API.
Tracked-On: #2903
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now the MAX supported VM number is defined explicitly for each scenario,
so move this config from Kconfig to VM configuration.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Previously we use unified vm_config.c for all scenarios and use MACROs
for each configuration items, then the initialization of vm_configs[]
becomes more complicated when definition of MACROs increase, so change
the coding style that all configurable items could be explicitly shown in
vm_configuration.c to make code more readable.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add, update '@return' and '@retval' statements to the API descriptions related
to vCPU operations.
Tracked-On: #1844
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
As vector re-mapping is enabled for pre-launched/partition mode VMs,
there is no more need for separate interrupt routine i.e.
partition_mode_dispatch_interrupt.
Tracked-On: #2879
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
For pre-launched VMs MSI/MSI-x configuration writes are not intercepted by ACRN.
It is pass-thru and interrupts land in ACRN and the guest vector is injected into
the VM's vLAPIC. With this patch, ACRN intercepts MSI/MSI-x config writes and take
the code path to remap interrupt vector/APIC ID as it does for SOS/UOS.
Tracked-On: #2879
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
To keep consistency between HV and DM about PM1A_CNT_ADDR,
it is better to replace the PM1A_CNT related MACROs used in DM
with VIRTUAL_PM1A_CNT related MACROs in acrn_common.h.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
This patch mainly does the following:
- Replace prefix RT_VM_ with VIRTUAL_.
- Remove the check of "addr != RT_VM_PM1A_CNT_ADDR" as the handler is specific for this addr.
- Add comments about the meaning of return value.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Intel SDM Vol3 23.8 says:
The INIT signal is blocked whenever a logical processor is in VMX root operation.
It is not blocked in VMX nonroot operation. Instead, INITs cause VM exits
So, there is no side-effect to send INIT signal regardless of pcpu active status.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
After using get_vm_from_vmid(), vm pointer is always not NULL. But there are still many NULL pointer checks.
This commit replaced the NULL vm pointer check with a validation check which checks the vm status.
In addition, NULL check for pointer returned by get_sos_vm() and get_vm_config() is removed.
Tracked-On: #2520
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Previously the vm_configs[] is defined separately for sharing mode and
partition mode, but the concept of hypervisor mode will be removed. Instead
we will introduce scenario Kconfig for hypervisor to load different vm
configurations.
SDC(Software Defined Cockpit) is a typical scenario that ACRN supported
so we introduce this scenario for previously sharing mode and move its
configurations to scenarios/sdc folder. The configuration could be used
for all boards reference.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add the default handlers for PIO and MMIO access which returns all
FFs on read and discards write. These default handlers are registered
when SOS VM or pre-launched VM is created.
v3 -> v4:
- use single layer if in hv_emulate_pio
- change the implementation of pio_default_read
v2 -> v3:
- use runtime vm type instead of CONFIG_PARTITION_MODE
- revise the pio/mmio emulation functions
- revise the pio/mmio default read functions according to MISRA C
- revise the commit message
v1 -> v2:
- add default handlers members in struct acrn_vm and add interfaces
to register default handlers for PIO and MMIO.
Tracked-On: #2860
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch makes make_reschedule_request support for kicking
off vCPU using INIT.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This API is only for kick vcpu out of non-root mode when
RTVM poweroff by itself. And the first caller will soon come
along with the next patch.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We set the vm state as VM_POWERING_OFF when RTVM is trying to poweroff by itself.
We will check it when trying to pause vCPUs of RTVM. Only if vm state equal to
VM_POWERING_OFF, we take action to pause the vCPUs of RTVM. Otherwise, we will
reject the pause request.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
The virtual pm port of RTVM is intercepted by HV. But the HV needs to inform the DM as well.
So we will forward the virtual S5 request to DM too
The handler in HV just set the pm state flag (VM_POWERING_OFF) which indicate that the RTVM is powering
off by itself. Meanwhile, there are data resources in VHM and DM should be released once we handle the PM
of RTVM in HV. So, return to DM to go through the entire VM destroy cycles to release the resources.
During the cycles, the DM will try to pause vm through hypercall. In the hypercall handler in HV, we will
check the pm state flag. If it is set, pause all the vCPUs of the vm. Otherwise, reject the request.
In this way, we can make sure that RTVM can only trigger its s5 by itself. All
other S5 request from external will be rejected.
Here is sequence chart of RTVM s5.
poweroff
+-----------+ +----------+ +-----------+ +----------+
| vBSP | | vAPs | | HV | | DM |
+-----+-----+ +----------+ +-----+-----+ +-----+----+
| | | |
| Stop all other cpus | | |
+----------------------------+ | |
| | |Disable LAPIC | |
| +<-+ | |
| | | |
| +--+ | |
| | |HLT in | |
| All other cpus stopped | |non-root mode | |
+----------------------------+ | |
| Call ACPI method to enter s5 | |
+-------------------------+---------------------> | |
| | Set s5 flag | |
| | <---------------------+ |
| | APs paused | Re-inject IOREQ TO DM
| | +-------------------> +-------------------> +
| | | Pause VM |
| | Check S5 flag: | <-------------------+
| | - If set, pause vm | VM paused |
| | - If no, reject | +-----------------> +--+
| | | Destroy VM | |Deinit works
| | | <--------------------<-+
| | | VM destroyed |
| | | +-----------------> |
+ + + +
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
This patch makes io_read_fn_t return true or false instead of void.
Returning true means that the handler in HV process the request completely.
Returning false means that we need to re-inject the request to DM after
processing it in HV.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
This patch makes io_write_fn_t return true or false instead of void.
Returning true means that the handler in HV process the request completely.
Returning false means that we need to re-inject the request to DM after
processing it in HV.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch checks if the GUEST_FLAG_RT is set when GUEST_FLAG_LAPIC_PASSTHROUGH is set.
If GUEST_FLAG_RT is not set while GUEST_FLAG_LAPIC_PASSTHROUGH is set, we will refuse
to boot the VM.
Meanwhile, this patch introduces a new API is_rt_vm.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This flag indicates that if the vm is RTVM.
And if a vm has GUEST_FLAG_LAPIC_PASSTHROUGH flag set,
we must set the GUEST_FLAG_RT at the same time.
Tracked-On: #2865
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
In hypervisor fuzzing test, hypervisor will hang
if issuing HV_VM_SET_MEMORY_REGIONS hypercall after
target VM is destroyed.
this patch is to fix above vulnerability.
Tracked-On: #2849
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The vm_config in hypervisor restricted VM name size to
MAX_CONFIG_NAME_SIZE (32 bytes). When UOS is launched by DM, the vmname
is passed in as the last optional args, we hope to to copy it to vm_config
in the future. So the size of vmname in DM args should be restricted to
MAX_CONFIG_NAME_SIZE, too. Because MAX_CONFIG_NAME_SIZE will be used by DM,
we move it from vm_config.h to acrn_common.h
We also rename MAX_CONFIG_NAME_SIZE to MAX_VM_OS_NAME_LEN, because it will
be used by another components, should has a clear name.
Tracked-On: #2851
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
devicemodel/include/public/acrn_common.h should be identical with
hypervisor/include/public/acrn_common.h, so we can use a soft link
to hypervisor's acrn_common.h for devicemodel.
Tracked-On: #2851
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Since we always enable "Use TPR shadow", so operate on TPR will not
trigger VM exit. So remove these APIs.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Delete the 2 files and merge their code into vpci.c:
hypervisor/dm/vpci/partition_mode.c
hypervisor/dm/vpci/sharing_mode.c
And change the Makefile accordingly
Change PCI_PRIV_H_ to VPCI_PRIV_H_ in vpci_priv.h
Some misra c fix:
Add @pre for functions
Add const to function parameters
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Instead of using CONFIG_PARTITION_MODE at compile time to compile in and call
the partition mode/sharing mode specific functions, always compile in all sharing
mode and partition code, then calling the corresponding functions dynamically based
on vm type (PRE_LAUNCHED_VM and SOS_VM) at runtime.
Some misra c fix:
Add @pre for functions
Add const to function parameters
Add ASSERT in pci_cfgdata_io_read and pci_cfgdata_io_write
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Re-organize the code to remove usage of hypervisor.h from
bsp folder, without changing any functionality.
Tracked-On: #2694
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
Currently MSR IA32_MISC_ENABLE is passthrough to guest.
However, guest may change the value of this MSR, which will cause issue in hypervisor.
This patch uses VMX MSR store area to isolate the MSR IA32_MISC_ENABLE between guest and host.
TODO:
Some bits of the MSR IA32_MISC_ENABLE is not just per core, but per package.
So need to check if need to prevent guest from setting or clearing these bits that may affect other cores.
Tracked-On: #2834
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Rename the field msr_num to msr_index, which is more accurate,
in struct msr_store_entry.
Tracked-On: #2834
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
-- move this api from misc.c to timer.c to avoid
reverse dependency, and remove misc.c
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
- for all cases of referring guest bootargs size, replace MEM_2K with
CONFIG_MAX_BOOTARGS_SIZE for better readability.
- remove duplicated MAX_BOOTARGS_SIZE definition from vm_config.h.
Also fix one minor issue in general_sw_loader() which uses copy_to_gpa()
to copy a string. Since copy_to_gpa() makes use of memncpy_s() to do the
job, the size parameter should include the string null ternimator.
Tracked-On: #2806
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove the unused seed parsing source files under
hypervisor/boot/sbl and related header files.
Tracked-On: #2724
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
This patch hide Memory Protection Extention (MPX) capability from guest.
- vCPUID change:
Clear cpuid.07H.0.ebx[14]
Clear cpuid.0DH.0.eax[4:3]
- vMSR change:
Add MSR_IA32_BNDCFGS to un-supported MSR array.
- XCR0[4:3] is not allowed to set by guest.
Tracked-On: #2821
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In preparation for vpci ops function removal, so that these functions can be
called directly instead by vpci code
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove vdev ops for partition mode, change related code to directly call the corresponding
functions instead
Remove struct pci_vdev_ops from vpci.h
Add @pre for pci_find_vdev_by_pbdf and pci_find_vdev_by_vbdf/partition_mode_vpci_init
Change the return value from int32_t to void to comply with misra c and
add ASSERT/panic in the functions (if necessary):
vdev_hostbridge_init
vdev_hostbridge_deinit
vdev_pt_init
vdev_pt_deinit
Still use pr_err in partition_mode_cfgread and partition_mode_cfgwrite to check if vdev cfgread/cfgwrite
access is aligned on 1/2/4 bytes, which is the only case that vdev cfgread/cfgwrite will return
nonzero, pr_err will be removed in subsequent patch titled "unify the sharing
mode and partition mode coding style for similar functions"
Remove @pre for local variables
Add ASSERT in partition_mode_pdev_init to check if pdev is NULL (user config
error)
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN uses global invalidation for all DMAR translation caches. Whenever
a UOS is shutdown or rebooted, it ends up clearing entries in translation
caches belonging to other VMs/domains. This patch adds support for
domain/device level invalidation for DMA translation caches and index
based invalidation for Interrupt Remapping Cache.
Tracked-On: #2738
Signed-off-by: Sainath Grandhi sainath.grandhi@intel.com
Acked-by: Eddie Dong eddie.dong@intel.com
Preparing for hybrid mode:
- create vE820 for pre-launched VMs and do other init code when the
vm_config->type is PRE_LAUNCHED_VM.
- create ve820.c for each board because without wrapping by
CONFIG_PARTITION_MODE, ve820_entry[] needs to be visible even when
compiling target boards that haven't enabled pre-launched VMs.
- remove create_prelaunched_vm_e820() from vm.c and implement board
specific function for each $(CONFIG_BOARD)/ve820.c. The reasons being:
- don't need to define ve820_entry[32] for those boards that don't
support pre-launched VMs.
- more importantly, this makes it much easier to create different per-VM
vE820 when it's needed.
Tracked-On: #2291
Signed-off-by: Zide Chen <zide.chen@intel.com>
Previously vrtc is for partition mode only, now enable it for sharing mode;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove vdev ops for sharing mode, directly call the corresponding functions
instead of calling the ops callbacks (indirectly)
Remove alloc_pci_vdev() and merge its code into init_vdev_for_pdev() to simplify code
Remove @pre for local variables
Change the return value from int32_t to void to comply with misra c and
add ASSERT in the functions (if necessary) to verify the assumptions for debug build:
vmsi_init
vmsix_init
vmsi_deinit
vmsix_deinit
Add @pre for vmsix_init_helper and make it a void function, use ASSERT to verify
the assumption for debug build.
Add ASSERT in get_sos_vm
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This is to fix the following misra c violation:
Pointer param should be declared pointer to const. : vdev
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
No need to use these 2 variables as global (per pci_misx), can simply use local
variables in code instead.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now we only configure "hide MTRR" explicitly to false for SOS. For other VMs,
we don't configure it which means hide_mtrr is false by default.
And remove global config MTRR_ENABLED
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
VM use CLOS when set CLOS_REQUIRED in guest flags of vm_config. The
wrong comment is 'if guest_flags has CAT_ENABLED', and should be fixed
as 'if guest_flags has CLOS_REQUIRED'
Tracked-On: #2462
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
1. move seed_info structure from trusty.h to seed.h
2. replace "#include <hypervisor.h>" with necessary including headers
in seed.c/seed_abl.c/seed_sbl.c
Tracked-On: #2777
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove vmx_cr0/vmx_cr4 from ext_context structure, they are duplicated
with cr0/cr4 fields in run_context.
Switch cr0/cr4 of run_context structure on demand when do world switch.
Remove vmx_cr0_read_shadow/vmx_cr4_read_shadow from ext_context structure.
These fields should be same for both normal world and secure world.
Tracked-On: #2773
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove the populate_msi_struct() function, put msi initialization specific
functionality into msi.x, and put msix initialization specific functionality
into msix.c
Rename mmio_hva to mmio_hpa and change related code to fix misra c violation:
Cast from pointer to integral type. : (void* to unsigned long): ( uint64_t ) hpa2hva ( bar -> base )
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In order to remove the usage of hypervisor.h,
modularize the boot folder.
Current changes include modifications to remove
usage of acrn_vm structure pointer, from some of
the call, and remove calls to hypervisor.h,
as and when deemed fit.
Removed hva2gpa, as this was not used anywhere else
after the changes.
Tracked-On: #2694
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move instr_emul_ctxt instance from struct per_cpu_region
to struct vcpu, and rename it from g_inst_ctxt to inst_ctxt
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
now the 'cpu_mode' is unused in struct vm_guest_paging,
and there is the same variable in struct acrn_vcpu_arch
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch mainly unifies init_vm_boot_info's implementation between SBL and
UEFI.
Tracked-On: #2708
Signed-off-by: Tw <wei.tan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch unifies the bsp interface between UEFI and SBL.
Tracked-On: #2708
Signed-off-by: Tw <wei.tan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add two functions to combine constraint for APICv:
is_apicv_basic_feature_supported: check the physical platform whether support
"Use TPR shadow", "Virtualize APIC accesses" and "Virtualize x2APIC mode"
is_apicv_advanced_feature_supported: check the physical platform whether support
"APIC-register virtualization", "Virtual-interrupt delivery" and
"Process posted interrupts".
If the physical platform only support APICv basic feature, enable "Use TPR shadow"
and "Virtualize APIC accesses" for xAPIC mode; enable "Use TPR shadow" and
"Virtualize x2APIC mode" for x2APIC. Otherwise, if the physical platform support
APICv advanced feature, enable APICv feature for xAPIC mode and x2APIC mode.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Except for few translation structures in x86 IOMMU, all translation
structures are 128-bit. All the translation structures used by ACRN
are 128 bit. So removed multiple definitions and defined a struct
that accomodates 128 bit entries.
Tracked-On: #2668
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
platform_acpi_info.h should be BOARD specific so move the header file
to configs/$(CONFIG_BOARD)/ folder.
So the target acpi info file detect process is:
Compiler search for $(CONFIG_BOARD)_acpi_info.h under
hypervisor/arch/x86/$(CONFIG_BOARD)/ first (the file is supposed to be
generated by offline tool so it is not included in original source), if
found, then the file is the target acpi info file. If not and at the
same time the ENFORCE_VALIDATED_ACPI_INFO Kconfig was set, the compiler
will stop and hint user to add target acpi info file by offline tool.
If ENFORCE_VALIDATED_ACPI_INFO was unset, then compiler will continue to
search for platform_acpi_info.h as target acpi info file under
hypervisor/arch/x86/$(CONFIG_BOARD) folder (with this file we could bypass
ENFORCE_VALIDATED_ACPI_INFO check and benifit for development). If this
file is not exist, then hypervisor/arch/x86/configs/platform_acpi_info.h
will be included as final target acpi info.
The process should work for UEFI path also, with a valid platform acpi
info file, S3/S5 should work on UEFI platform.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- change 'tsc_khz' to static
-- move these APIs from rtl.h to timer.c
us_to_ticks()
ticks_to_us()
ticks_to_ms()
rdtsc()
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch simplifies `get_primary_vcpu` and `vcpu_from_vid`.
The target_vcpu could be get from the index directly.
Tracked-On: #1842
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Correct wrong use of vector where lvt_index should be used.
Tracked-On: #1842
Signed-off-by: Min He <min.he@intel.com>
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
ECS.bit31 is not used and always return 0 in SDM Vol.2A 3-195. It's a
standard way to indicate whether there is a hypervisor.
Tracked-On: #2490
Ref: https://lwn.net/Articles/301888/
Signed-off-by: Xinyun Liu <xinyun.liu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
pci_vdevs is vpci stuff so it would be better to make it managed by vpci rather than by vm.h,
both sharing mode and partition mode can use pci_vdevs[] to maintain its own
per vm vdev list.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- merge sharing_config.c and partition_config.c to vm_config.c;
- make vm_configs[] static;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Do not refer vm_configs[] directly in vm module;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- move sanitize_vm_config() from vm.c to vm_config.c;
- move get_vm_config() from vm.h to vm_config.h;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Enlarge hypervisor BSS section to support EPT mapping of additional
1G address space. This is used to support 64bit PCI bar whose address
is strictly above 4G.
Tracked-On: #2577
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Yu Wang <yu1.wang@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
When CAT is supported, UOS can setup acrn_vm_config.clos, to use CAT
feature. Eg.,
struct acrn_vm_config vm_configs[CONFIG_MAX_VM_NUM] = {
{
.guest_flags |= CLOS_REQUIRED,
.clos = 1,
},
};
sanitize_vm_config() will check if CAT is supported and
vm_configs.clos is valid.
Tracked-On: #2462
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Enumarate capability of Cache Allocation Technology(CAT) on X86 platform,
when HV init the primary cpu. If CAT is supported, store its info
to global struct cat_hw_info.
Tracked-On: #2462
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IF CAT is supported, and we want setup initial values to
IA32_Type_MASK_n MSRs, We can define a global structure
platform_clos_array[PLATFORM_CLOS_NUM], it has 2 members:
1.msr_index, the MSR address of IA32_Type_MASK_n
2.clos_masky, the initial valuses
Global varible platform_clos_num is the number of IA32_Type_MASK_n,
from IA32_Type_MASK_0 to IA32_Type_MASK_<CLOS_MAX_NUM - 1>
Tracked-On: #2462
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1) The previous implementaion will recalculate the whole EOI-exit bitmap for
each RTE once the destination, trigger mode, delivery mode or vector of a RTE
has changed and update the EOI-exit bitmap for each vcpu of the VM.
In this patch, only set the corresponding bit of EOI-exit bitmap for
a vcpu when a level triggered interrupt has accepted in IRR or clear the
corresponding bit of EOI-exit bitmap for a vcpu when a dege triggered interrupt
has accepted in IRR which means only update a bit of EOI-exit bitmap in a vcpu
when updating TMR.
2) Rename set eoi_exit related API to set eoi_exit_bitmap.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
--move several uart API declarations from console.h to uart16550.h
--move several shell API declarations from console.h to shell.h
--add dbg_cmd.h, move 'handle_dbg_cmd' declaration from console.h
to dbg_cmd.h
--move debug/uart16550.h to include/debug/uart16550.h since some
uart APIs will be called by external files
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
modified: arch/x86/guest/vm.c
modified: arch/x86/init.c
modified: bsp/uefi/cmdline.c
modified: debug/console.c
modified: debug/dbg_cmd.c
modified: debug/uart16550.c
modified: debug/vuart.c
modified: hw/pci.c
modified: include/arch/x86/multiboot.h
modified: include/debug/console.h
new file: include/debug/dbg_cmd.h
new file: include/debug/shell.h
renamed: debug/uart16550.h -> include/debug/uart16550.h
remove vpci_vdev_array in vm_config struct as it is not used any more;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are still some misra-c violations when CONFIG_PARTITION_MODE is defined.
arch/x86/configs:
- remove the unused macro: PRE_LAUNCH_VM_NUM
- pt_dev.c: VMx_CONFIG_PCI_PTDEV_NUM has been defined in partition_config.h,
should not hard code them again in pt_dev.c.
- ve820.c: use "UL" suffix instead of "U" for 64 bits variables.
vmid is uint16_t in ACRN, so vuart_vmid should be uint16_t as well.
Fix another few other miscellaneous misra-c violations.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Rename vlapic_post_intr to apicv_post_intr and move it to internal function
since it's only used in vlaic.c.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Since it's only used in vlaic.c
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move vm_active_cpus from vlapic.c to vm.h since it's vm related
not vlapic related.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
pci_vdev contains a pointer to pdev, which stores pbdf, so there is no need
to store a separate pbdf in vdev.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Use a function to compare bdf instead and some related code cleanup
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
merge E820_MAX_ENTRIES and NUM_E820_ENTRIES
to E820_MAX_ENTRIES.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
There are two bugs related to PDPT address calculation for PAE mode.
1. Current code doesn't ignore the "Ignored" fileds when load pdpt registers.
Mask the "Ignored" fileds according to SDM Figure 4-7 Vol3.
2. Current code only ignores 4bits instead of 5bits in low "Ignored" filed when
calculate PDPT address in PAE mode for guest memory address translation.
Tracked-On: #2561
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove hypervisor.h from per_cpu.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
merge include/arch/x86/irq.h and include/common/irq.h
--> include/arch/x86/irq.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
move gva2hva() & hva2gpa() to guest_memory.c,
we will remove hypervisor.h in the future.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
According to SDM 17.3.1.1, for any fault-class exception except a
debug exception generated in response to an instruction breakpoint,
the value pushed for RF is 1.
This patch set Resume Flag for fault class exceptions.
Tracked-On: #2405
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Removed the remaining reference of acrn vm from
inside of vtd.c.
Removed usage of snoopy_mem, and added code to achieve
the same using iommu_snoop.
Initialize iommu_snoop to true in create deault iommu.
Tracked-On: #2496
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
This patch is a modified one. It removes the usage
of acrn_vm struct from inside vtd.c.
It also puts struct iommu_domain inside vtd.h,
from vtd.c.
It modifies the signature of init_iommu_domain
in order to remove dependency on acrn_vm from
inside vtd.c.
Incorporated comments from Jason and Eddie.
Changed the name of sos_vm_domain to
fallback_iommu_domain
Removed any reference of sos_vm from vtd.[c|h]
files, including comments.
Tracked-On: #2496
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
For vcpu.c and vcpu.h,only include some necessary
header files, doesn't include hypervisor.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- now hypervisor.h is the universal set of header file,
this patch doesn't include hypervisor.h, only include
some necessary header files for vm.c and vm.h
-- move 'struct vcpuid_entry' from vm.h to vcpuid.h
-- remove dead code 'enum vm_privilege_level'
-- move 'enum vpic_wire_mode' from vm.h to vpic.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- move functions related vmexit from `guest.h` to `vmexit.h`
- move functions related msr from `guest.h` to `msr.h`
- move functions related vm_sw_loader from `guest.h` to `vm.h`
- move function `vmx_vmrun` from `guest.h` to `vcpu.h`
- move MACROs related to vcpu from `guest.h` to `vcpu.h`
- move MACRO `E820_MAX_ENTRIES` from `guest.h` to `e820.h`
- move MACROs related to irq from `guest.h` to `irq.h`
- rename `guest.h` to `guest_memory.h`
Tracked-On: #2503
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Use acrn_vm_pci_ptdev_config struct for PCI PT devices configuration
in acrn_vm_config, the only needed configure item is PT devices's
vBDF and pBDF info. When init PT devices, the BDF info will be stored
in pci_vdevs[] of acrn_vm.
With this patch, the previous vpci_vdev_array struct is not needed.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove redundancy code since they are not used now.
-- remove 'max_ram_blk_base' & 'max_ram_blk_size' in
struct e820_mem_params
-- remove 'gpa_lowtop' in struct vm_hw_info
-- remove MACRO 'UOS_DEFAULT_START_ADDR'
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The partition mode vm config in vm_description.c is abandoned,
so delete the file. Its related struct in vm.h is also removed;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The previous VM configs array for partition mode is inside struct of
vm_config_partition and named as vm_config_array[], now switch to
global vm_configs[];
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
As we store the physical pci device info in a global pdev array, the vdev struct can
store a pointer to pdev instead.
Tracked-On: #2431
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Current pt devices bar info for partion mode is hardcoded in
vm_description.c, now we remove the hardcoded info and parse the bar
info during pt devices init.
Tracked-On: #2431
Signed-off-by: Victor Sun <victor.sun@intel.com>
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Tracked-On: #2431
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
- add e820 info in struct acrn_vm;
- rename rebuild_sos_vm_e820() to create_sos_vm_e820();
- add create_prelaunched_vm_e820() for partition mode;
- rename create_e820_table() to create_zeropage_e820() and merge for
both sharing mode and partition mode;
- move create_xxx_vm_e820() to vm.c;
- move create_zeropage_e820() to vm_load.c;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move e820_default_entries[] from vm_description.c to ve820.c and rename
to ve820_entry[] as a temparary solution for partiton mode e820 management;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Rename vlapic_deliver_intr to vlapic_receive_intr: ioapic/msi device
deliver an interrupt to lapic.
Rename vlapic_pending_intr to vlapic_find_deliverable_intr: find a
deliverable interrupt which pending in irr and its priority large than ppr.
Rename vlapic_intr_accepted to vlapic_get_deliverable_intr: get the deliverable
interrupt from irr and set it in isr (which also raise ppr update)
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
CRx 'guest/host mask' is widely used when talking
about CR0/CR4 virtualization in SDM spec,
rename them to 'VMX_CRx_GUEST_HOST_MASK'.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- move `vcpumask2pcpumask` from `guest.c` to `vcpu.c`
- move `prepare_sos_vm_memmap` from `guest.c` to `vm.c`
- rename `guest.c` to `guest_memory.c`
Tracked-On: #2484
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
When a corresponding IOMMU is found for the device, this patch adds
support to program Interrupt Remapping hardware RTEs and the original
interrupt sources (MSI or IOAPIC) with IR format.
Tracked-On: #2426
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
IOAPIC info from DMAR table is needed to match the IOAPIC info from
MADT. This patch adds support to get id and bus, devfn for IOAPIC
from DMAR. IOAPIC info for SBL platform is hardcoded in the header
file.
Tracked-On: #2426
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
IOAPIC info, specifically ID, is needed to map the IOAPIC to
corresponding DMAR. DMAR table in ACPI has a field that has IOAPIC
ID, that matches the info provided in MADT. Both (IOAPIC info from
MADT and from DMAR) is needed for remapping IOAPIC interrupts.
Tracked-On: #2426
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
As we enable Interrupt Remapping Hardware in ACRN, Queued Invalidation
(QI) needs to be used clear DMAR hardware caches. This patch introduces
Queued Invalidation APIs. Code related to Register based Invalidation
is removed from ACRN and platforms that do not support QI cannot boot
with ACRN after this patch.
Tracked-On: #2426
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
The msr load/restore during vmexit/vmentry is enabled in HV by
default. The profiling has assumption that it's only user for this
feature, which could overwrite of HV default setting.
This fix combine the msr load list for vmexit when profiling.
Tracked-On: #2422
Signed-off-by: Min Lim <min.yeol.lim@intel.com>
Since the profiling utilizes the limited size of buffer to capture
sample data, dropping samples could happen while collecting data
if data is generated faster than flushing by consumer. Capturing
the dropped sample info is critical to understand how much the data
is reliable to use.
To capture the information, the new hypercall "PROFILING_GET_STATUS"
is introduced.
Tracked-On: #2474
Signed-off-by: Manisha Chinthapally <manisha.chinthapally@intel.com>
Signed-off-by: Min Lim <min.yeol.lim@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Use smp_call_function() to read/write MSR register on target PCPU
Tracked-On: #2462
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- add ept.h, and move ept related api declaration
from mmu.h to ept.h
-- move lookup_address()declaration from mmu.h to pgtable.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
move 'struct e820_entry' 'E820_TYPE_XXX' from mmu.h
to e820.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move the following files to dm folder
renamed: include/arch/x86/guest/vioapic.h -> include/dm/vioapic.h
renamed: include/arch/x86/guest/vpic.h -> include/dm/vpic.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
1. in UEFI bsp code, not need UEFI macro; it is controlled in makefile.
2. in vm/acpi/interrupt code, unify the API name for SBL & UEFI.
3. remove unnecessary header including and unused code.
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
-- move vm_pic() from vm.h to vpic.c since it is
only used in vpic.c
-- move vm_ioapic() from vm.h to vioapic.c
change vioapic_reset(struct acrn_vioapic *vioapic) -->
vioapic_reset(struct acrn_vm *vm)
then vm_vioapic() is only used in vioapic.c
-- move vm_vuart() from vm.h to vuart.c,
now this api is used in vuart.c and shell.c
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
For VM with local apic pt for realtime scenatios, we support virtio device with PMD backend.
But we still need to inject MSI to notify the front-end, to avoid changing the front-end drivers.
Since the lapic is passed through, irq injection to vlapic won't work.
This commit fix it by sending IPI with vector need to inject.
Tracked-On: #2351
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit extend lapic pass-through for DM launched VM, generally for hard RT scenarios.
Similar to the partition mode, the vlapic is working under the xapic mode at first, only
when x2apic mode is enabled, lapic is passed through, because the physical LAPICs are
under x2apic mode.
Main changes includes:
- add is_lapic_pt() to check if a vm is created with lapic pt or not, to combine
codes of partition mode and DM launched vm with lapic passthrough, including:
- reuse the irq delievery function and rename it to dispatch_interrupt_lapic_pt();
- reuse switch_apicv_mode_x2apic();
- reuse ICR handling codes to avoid malicious IPI;
- intercept ICR/APICID/LDR msr access when lapic_pt;
- for vm with lapic passthrough, irq is always disabled under root mode.
Tracked-On: #2351
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
As we enable Interrupt Remapping, bit positions in IOAPIC RTEs
have a different syntax for programming. ACRN should handle original
format for vIOAPIC as well IR representation for physical IOAPIC.
This patch adds bit granularity IOAPIC RTE.
Tracked-On: #2407
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
As we enable Interrupt Remapping, bit positions in MSI address and
data registers have a different syntax for programming. This patch adds
bit granularity for MSI address and data structs.
Tracked-On: #2407
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
-- add header file ld_sym.h in include/arch/x86/boot/
-- move 'ld_bss_start/end' from cpu.h to ld_sym.h,
avoid reverse dependency
-- move 'ld_text_end' from mmu.h to ld_sym.h
-- move 'ld_trampoline_load/start/end' to ld_sym.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The sos_vm config under arch/x86/configs/$(CONFIG_BOARD) folder should be
customer specific configuration, leave it back to customer.
When hypervisor start building, it will check whether BOARD specific sos_vm.h
exist in configs/$(CONFIG_BOARD) folder. If exist, then include this header;
if not, then include default sos_vm config header under configs/default folder.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add a API to sanitize vm_configs[] array, in this API, we will do sanity
check for VM configurations and refill some fields in vm_configs[]. If
sanity check is failed, the HV would reject to boot.
About pcpu_bitmap of SOS_VM:
We should not hard code pcpu_bitmap for SOS_VM, this is not convenient for
unconfigured boards. The pcpu_bitmap follows a very simple rule:
All physical CPUs except ocuppied by Pre-launched VMs are all belong to
SOS_VM. In this way, the pcpu_bitmap of a SOS_VM is decided by pcpu_bitmap
status in PRE_LAUNCHED_VMs.
To get the correct pcpu_bitmap of SOS_VM, We need to setup another rule, that
the vm_configs[] array should follow the order of PRE_LAUNCHED_VM - SOS_VM
strictly.
With this patch enabled, the pcpu_bitmap field of sos vm config is not needed
to configure;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
after compile, the compiled code could change rsp, so use pure asm code
to avoid such problem which will cause schedule switch failure.
Tracked-On: #2410
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
below fields are defined but not used.
- sync, pause_cnt & dbg_req_state.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
