AP trampoline code should be accessile to hypervisor only,
Unmap this memory region from service VM's EPT mapping
for security reason..
Tracked-On: #4091
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
1. Print warning message instead of panic when
the caller try to modify the attribute for
memory region or delete memory region that
are not present.
2. To avoid above warning message for memory region
below 1M,its attribute may be updated by Service
VM when updating MTTR setting.
Tracked-On: #4091
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Fei Li <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In lib/string.c, strncmp doesn't consider condition "n_arg=0",
just add a process to "n_arg=0".
Tracked-On: #4093
Tracked-On: projectacrn/acrn-hypervisor#3466
Signed-off-by: YanX Fu <yanx.fu@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch is to remove unused info in server.c
Tracked-On: #4089
Signed-off-by: xiaojin2 <xiaojing.liu@intel.com>
Reviewed-by: Liu, Xinwu <xinwu.liu@intel.com>
Acked-by: CHEN Gang <gang.c.chen@intel.com>
The return value of 'strtol()' is not checked properly
in _get_vmname_pid() @acrn_vm_ops.c and parse_opt()@acnrd.c,
the return type of 'strtol' is 'long int', but it is assigned
to a variable with type of 'int' and compared to "LONG_MAX"
and "LONG_MIN", which is always false.
This patch is to fix above error case.
Tracked-On: #4088
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
Acked-by: Yan, Like <like.yan@intel.com>
int snprintf(char *str, size_t size, const char *format, ...)
The functions snprintf() write at most size bytes (including the
terminating null byte('\0')) to str.
only when returned value of snprintf is non-negative and less than size,
the string has been completely written.
Tracked-On: #4087
Signed-off-by: Gao Junhao <junhao.gao@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
In function crb_reg_write() in tpm_rbc.c
'tpm_vdev->request_mutex' will potentially kept
in locked state after crb_reg_write() returns.
Tracked-On: #4086
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Yadong Qi <yadong.qi@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
In acrn_load_elf(), file pointer 'fp' is kept in
open state before exiting if 'load_elf32()' is executed,
this patch is to fix this bug.
Tracked-On: #4085
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
DIR handler is referenced after release, need to be adjusted before
released.
Tracked-On: #4084
Signed-off-by: Gao Junhao <junhao.gao@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
When removing node in list, list_foreach_safe will be safer than
LIST_FOREACH.
Tracked-On: #4083
Signed-off-by: Junhao Gao <junhao.gao@intel.com>
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
this patch is to fix error debug message
for invalid 'param' case, there is no string
variable for '%s' output, which will potenially
trigger hypervisor crash as it may access random
memroy address and trigger SMAP violation.
Tracked-On: #4092
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
checking the inputs explicitly instead of using Assert.
Tracked-On: #4003
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
In release environment, binary files must be stripped in
order to remove debugging code sections and symbol information
that aid attackers in the process of disassembly and reverse
engineering.
Use '-s' linking option to remove symbol table and relocation
information from release binaries.
Tracked-On: #3427
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Remove unsafe API in efi-stub
1, use Strnlen instead of StrLen except the parameter
is a static string.
2, strlen() only work on static strings.
Tracked-On: #3276
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
'pcpu_id' should be less than CONFIG_MAX_PCPU_NUM,
else 'per_cpu_data' will overflow. This commit fixes
this potential overflow issue.
Tracked-On: #3397
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
va_end() was not getting called under certain condition
after the va_start() function call taking the va_list.
Tracked-On: #3396
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
va_end() was not getting called under certain condition
after the va_start() function call taking the va_list
Tracked-On: #3396
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Gang Chen <gang.c.chen@intel.com>
This patch is to fix some potential memory leak issues
1, free mrp if the mmio_rb_lookup() function return 0;
2, free memory allocated by strdup in some error case handling.
Tracked-On: #3277
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Replace strlen function with strnlen function in DM
Tracked-On: #3276
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Use strncpy instead of strcpy to avoid buf overflow.
Fix strncpy null-terminated issues.
Tracked-On: #3245
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
APL NUC Getting started guide has some obsolete information (such as
saying the user had to build ACRN as part of the installation process
and changed instructions because the Clear Linux installer changed),
along with some spelling and grammar issues.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
An instruction is needed from gsg so that user could know where
to get the script and also how to use it to setup SOS, UOS automatically.
Signed-off-by: ruix.li <ruix.li@intel.com>
Update the architectural diagram in the "Using PREEMPT_RT-Linux for
real-time UOS" tutorial to reflect the new name given to that type of
VM, i.e. from "Privileged VM" to "RTVM".
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Update the instructions on how to build ACRN on Ubuntu 16.04,
specifically:
* Add 'pkg-config' package
* Upgrade 'binutils' to 2.27
Note: there is still an issue with regards to the GPIO header
(linux/gpio.h) which needs to be resolved.
Tracked-On: #2737
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Change shell command 'sos_console' to 'vm_console' as it is not only
used to switch console to SOS.
Tracked-On: #2987
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
This patch renames rules ID to reflect the language, in order
to support multiple programming languages.
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
With latest gcc, there are build error with current ACRN code.
Fixing could involve many code changes. We use gcc option to
remove build error as temperary workaround. And will fix the
build error one by one.
Tracked-On: #3010
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Meet compiling error:
In function ‘strncpy’,
inlined from ‘main’ at main.c:88:4:
/usr/include/bits/string_fortified.h:106:10: error: ‘__builtin_strncpy’
specified bound 4096 equals destination size
[-Werror=stringop-truncation]
106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos
(__dest));
|
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
This patch aims to fix it.
Tracked-On: #1024
Signed-off-by: Liu, Xinwu <xinwu.liu@intel.com>
Acked-by: Chen, Gang <gang.c.chen@intel.com>
There will be a buffer overflow fisk in delete runc functions.
If the shell command function return length longer or equal to
the length of the buffer, at that time execute strstr function it
will cause buffer overflow issue. Set buffer's last byte to Zero
will avoid the risk.
Tracked-On: #3001
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Like Yan <like.yan@intel.com>
When acrn-dm is started by acrnd as a background process, STDIN is
redirected to journal. In this case mevent_add cannot be called on
the fd of STDIN.
Tracked-On: #2998
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
will access null pointer if 'gvt' is null.
Tracked-On: #1479
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: He, Min <min.he@intel.com>
Possible buffer overflow will happen in vlapic_set_tmr()
and vlapic_update_ppr(),this path is to fix them.
Tracked-On: #1252
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The 'boot_params' and 'entry' might be dereferenced after they were
positively checked for NULL. Refine checking logic to fix the issue.
Tracked-On: #2979
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Zhu Bing <bing.zhu@intel.com>
