With SMAP enabled, hypervisor can't access pages that
owned by guest(either SOS or UOS), and an override is
is provided: stac()/clac() to enable/disable access to
guest's memory pages.
Pre-conditon:
Mark hypervisor owned pages as supervisor mode (U/S = 0),
and set all othter memory pages as user mode (U/S = 1).
Tracked-On: #2056
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
MTRR emulation belongs to virtual CPU component.
- rename mtrr.c to vmtrr.c and move it to arch/x86/guest
- rename mtrr.h to vmtrr.h and move it to include/arch/x86/guest
Tracked-On: #1842
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Intercept IA32_TSC_ADJUST MSR so that writing IA32_TSC_ADJUST from the
guests won't impact the TSC in root mode or potentially other vCPUs in
the same pCPU.
- MSR TSC_ADJUST needs to be isolated between normal and secure world,
so it's included in NUM_WORLD_MSRS.
- Upon writing to either IA32_TSC_ADJUST or IA32_TSC from the guests,
don't write to physical MSRS so it won't impact the host side, but
update the TSC offset VM-execution control.
- don't need to intercept rdmsr for IA32_TIME_STAMP_COUNTER.
- add the missing statement in save_world_ctx() to save the tsc_offset
during world switch.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
hypervisor initilization component triggered by boot component,
and it calls different components initilization functions from
the highest layer.
this patch added init.c and move reorged cpu init functions into
it, keep hardware management functions in cpu.c but move other
components' init function into init.c.
the hypervisor initilization components will call:
- init_cpu_pre
- init_cpu_post
- init_bsp
- init_debug_pre
- init_debug_post
- init_guest
- init_passthru
- enter_guest_mode
the hypervisor initilization component include files:
arch/x86/init.c
include/arch/x86/init.h
this component is higest layer, so there is no reverse dependencies for it.
v2:
- separate into 2 patches, 1 for reorg, 1 for pure move.
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
This patch fixes incorrect vm_id captured when sampling PMU data. Currently,
the vm_id gets attributed to ACRN hypervisor, rather than actual guest vm_id.
The issue is identified that the existing code captures the guest vm info
after vmexit_hander function is completed, in which the profiling module
points its context to VMM. When the vmexit happens by PMI, the guest context
should be captured so that the attribution to proper guest vm can happen.
This change will also allow to capture more accurate TSC when vmexit happens.
Tracked-On: #2043
Signed-off-by: Min Lim <min.yeol.lim@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
functions like set_vcpuid_entries & guest_cpuid should only
server for virtual cpuid, so move such kind of functions
to guest/vcpuid.c.
and all native cpuid APIs will keep in cpuid.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- enable NX feature in hypervisor:
1. Set 'XD' bit for all pages, including pages for guests
when initialize MMU tables in hypervisor.
2. remove 'XD' bit for pages that contain hypervisor instructions.
3. enable MSR EFER.NXE,which will enable page access restriction by
preventing instruction fetches form pages with XD bit set.
- remove "-Wl -z noexecstack" GCC flag option in hypervisor
Makefile as it would not affect stack attribute in hyervisor,
which setup stack itself, instead of by loader.
Tracked-On: #1122
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. change its APIs as more indepentent, and modify the callers' code
2. limit its global variables as static, and return const to the callers
3. remove unused code in "CONFIG_CMA"
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. e820 is modulized as separated files.
2. move boot_regs into multiboot.h as it's related with
multiboot info header
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
based on previous patch, we can move idt.S and idt.h out of boot component
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently there are two fields in ext_context to emulate IA32_PAT MSR:
- ia32_pat: hold the value of the emulated IA32_PAT MSR
- vmx_ia32_pat: used for load/store IA32_PAT MSR during world switch
This patch moves ext_context->ia32_pat to the common placeholder for
emulated MSRs acrn_vcpu_arch->guest_msrs[].
Also it renames ext_context->vmx_ia32_pat to ext_context->ia32_pat to
retain same naming convention in struct ext_context.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- implement unified APIs to access guest_msrs[] under struct acrn_vcpu.
- use these new APIs to read/write emulated TSC_DEADLINE MSR
- switch world_msrs[] and guest_msrs[] during world switch for MSRs that
need world isolation
- remove the old guest_msrs[] array and it's index macros.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Create two arrays for emulated MSRs:
- guest_msrs[] in struct acrn_vcpu_arch: emulation for all MSRs that are
included in emulated_guest_msrs[].
- world_msrs[] in struct cpu_context: it has separate copies for secure and
normal world for those MSRs that are in the first NUM_WORLD_MSRS entries
in emulated_guest_msrs[].
Split vmsr.c/emulated_msrs[] into 3 smaller arrays:
- emulated_guest_msrs[]: corresponding MSRs are emulated in guest_msrs[]
- mtrr_msrs[]: emulated MTRRs are saved in vMTRR module
- unsupported_msrs[]: GP for any guest accesses
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Identifier reuse may arise confusion. So should minimize the case of it
as much as possible. This patch is try to do this except the PCI related
module.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
On platforms, that do not support APICv register virtualization, all the
x2APIC MSRs need to intercepted by ACRN for emulation.
Tracked-On: #1973
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
This patch does:
- remove the unused API declaration
- fix use of uninitialized variable in instr_emul.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch adds more comment to describe functions that are
interfaces to the other modules in the hypervisor. The comments
are in doxygen-style for document generation.
Tracked-On: #1595
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
This patch adds the necessary space before or after binary operator.
v1 -> v2:
* minor fix related to integer
[i - 1] ====> [i - 1U]
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Input parameter of mmio_write64/mmio_write32/mmio_write16/mmio_write8
should be 'void *addr' rather than 'const void *addr' since the object
pointed by 'addr' is modified in these operations.
This patch change the param type of mmio_write** and update its usage
accordingly.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
replace CPU_PAGE_MASK with PAGE_MASK
These two MACROs are duplicated and PAGE_MASK is a more reasonable name.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- replace CPU_PAGE_SHIFT with PAGE_SHIFT
These two MACROs are duplicated and PAGE_SHIFT is a more
reasonable name.
- remove unused MACROs related to page shift in cpu.h
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
replace CPU_PAGE_SIZE with PAGE_SIZE
These two MACROs are duplicated and PAGE_SIZE is a more reasonable name.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
separate the function definitions into debug/release directories
to better distinguish debug/release libraries
v1 -> v2:
- sbuf_get is defined in 'debug/sbuf.c' but not used anywhere.
remove the declaration in 'include/debug/sbuf.h' and keep the
definition in 'debug/sbuf.c' in case it will used later.
- sbuf_put and sbuf_share_setup is not used under RELEASE version.
remove the file 'release/sbuf.c'.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
serial PCI device is just used for HV/SOS output debug information;
because it is used in hypervisor layer, SOS should not touch it.
so need to check and hide it from SOS.
Tracked-On: #1923
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
this patch is the final one, it did some code clean up and move some definition
from vm0_boot.h to boot_context.h.
after this patch, the boot component include files:
arch/x86/boot/cpu_primary.S
arch/x86/boot/trampoline.S
arch/x86/boot/cpu_save_boot_ctx.S
arch/x86/boot/idt.S
boot/reloc.c
boot/include/reloc.h
include/arch/x86/boot/idt.h
include/arch/x86/boot/boot_context.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
this patch moves set_idt from header file to irq.c
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
this patch move functions for AP trampoline into trampoline.c from reloc.c
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
This patch fixes the following violations:
1. Implicit conversion: actual to formal param
2. Value is not of appropriate type
3. No cast for widening complex int expression
4. Widening cast on complex integer expression
5. Narrower int conversion without cast.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Now it's using the memory reserve by hypervisor. So there's not
necessaty to map or ummap this region from SOS.
Tracked-On: #1942
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
The previous would reserve memory for trusty in SOS kernel. Howerer,
there would no available 16 MB continue memory any more after a long time.
This result in allocating memory for trusty failed. This patch will reserve
memory for trusty in ACRN hypervisor in which case the memory allocation
for trusty will never fail.
Tracked-On: #1942
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Regarding SGX, guests could access CPUID.07H.EBX[2] before query CPUID
leaf 12H.
Intel SDM 36.7.2: "If CPUID.(EAX=07H, ECX=0H):EBX.SGX = 1, the processor
also supports querying CPUID with EAX=12H on Intel SGX resource capability
and configuration."
Clear CPUID.07H.ECX[30] SGX_LC to make the guest view consistent.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
`@return` is dedicated for brief description of return values, not for comments
stating actual return values. In addition, sphinx + breathe does not join
multiple adjacent `@return`. This results in multiple `Return` sections in the
generated document, which is confusing.
This patch replaces `@return` with `@retval` for the lists of return
values. Adjacent `@retval` can be joined into one list by breathe.
v1 -> v2:
* Replace return value descriptions like `negative` and `positive` with
expressions like `<0` and `>0` in `@retval`.
* Keep the list of `@retval` comprehensive, even when there is a `@return` to
generally describe what the return value means.
* Drop duplicated `@return` when it does not give more information than the
`@retval` list.
Tracked-On: #1595
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
It is preferred to state the absence of a return value explicitly in the
doxygen-stile comments. Currently there are different styles of doing this,
including:
@return None
@return NULL
@return void
@return N/A
This patch unifies the above with `@return None`.
Tracked-On: #1595
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
As SOS has already adapted to the new state transition of VHM requests for a
month, the old `valid` field can now be safely obsoleted.
This patch changes the `valid` field as reserved and drops all the code that
reads or modifies this field for backward compatibility. The embedded comments
are updated accordingly, following the doxygen style.
Tracked-On: #875
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
This patch just move files into reorg dir.
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
