Fix the name of the Docker Container image that is used to build the kernel
for an RTVM (Preempt-RT kernel) when that image was built by the user
him/herself.
Tracked-On: #4322
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
* Add more details about Kata Containers and ACRN in the introduction
* Adjust and correct some of the instructions
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Add a little information (at least pointers) as to how one can change the VM
(Pre-launched, Service or User) boot options.
Tracked-On: #3758
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Update guidance to build ACRN from source,
as debug feature is disabled by default in Makefile.
'RELEASE' shall be 0 if debug feature is required.
Tracked-On: #4222
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Since commit 9e9e1f61, a new build dependency on the NUMA library has been
introduced. We therefore need to add the `devpkg-numactl` bundle to our
Dockerfile used to build the Clear Linux "ACRN builder" container image.
Tracked-On: #4175
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
It is found that 0xf6 test instruction is used to access MMIO in
Windows. This patch added emulation for 0xf6 test instruction.
Tracked-On: #4310
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Per ACPI 6.2 spec, chapter 5.2.5.2 "Finding the RSDP on UEFI Enabled Systems":
In Unified Extensible Firmware Interface (UEFI) enabled systems, a pointer to
the RSDP structure exists within the EFI System Table. The OS loader is provided
a pointer to the EFI System Table at invocation. The OS loader must retrieve the
pointer to the RSDP structure from the EFI System Table and convey the pointer
to OSPM, using an OS dependent data structure, as part of the hand off of
control from the OS loader to the OS.
So when ACRN boot from direct mode on a UEFI enabled system, hypervisor might
be failed to get rsdp by seaching rsdp in legacy EBDA or 0xe0000~0xfffff region,
but it still have chance to get rsdp by seaching it in e820 ACPI reclaimable
region with some edk2 based BIOS.
The patch will search rsdp from e820 ACPI reclaim region When failed to get
rsdp from legacy region.
Tracked-On: #4301
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Fei Li <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently kata vm is supported in SDC scenario by default, both vm1
and kata vm would share pcpu id 3 for vcpu affinity even when cpu
sharing is not enabled.
Remove pcpu id 3 from vm1 in SDC scenario config xmls.
Tracked-On: #4286
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
ACRN hypervisor should trap guest doing PCI AF FLR. Besides, it should save some states
before doing the FLR and restore them later, only BARs values for now.
This patch will trap guest Conventional PCI Advanced Features Control Register write
operation if the device supports Conventional PCI Advanced Features Capability and
check whether it wants to do device AF FLR. If it does, call pdev_do_flr to do the job.
Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
ACRN hypervisor should trap guest doing PCIe FLR. Besides, it should save some states
before doing the FLR and restore them later, only BARs values for now.
This patch will trap guest Device Capabilities Register write operation if the device
supports PCI Express Capability and check whether it wants to do device FLR. If it does,
call pdev_do_flr to do the job.
Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
In current code, XCR0 and XSS are not in default value during vcpu
launch, it will result in a warning in Linux:
WARNING: CPU: 0 PID: 0 at arch/x86/kernel/fpu/xstate.c:614
fpu__init_system_xstate+0x43a/0x878
For security reason, we set XCR0 and XSS with feature bitmap get from
CPUID, and run XRSTORS in context switch in. This make sure the XSAVE
area to be fully in initiate state.
But, before enter guest for the first time, XCR0 and XSS should be set to
default value, as the guest kernel assume it.
Tracked-On: #4278
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Add missed definition of 'logger_setting' into launch script.
Tracked-On: #3854
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
Previous launch config tool doesn't handle the situation that
'virtio-blk' is set with rootfs partition with rootfs image,
in such scenario, VM would be failed to start when launching
This patch refine the mount device while use rootfs partiton and image
from vritio block device.
Tracked-On: #4248
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
We don't use INIT signal notification method now. This patch
removes them.
Tracked-On: #3886
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
We have implemented a new notification method using NMI.
So replace the INIT notification method with the NMI one.
Then we can remove INIT notification related code later.
Tracked-On: #3886
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
There is a window where we may miss the current request in the
notification period when the work flow is as the following:
CPUx + + CPUr
| |
| +--+
| | | Handle pending req
| <--+
+--+ |
| | Set req flag |
<--+ |
+------------------>---+
| Send NMI | | Handle NMI
| <--+
| |
| |
| +--> vCPU enter
| |
+ +
So, this patch enables the NMI-window exiting to trigger the next vmexit
once there is no "virtual-NMI blocking" after vCPU enter into VMX non-root
mode. Then we can process the pending request on time.
Tracked-On: #3886
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
The NMI for notification should not be inject to guest. So,
this patch drops NMI injection request when we use NMI
to notify vCPUs. Meanwhile, ACRN doesn't support vNMI well
and there is no well-designed way to check if the NMI is
for notification or for guest now. So, we take all the NMIs as
notificaton NMI for hard rtvm temporarily. It means that the
hard rtvm will never receive NMI with this patch applied.
TODO: vNMI support is not ready yet. we will add it later.
Tracked-On: #3886
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
ACRN hypervisor needs to kick vCPU off VMX non-root mode to do some
operations in hypervisor, such as interrupt/exception injection, EPT
flush etc. For non lapic-pt vCPUs, we can use IPI to do so. But, it
doesn't work for lapic-pt vCPUs as the IPI will be injected to VMs
directly without vmexit.
Without the way to kick the vCPU off VMX non-root mode to handle pending
request on time, there may be fatal errors triggered.
1). Certain operation may not be carried out on time which may further
lead to fatal errors. Taking the EPT flush request as an example, once we
don't flush the EPT on time and the guest access the out-of-date EPT,
fatal error happens.
2). ACRN now will send an IPI with vector 0xF0 to target vCPU to kick the vCPU
off VMX non-root mode if it wants to do some operations on target vCPU.
However, this way doesn't work for lapic-pt vCPUs. The IPI will be delivered
to the guest directly without vmexit and the guest will receive a unexpected
interrupt. Consequently, if the guest can't handle this interrupt properly,
fatal error may happen.
The NMI can be used as the notification signal to kick the vCPU off VMX
non-root mode for lapic-pt vCPUs. So, this patch uses NMI as notification signal
to address the above issues for lapic-pt vCPUs.
Tracked-On: #3886
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
UOS would be failed to get ip address, add 'tap_' perfix for virtio-net
name setting.
Tracked-On: #4255
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
