Using xml.etree.ElementTree to parse the untrusted data is known to
raise security issue. Replaced it using defusedxml.
Tracked-On: #6342
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
The subprocess module is needed for calling package from python script.
Add #nosec for subprocess module importing.
Tracked-On: #6342
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
ACRN used to prepare the vTPM2 ACPI Table for pre-launched VM at the build stage
using config tools. This is OK if the TPM2 ACPI Table never changes. However,
TPM2 ACPI Table may be changed in some conditions: change BIOS configuration or
update BIOS.
This patch do TPM2 fixup to update the vTPM2 ACPI Table and TPM2 MMIO resource
configuration according to the physical TPM2 ACPI Table.
Tracked-On: #6366
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Signed-off-by: Fei Li <fei1.li@intel.com>
Without this, the GUEST_FLAG_NVMX_ENABLED doesn't show up in the
drop-down list of "guest_flags" in the ACRN config GUI.
Tracked-On: #5923
Signed-off-by: Zide Chen <zide.chen@intel.com>
Refine get_pt_intx_table. The method parse the <pt_inx> of scenario and
append the pair of phys_gsi and virt_gsi if there is any.
Refine check_pt_intx. Add a condition that the method returns if the
phys_gsi and virt_gsi are empty dictionary.
Tracked-On: #6178
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
This patch introduces the XML schema `datachecks.xsd` which is the central
place to specify and check assumptions on board characteristics and
scenario settings. Each assumption is expressed as an XSD assertion with
annotation of error severity (e.g. info, warning or error) and detailed
descriptions.
At compile time, the board and scenario XMLs are combined (by putting the
children of the root node together) can checked against the
schema. Assertion failures are categorized according to the defined
severity. Currently only errors will block compilation by outputing the
descriptions of the violated assertions.
The objective of this patch is the introduce the framework to document,
manage and check assumptions. A better way to present assumption violations
to end users (either on the command line or in the configuration editor) is
out of the scope of this series and will be considered in the future.
Tracked-On: #5922
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Refine the "append_node" which can add new node with an attribute and
return the appended node.
The method "get_node" finds the xpath value and return it if there is an
unique node exists, otherwise it returns None.
It is used to get an xpath element node or can determine the xpath existence.
The "get_text" is replaced with "get_node". The only get_text in
hv_ram.py is modified accordingly.
Tracked-On: #5980
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
update HV_RAM_SIZE calculation algorithm to 20MB + VM number*
16MB, which consists of text segment rodata(2MB), bss data(about
1MB), bss.ppt_pages(2.4MB), bss.ctx_tables(6MB), bss.vm_array(
3.2MB), bss.ivshmem_base(2MB+1.8MB for alignment) and
bss.post_uos_sworld_memory(16MB*post-launched VM number).
Tracked-On: #5927
Signed-off-by: Shuang Zheng <shuang.zheng@intel.com>
Reviewed-by: Victor Sun <victor.sun@intel.com>
Try validate the scenario xml against schema if the config.xsd exsists.
Fix the regular expression pattern of IVSHMEM_REGION string validation.
Tracked-On: #5672
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
Remove vm_configs folder and move all the XML files and generic code example into config_tools/data
Tracked-On: #5644
Signed-off-by: Xie, nanlin <nanlin.xie@intel.com>
