There are some integer type conversions reported by static
analysis tool for vcpu id, number of created vcpus, and
vpid, to reduce these type conversions, redesign vcpu id,
number of created vcpus, and vpid type as uint16_t as per
their usage, related 16-bit atomic operations shall be
added in HV.
MISRA C requires that all unsigned constants should have the suffix 'U'
(e.g. 0xffU), but the assembler may not accept such C-style constants.
Add 16-bit atomic add/dec/store operations;
Update temporary variables type and parameters type of
related caller;
Update vpid type as uint16_t;
Replace Macro with constant value for CPU_PAGE_SIZE.
Note: According to SDM A.10, there are some bits defined
in the IA32_VMX_EPT_VPID_CAP MSR to support the INVVPID
instruction, these bits don't mean actual VPID, so
the vpid field in the data struct vmx_capability doesn't
be updated.
V1--V2:
update comments for assembly code as per coding style;
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
The relocation feature relies on the ld option "-z noreloc-overflow" which is
only available for binutils >= 2.27, while on Ubuntu 16.04 or older the default
version of binutils is 2.26.
This patch wraps the relocation code with a configurable macro and make it
undefined by default to avoid default build failures.
NOTE: This is just a hotfix. The code dropped with undefined CONFIG_RELOC needs
to be reviewed by the original author of this feature. Checks to the binutils
version will also follow up.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
- this patch is to prevent secure world(trusty) from
fetching instructin from normal world memory.
- copy valid PDPTEs from normal world EPT to secure
world EPT, and remove 'IA32E_EPT_X_BIT' attribute in
these entries.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- move all relocatoin code from cpu.c and cpu.h to reloc.c and reloc.h
- no any logic changes
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin fengwei <fengwei.yin@intel.com>
- UEFI: change __emalloc() function to allocate from any available memory
under 4G
- Define CONFIG_RAM_START to the lowest possible address 1M, making sure
HV can only be relocated to higher address
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin fengwei <fengwei.yin@intel.com>
Build and link hypervisor with "-pie" and remove static linking so that
it generates .rela sections for relocation
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin fengwei <fengwei.yin@intel.com>
- Trampoline code doesn't have the same relocation delta with HV,
Need to manually patch them when referenced from HV
- replace all references to CONFIG_RAM_START with the actual HV load
address
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
In cpu_primary.S
- Assign %rsp in cpu_primary_start_64(), so we can call _relocate()
before any references to the symbols that need to be patched
- Move lidtq instruction and the IDT fixup code after _relocate() call
- In code64 part, replace 'mov' with 'lea' for correct addressing
- No relocation is needed in code32 part
In trampoline.S:
- add trampoline_spinlock_ptr pointer, so we may be able to fixup
trampoline code in HV
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
In the current memory module, there are many constatn value
without U/UL suffix, it is reported as MISRA C violations by
static analysis tool.
Add 'U/UL' suffix for unsigned contant value in memory module
as needed.
Note:In the most case, CPU_PAGE_SIZE(0x1000) is used as
unsigned integer contant value, so CPU_PAGE_SIZE is defined
as unsigned integer contant value, and it is safety converted
into unsigned long type according to MISRA C standard.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
there is a bug for system hang on SBL bootloader after we enabled turbo mode.
so add tmp patch to disable turbo mode as the work-around.
after SBL fixed it, we revert this patch.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Check return value for the called functions in vmexit handler
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the data struct cpuinfo_x86, some field names have
prefix x86, others don't have prefix.
In order to unify names, update field names of struct
cpuinfo_x86 as per its usage purpose, remove prefix x86.
V1-->V2:
Resolve conflict in cpu.c by rebase command
V2-->V3:
Remove track-on id as per jack's comments
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The MMIO/PIO write APIs in io.h always take a uint32_t value but may uses it as
8, 16 or 32-bit integers. This patch converts the prototypes to align with their
functionality.
The pointer conversion and assignment are splitted to separate statements to
prevent static checkers from being confused about the underlying types.
v1 -> v2:
* Change the prototype of mmio-related functions, instead of keeping the
explicit conversions internal. The addresses are kept void* since in most
cases hva (in void*) is passed.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The assigment should be done outside while loop condition. To fix
it, one assigment initializaion and update statement of for loop
have been applied. The only while loop reminds to avoid very long
for loop expression.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
transfer num_vcpus,exp_num_vcpus to uint16_t.
transfer vm_hw_num_cores to uint16_t.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
To follow the Misra C standard, doing one assignment per line to
make code is clearly readable and reduces the confusion of its
intetion or typo.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
To be consistant with inline function mem_write, modifying the
mem_read* and using inline function instead.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
To follow the Misra-c standard, the assignment operation inside
function-like macro should be avoided. Replaced the violations
macro using inline function instead.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
inst_len with 0 length should be treated as invaild value. This patch move 0 length
check to the begainning of the function and return -EINVAL if inst_len == 0.
Tracked-On: ccm0001001-247210
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
There are unsinged constant values don't have 'U/UL' suffix
in the HV reported by static analysis tool.
Add 'U/UL' suffix for unsigned constant values as needed.
Tracked-on: ccm0001001-247033
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
There are some narrow integer conversion violations
in the HV reported by static analysis tools.
The narrow integer conversions are resolved by
following methods:
* Explicit type conversion as needed;
* Update suffix of constant value as 'U'
as needed.
cked-on: ccm0001001-247033
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
This patch cleans up the remaining integral-related violations in ioapic.c,
including
* integral narrowing, and
* explicit conversion between signed & unsigned integers.
Tracked-on: ccm0001001-247033
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently IOAPIC pins are represented using various types, including uint16_t,
int, uint8_t and uint32_t. This patch converts all pins to uint8_t since the
maximum number of interrupt input pins per IOAPIC is limited to 240. The special
value IOAPIC_INVALID_PIN is defined to indicate that a valid pin cannot be
found.
This type clean up also has the following impacts.
* The values in the ''legacy_irq_to_pin'' table are piggybacked with their
trigger mode. This patch splits them as the piggyback prevents us from
using a uint8_t[] for this table, and these two information are never used
at the same time.
* The ''offset'' parameter in ioapic_read_reg32 & ioapic_write_reg32 are
promoted to uint32_t to minimize explicit type conversions and keep
aligned with the type of formal parameters of mmio_(read|write)_long.
Tracked-on: ccm0001001-247033
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
According to C99 standard, -1 integer constant with 'U/UL'
suffix has no type.
To explicit the integer constant:
Update -1U or -1UL as ~0U or ~0UL, or invalid number according
to usage case.
V1-->V2:
Update parameter name and type of send_startup_ipi since
the second parameter is used as pcpu_id;
Update related comments for code clearity.
V2-->V3:
Update comments of struct acrn_irqline;
rename cpu_startup_dest as dest_pcpu_id in the second
parameter of send_startup_ipi.
Tracked-on: ccm0001001-247033
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
* introduce EXTRA_VERSION to replace RC_VERSION
* add daily tag into the version information
* unify the hypervisor and device model version
Signed-off-by: Jack Ren <jack.ren@intel.com>
To follow Misra-C standard, only one assignment is allowed in both
initialization and update statement.
Noncompliant example:
for (i = 0, a = arry[0]; ...; i++, a = arry[i]){...}
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
To follow the Misra-c standard, any operators should be done outside
the conditions. Removed the prefix, postfix and bitwise shift from
conditions.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
Extend struct trusty_boot_param to hold rpmb_key.
Copy rpmb_key from trusty_boot_param when initialize
trusty.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Zhu Bing <bing.zhu@intel.com>
Reviewed-by: Wang Kai <kai.z.wang@intel.com>
Use gpa2hpa() has potential hpa contiguous issue for structure
trusty_boot_param.
Fix it by using copy_from_gpa() instead.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Zhu Bing <bing.zhu@intel.com>
Reviewed-by: Wang Kai <kai.z.wang@intel.com>
According to MISRA C:2012, suffix 'U/UL' shall be for
unsigned const value, the member of enum variable should
not be used to compare with integer variable.
Add 'U/UL' for unsigned const value in the CPU module;
Use Macro insteading of enum feature_word since the member
of feature_word is used to compare with integer variable;
Use hex number insteading of Macro in the assembly code.
V1-->V2:
Update the suffix of some constant value as 'UL'
according to its'storage variable;
Split MACRO updates used in the assembly code
in other patch.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The 23:16 bits in the IOAPIC version register is the highest entry in the I/O
redirection table, which is 1 smaller than the number of interrupt input
pins. But currently we use these bits directly as the number of pins.
This patch abstracts the pin count calculation code and adds 1 to the max rte
entry number to get the right pin count.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
MISRA C requires that all unsigned constants should have
the suffix 'U/UL'(e.g. 0xffU), but the assembler may not
accept such C-style constants.
To work this around, all unsigned constants must be
explicitly spells out in assembly with a comment tracking
the original expression from which the magic number is
calculated.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
It will print error information inside memcpy_s if
the parameteter is invalid, the caller can not check
the return value for memcpy_s/strcpy_s/strncpy_s
code like this:
int a(void) {
return 0;
}
int b(void){
a();
}
fix as follow:
int a(void) {
return 0;
}
int b(void){
(void)a();
}
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
There are some implicit type conversion in the CPU module,
this voilates MISRA C:2012 required rules.
We walk through each functions of CPU module, update
some variable type and the return value type of
the function, and add 'U/UL' for related const value.
V1-->V2:
Rebase the branch, resolve some conflict.
V2-->V3:
Update commit info for V2.
V3-->V4:
Few updates for fixing error instroduced during
resolving conflict.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
IOAPIC pins always fit in 8-bit and we already use uint8_t for virt_pins. This
patch converts pins in vioapic to uint8_t.
This is based on Arindam's previous patch ("was: hv: Cleanup and optimise
vioapic.c"), with SOS boot failure resolved, format string updated, complex
arithmetic expression with implicit type conversion decoupled. Also make some
local variables representing interrupt vectors uint32_t.
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move the existing Trusty document to the doc/ folder (where
it belongs) and convert the text to ReST.
The Documentation/ folder under hypervisor/ is removed as all
documents should be put under doc/.
All technical information has been preserved or was already
available in other documents.
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
No need to check the return value for memset
code like this:
int a(void) {
return 0;
}
int b(void){
a();
}
fix as follow:
int a(void) {
return 0;
}
int b(void){
(void)a();
}
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Most of variables used when decoding instructions are unsigned bit-fields. This
patch adds the 'U' or 'UL' suffix to constants in unsigned context and changes
the type of arguments/local variables when necessary.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
The SEG_DESC_* macros are mostly used as branch conditions though they evaluates
to signed int. This patch simplies their definitions and drop the unnecessary
casts accordingly.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
This patch makes necessary integer narrowing and/or signedness conversion
explicit.
While some narrowing are expected behavior, the correctness of the others relies
on the specifications of some interfaces (e.g. the higher 32-bit of what
exec_vmread() returns is all 0s if the given field is 32-bit). Add a stub
for now to avoid missing them.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Translate the VIE_OP_* enum constants (which belong to an anonymous enum type)
to macros to ensure that they are always unsigned.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
CPL is represented by a plain int but calculated from shifts and bit-wise
operations. Convert it the uint8_t for consistency.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
get_vmcs_field() returns a VMCS field offset which is normally unsigned, but it
also returns negatives (-1 here) on invalid arguments. Following the convention
we use for vectors, pins, etc., use a special unsigned value to indicate such
errors.
v1 -> v2:
* Use a special value (VMX_INVALID_VMCS_FIELD) instead of a seperate output
parameter to indicate errors.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
The current register names in instr_emul are misleading since the register names
are not VM-specific. Rename VM_REG(_GUEST) to CPU_REG in both the hypervisor and
device model.
v1 -> v2:
* Introduced.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
The vm_reg_name is a good example of a collection of discrete values. This patch
replaces signed integers with this type whenever applicable to avoid dependence
on the underlying value of such enumeration constants.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Op_sizes are mostly from vie->opsize which is a 4-bit field in struct vie. Use
uint8_t instead of int to represent them.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
- rename 'cpu_set_logical_id()' to 'set_current_cpu_id()'
- rename 'cpu_find_logical_id()' to 'get_cpu_id_from_lapic_id()'
- some clean up in cpu.c & trampolines.s
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
In the hypervisor, some strings are assigned to non const
object, this violates MISRA C:2012.
Update the type of the object as const type since it always
points to string.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Once the specific interrupt is marked waiting for inject to
target vcpu, we don't need to mark it again if the same
interrupt is request to inject to same target vcpu.
One example is UP SOS + SMP UOS. It's possible that different
core of UOS try to notify SOS vcpu that there is ioreq pending.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are extra type conversion in the HV since logical_id
type is uint32_t and the input argument of bitmap operations
is uint16_t. BTW, the name of logical_id is not clear enough
to express its usage.
So the following updates are made in this patch:
Update logical_id type as unit_16 to reduce type casting;
Update related print argument;
Rename related logical_id as pcpu_id as needed.
Note: logical_id in the interrupt_init definition have been
updated in cpu_id cleanup patch.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
There are extra type conversion in the HV since cpu_id
type is uint32_t and the return value type of get_cpu_id
is uint16_t. BTW, the name of cpu_id is not clear enough
to express its usage.
So the following updates are made in this patch:
Update cpu_id type as unit_16 to reduce type casting;
Update related temporary variables type;
Update related print argument;
Change the input parameter name of interrupt_init as
cpu_id to keep align with function implement;
Rename cpu_id as pcpu_id as needed.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the hypervisor, virtual cpu id is defined as "int" or "uint32_t"
type in the hypervisor. So there are some sign conversion issues
about virtual cpu id (vcpu_id) reported by static analysis tool.
Sign conversion violates the rules of MISRA C:2012.
BTW, virtual cpu id has different names (vcpu_id, cpu_id, logical_id)
for different modules of HV, its type is defined as "int" or "uint32_t"
in the HV. cpu_id type and logical_id type clean up will be done in
other patchs.
V1-->V2:
More clean up the type of vcpu id;
"%hu" is for vcpu id in the print function.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
V2->V3:
a.change the uint64_t type numeric constant's suffix from U to UL
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
V2->V3:
a.change the uint64_t type numeric constant's suffix from U to UL
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C required signed/unsigned conversion with cast.
V1->V2:
a.split patch to patch series
V2->V3:
a.change the uint64_t type numeric constant's suffix from U to UL
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We pass retval to vmm_emulate_instruction and assign the return value to retval
at the same time. The retval will be passed to mmio_read/write finally as memarg
and the functions don't use the parameter actually. Apparently, we misused the
retval.
This patch fix it by passing 'NULL' to vmm_emulate_instruction.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Rename bit operation function fls as fls32, keep name
style with other bit operation function.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are some cases that we write to VMX_HOST_XXX regs but have debug message
like "pr_dbg("VMX_GUEST_XXX ...")".
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch represents TSC freqeuency in KHz using a 32-bit unsigned integer.
The conversion macros between ticks and us/ms are changed to inline functions to
enforce the types of the input parameters. Note that us_to_ticks accepts only
uint32_t (~4K us at most) and never overflows.
Results of some unit tests on the conversion functions:
calibrate_tsc, tsc_khz=1881600
64us -> ticks: 120422
64us -> ticks -> us: 63
511us -> ticks: 961497
511us -> ticks -> us: 510
1280000 ticks -> us: 680
1280000 ticks -> us -> ticks: 1279488
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ioapic reset function will be called when doing guest reset.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
If the vcpu->guest_msrs was allocated, don't allocate the memory
again to avoid memory leak when init_msr_emulation is called
more than once.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
vlapic reset should also zero apic_page and pir_desc if pir is
enabled.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
To reduce type conversion in HV:
Update return type of function ffs64 and ffz64 as uint16;
For ffs64, when the input is zero, INVALID_BIT_INDEX is returned;
Update temporary variable type and return value check of caller
when it call ffs64 or ffz64;
Note: In the allocate_mem, there is no return value checking for
calling ffz64, this will be updated latter.
V1-->V2:
INVALID_BIT_INDEX instead of INVALID_NUMBER
Coding style fixing;
INVALID_CPU_ID instead of INVALID_PCPU_ID or INVALID_VCPU_ID;
"%hu" is used to print vcpu id (uint16_t);
Add "U/UL" for constant value as needed.
V2-->V3:
ffs64 return INVALID_BIT_INDEX directly when
the input value is zero;
Remove excess "%hu" updates.
V3-->V4:
Clean up the comments of ffs64;
Add "U" for constant value as needed.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Change the return type of function fls64 and clz64 as uint16_t;
When the input is zero, INVALID_ID_INDEX is returned;
Update temporary variable type and return value check of caller
when it call fls64 or clz64;
When input value is zero, clz64 returns 64 directly.
V1-->V2:
INVALID_BIT_INDEX instead of INVALID_NUMBER;
Partly revert apicv_pending_intr udpates;
Add type conversion as needed;
Coding style fixing.
V2-->V3:
Correct type conversion;
fls64 return INVALID_BIT_INDEX directly when
the input value is zero.
V3-->V4:
No updates for this part in PATCH V4.
Note: For instruction "bsrq", destination register value
is undefined when source register value is zero.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Change the return type of function fls and clz as uint16_t;
When the input is zero, INVALID_BIT_INDEX is returned;
Update temporary variable type and return value check of caller
when it call fls or clz;
When input value is zero, clz returns 32 directly.
V1-->V2:
INVALID_BIT_INDEX instead of INVALID_NUMBER;
Add type conversion as needed;
Add "U/UL" for constant value as needed;
Codeing style fixing.
V2-->V3:
Use type conversion to remove side effect of
the variable which stores fls/clz return value;
fls return INVALID_BIT_INDEX directly when the
input value is zero.
V3-->v4:
Clean up comments for fls.
Note: For instruction "bsrl", destination register value
is undefined when source register value is zero.
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Function prepare_vm0_memmap_and_e820 and init_vm0_boot_info are specific for vm0.
There is no need to check is_vm0 again in those functions.
This patch remove the unnecssary checks.
v1 -> v2:
- Add pre-condition comment before the function as Junjie's suggestion.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are multiple helpers for collecting info to be printed on the ACRN uart
console. They are unreachable code in release builds in which the uart console
is removed.
To define a precise boundary for safety-related activities, this patch wraps the
declarations and definitions to these helpers with "#ifdef HV_DEBUG" so that
these unreachable APIs will be dropped in release builds.
v1 -> v2:
* Fix coding style: no empty lines between #ifdef and the wrapped code.
* Also drop get_rte_info() in ioapic.c, which is solely used by
get_ioapic_info().
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
With current code, the INIT-STARTUP IPI with EXCLUDING_SELF shorthand
cannot be handled.
This patch is to correct hypervisor to emulate IPI with different
delivery_mode & shorthand.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Similar to cr0/4:
- use context->vmx_ia32_pat to save/restore VMX_GUEST_IA32_PAT field
- use context->ia32_pat to keep track the guest' view of IA32_PAT MSR
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch makes use of IA32_PAT MSR to emulate cache disabled behaviour
When the guest is requesting to set CR0.CD:
- Keep guest's CR0.CD and CR0.NW bits unchanged
- Write IA32_PAT MSR with all-UC entries to change the effective memory
type for all GPA to UC for the guest VCPU
- It depends on trapping wrmsr to IA32_PAT to prevent any entry in
IA32_PAT being changed to non UC type by the guest
When the guest is requesting to clear CR0.CD:
- restore the content of guest's IA32_PAT MSR
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Preparing for emulating guest's CR0.CD and CR0.NW bits:
- Intercept both rdmsr and wrmsr for IA32_PAT
- Track guest's IA32_PAT MSR with vcpu.arch_vcpu.contexts.ia32_pat
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
enum cpu state is better than cpu state macro.
V1->V2:
move enum cpu_state under #ifndef ASSEMBLER MACRO to avoid
assembler compiler scan.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We define attr.name in struct vm and named as ("vm_%d", attr.id). attr.name only
be used in debug tool vm_list. It does't deserve to do so in OS created flow
(aka function create_vm). It's better to handle this in vm_list tool.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@inte.com>
struct map_params's member page_table_type is enum _page_table_type,
transferred it.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add a new parameter csar to get_guest_paging_info. We will save one exec_vmread
in this case.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There are two prefix (aka TRC and TRACE) for trace event. This patch make all
the trace event prefix consist with TRACE.
No functional change.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
operations
For reducing sign conversion in hypervisor:
Update parameters of bitmap operations as unsigned type;
Update the input of related caller as unsigned type when the
caller's input parameter is const variable or the variable is
only used by bitmap operations.
V1-->V2:
(1) Explicit casting for the first parameter
of all bitmap operations;
(2) Remove mask operation for explicit casting
of all bitmap operations, since masking is
useless. Otherwise, this trucation is dangerous.
V2-->V3:
(1) Explicit casting for all bitmap operations parameter;
(2) Masking bit offset with 6-bit;
(3) Add few comments about bit offset.
V3-->V4:
add '\' for some statement of bitmap macro
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The struct member types should be transfer to non-basic types,
chaned it to length-prefix(uint32_t,int32_t ...) type.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Constants represented in an unsigned type should have the 'U' suffix per MISRA C
requirements even for 0 to get rid of implicit signedness conversions which can
be confusing due to the implementation-defined integer formats.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
With pins being uint8_t, implicit narrowing conversions arises since unsigned
integer constants, irq IDs and general registers have type ''unsigned
int''. Make such conversions explicit.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
PIC pin IDs should be logically unsigned, while we currently use ''int'' to
represent them.
Following the convention we use unsigned IDs, this patch converts the
representation of pins to uint8_t. A special value VPIC_INVALID_PIN is
introduced to represent the case when a valid target pin cannot be
found (previously -1 is used for this case). The branch conditions are updated
accordingly, following the convention below.
(for ''pin''s representing a per-PIC pin)
if (pin != -1) -> if (pin < NR_VPIC_PINS_PER_CHIP)
if (pin == -1) -> if (pin >= NR_VPIC_PINS_PER_CHIP)
if (pin >= 0 && pin < 8) -> if (pin < NR_VPIC_PINS_PER_CHIP)
if (pin >= 0 && pin <= 7) -> if (pin < NR_VPIC_PINS_PER_CHIP)
if (pin >= 0) -> if (pin < NR_VPIC_PINS_PER_CHIP)
(for ''pin''s representing a pin in the vPIC with 2 cascading PICs)
if (pin >= 0 && pin <= 15) -> if (pin < NR_VPIC_PINS_TOTAL)
if (pin > 15) -> if (pin >= NR_VPIC_PINS_TOTAL)
Related local variables are also changed accordingly.
v1 -> v2:
* Rename the number of pins per PIC to NR_VPIC_PINS_PER_CHIP, and the number
of pins of 2 cascading PICs to NR_VPIC_PINS_TOTAL.
* Using "%hhu" instead of "%d" in format string when a pin is expected.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
According intel mannual and ACPI mannual,lapic_id length is 1 byte.
V1->V2:
Add U suffix to the numeric when do arithmetic operation on lapic.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch drops the duplicated definitions to ''true'' and ''false'' and
initializes boolean variables with boolean values instead of integers.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Port I/O handlers are expected to accept unsigned port address and width which
have type uint16_t and size_t accordingly. The internal handlers in vpic, on the
other hand, declares signed addresses and width in their prototypes. This patch
enforces unsignedness of addresses and widths in these handlers.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The number of initialization command word (ICW) and register contents are
logically unsigned and they have already been used in such way. This patch
changes the declaration of them so that the declarations, definitions and uses
are all aligned.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
