int snprintf(char *str, size_t size, const char *format, ...)
The functions snprintf() write at most size bytes (including the
terminating null byte('\0')) to str.
only when returned value of snprintf is non-negative and less than size,
the string has been completely written.
Tracked-On: #4109
Signed-off-by: Gao Junhao <junhao.gao@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
In function crb_reg_write() in tpm_rbc.c
'tpm_vdev->request_mutex' will potentially kept
in locked state after crb_reg_write() returns.
Tracked-On: #4108
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Yadong Qi <yadong.qi@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
In acrn_load_elf(), file pointer 'fp' is kept in
open state before exiting if 'load_elf32()' is executed,
this patch is to fix this bug.
Tracked-On: #4107
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
DIR handler is referenced after release, need to be adjusted before
released.
Tracked-On: #4106
Signed-off-by: Gao Junhao <junhao.gao@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
When removing node in list, list_foreach_safe will be safer than
LIST_FOREACH.
Tracked-On: #4104
Signed-off-by: Junhao Gao <junhao.gao@intel.com>
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
this patch is to fix error debug message
for invalid 'param' case, there is no string
variable for '%s' output, which will potenially
trigger hypervisor crash as it may access random
memroy address and trigger SMAP violation.
Tracked-On: #4114
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
checking the inputs explicitly instead of using Assert.
Tracked-On: #3991
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
TSC would be reset to 0 when enter suspend state on some platform.
This will fail the secure timer checking in secure world because
secure world leverage the TSC as source of secure timer which should
be increased monotonously.
This patch save/restore TSC in host suspend/resume path to guarantee
the mono increasing TSC.
Note: There should no timer setup before TSC resumed.
Tracked-On: #3698
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In release environment, binary files must be stripped in
order to remove debugging code sections and symbol information
that aid attackers in the process of disassembly and reverse
engineering.
Use '-s' linking option to remove symbol table and relocation
information from release binaries.
Tracked-On: #3433
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
'pcpu_id' should be less than CONFIG_MAX_PCPU_NUM,
else 'per_cpu_data' will overflow. This commit fixes
this potential overflow issue.
Tracked-On: #3407
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
va_end() was not getting called under certain condition
after the va_start() function call taking the va_list.
Tracked-On: #3406
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
va_end() was not getting called under certain condition
after the va_start() function call taking the va_list
Tracked-On: #3406
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Gang Chen <gang.c.chen@intel.com>
This patch is to fix some potential memory leak issues
1, free mrp if the mmio_rb_lookup() function return 0;
2, free memory allocated by strdup in some error case handling.
Tracked-On: #3333
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
When the IO/MMIO acccess on Android guest causes the trap to hypervisor,
it will be blocked until the ioreq emulation is completed.
In order to get the better performance, it will be better that the ioreq
emulation can be completed ASAP. As it is handled in SOS kernel, the
corresponding thread priority will be raised.
Tracked-On:#3242
Signed-off-by: Liu, Shuo <shuo.liu@intel.com>
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Map SIGINT(2) to watchdog reset.
NOTE:
We required guest to do a full reset after detect the recent last
reset type is watchdog. This is used to resume the passthru devices
in UOS.
Tracked-On: #3103
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
The old logic to process control transfer failure is not complete, this
patch is used to fix this issue.
Tracked-On: #2824
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
On some platforms, the VBus will drop after suspending is done, hence
a disconnect and re-connect for device connected before suspending will
be triggered in DM. But during the stress test, when the free memory is
limited to very low level, and put huge workload to SOS, under certain
possibility, the DM will receive re-connect event first and disconnect
event later, this behavior will result of failing to emulate USB device
to UOS.
The reason is due to a timing issue from libusb. Before we could upstream
fixing patch to libusb or find some other better solution, this workaround
patch will be used to avoid errors happen.
Tracked-On: #2823
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
When disable slot cmd is received by device model, the operation
should be: release the pci_xhci_dev_emu variable first, and signal
xhci_vbdp_thread to wakeup later. Tho old implementation is not
right, this patch is used to fix it.
Tracked-On: #2823
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Applying realtime scheduler to vcpu0 thread could trigger
stability issue. So revert it here.
Tracked-On: #2717
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
When run 'acrnctl add', acrnctl dryruns launch script to get
vmname. Acrnctl assumes there are no more than 64 words in each
line of the script, and creates a buffer to hold 64 pointers to these
words. But we didn't check if the number of words exceed 64 limitation,
which can lead to buffer overflow. This commit fixed this potential
overflow problem.
And also refine some confusing error messages in 'acrnctl add'
Tracked-On: #2734
Acked-by: Yan Like <like.yan@intel.com>
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Dynamic memory stored in 'net' allocated through function 'calloc'
should be freed correspondingly when return fail.
Tracked-On: #2704
Signed-off-by: Jie Deng <jie.deng@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Should not set hci_address to zero during USB reset.
Tracked-On: #2633
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
String function of strlen()/vsnprintf() shuould be replaced.
This patch remove the strlen(). And vsnprintf() replaced by vasprintf().
Tracked-On: #2687
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Yin Fengwei <fengwei.yin@intel.com>
This patch refined the pmu passthru irq handling, which will re-enable
the PMC interrupt in the vlapic handler. So that can avoid some
interrupt storm situation happens.
This patch can fix the remaining Android perf CTS failure.
Tracked-On: #2598
Signed-off-by: Min He <min.he@intel.com>
For multiple guest os and particular audio features support domain id
and name is required.
Tracked-On: #2652
reviewed-by: Yu Wang <yu1.wang@intel.com>
reviewed-by: Yakui zhao <yakui.zhao@intel.com>
reviewed-by: Binbin Wu <binbin.wu@intel.com>
Signed-off-by: Marcin Pietraszko <marcin.pietraszko@intel.com>
This reverts commit 5df9cbe36a.
As DISCARD support will cause kernel hung in stability test of warm
reset, so not enable this feature in launch script.
Tracked-On: #2633
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Retrieve the encrypted attestation Keybox from CSE
and provision it to RPMB storage.
Tracked-On: #2625
Signed-off-by: Huang Yang <yang.huang@intel.com>
Signed-off-by: Wei Xinghai <xinghaix.wei@intel.com>
Signed-off-by: Chen Gang <gang.g.chen@intel.com>
Acked-by: Zhu Bing <bing.zhu@intel.com>
Without memory barrier, the change of used ring index could not
immediately detected by FE, this would bring some problems.
For virtio-blk FE driver, when it receives an interrupt, and confirms the
used ring index has changed, it will first set ring flags with
VRING_AVAIL_F_NO_INTERRUPT, then get buffer from virtqueue, after
process this request, it will mask VRING_AVAIL_F_NO_INTERRUPT, and get
used ring index again before return. If used ring changes, it will
process it. At the same time, BE will read this flags before each notify,
if VRING_AVAIL_F_NO_INTERRUPT was set, BE will not inject interrupt.
Without memory barrier, before FE mask VRING_AVAIL_F_NO_INTERRUPT, BE
has finished notify without interrupt, then FE mask
VRING_AVAIL_F_NO_INTERRUPT, and get used ring index but failed (index
has changed from BE side). FE will return from interrupt handler
function, and wait for next interrupt which was not injected by BE. Thus,
this will cause kernel hung.
Tracked-On: #2628
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
This patch added a option to control profiling on/off, by default,
profiling is on, so that VTune can be used to capture perf data from
SOS.
When running: make PROFILING=0, it will disable profiling and pmu will
be pass-thru and perf tools can be run directly inside UOS.
Signed-off-by: Min He <min.he@intel.com>
