This patch adds an option CONFIG_KEEP_IRQ_DISABLED to hv (default n) and
config-tool so that when this option is 'y', all interrupts in hv root
mode will be permanently disabled.
With this option to be 'y', all interrupts received in root mode will be
handled in external interrupt vmexit after next VM entry. The postpone
latency is negligible. This new configuration is a requirement from x86
TEE's secure/non-secure interrupt flow support. Many race conditions can be
avoided when keeping IRQ off.
v5:
Rename CONFIG_ACRN_KEEP_IRQ_DISABLED to CONFIG_KEEP_IRQ_DISABLED
v4:
Change CPU_IRQ_ENABLE/DISABLE to
CPU_IRQ_ENABLE_ON_CONFIG/DISABLE_ON_CONFIG and guard them using
CONFIG_ACRN_KEEP_IRQ_DISABLED
v3:
CONFIG_ACRN_DISABLE_INTERRUPT -> CONFIG_ACRN_KEEP_IRQ_DISABLED
Add more comment in commit message
Tracked-On: #6571
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. remove LOG_DESTINATION in the related python code, schema and
all existing scenario XML files.
2. for MEM_LOGLEVEL, NPK_LOGLEVEL and CONSOLE_LOGLEVEL,
update the loglevel range to [0, 5] from [0, 6].
Tracked-On: #6934
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
remove LOG_BUF_SIZE in the related python code, schema and
all existing scenario XML files.
Tracked-On: #6690
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
remove CONFIG_MAX_IR_ENTRIES the related python code, schema and
all existing scenario XML files since PR #6809 have changed it.
Tracked-On: #6745
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
remove LOW_RAM_SIZE in the related python code, schema and
all existing scenario XMLs because PR #6791 have removed it.
Tracked-On: #6805
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Add a configuration to support companion VM.
Tracked-On: #6571
Signed-off-by: Jie Deng <jie.deng@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
1. remove CONFIG_KATA_VM, CONFIG_MAX_KATA_VM_NUM and KATA_VM
related code.
2. remove KATA_VM in scenario xml files.
3. remove KATA vm type in UI.
4. remove UUID DB.
5. remove uuid in the launch script generation logic.
6. use vmname to identify a vm. (eg: <name>ACRN_SOS_VM</name>)
add the check logic to ensure vm name is a must-set item, not duplicated,
and the string length is [1-15] and the whitespace is not allowed.
7. enlarge the max VM num to 32.
Tracked-On: #6685
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Set hv features L1D_VMENTRY_ENABLED, MCE_ON_PSC_DISABLED and PTM
default value to 'y' in schema.
Tracked-On: #6793
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
The config of MAX_EFI_MMAP_ENTRIES has been removed in hypervisor, so remove
this config in config_tools;
Tracked-On: #6442
Signed-off-by: Victor Sun <victor.sun@intel.com>
1. remove hvlog parameter in bootargs for all platforms.
2. update HV_RAM_START default address from 2MB to 4MB.
3. add the check that the HV_RAM_START value should be larger
than or equal to 2MB and 2MB aligned.
Tracked-On: #6663
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Rename SOS_VM type to SERVICE_VM
rename UOS to User VM in XML description
rename uos_thread_pid to user_vm_thread_pid
rename devname_uos to devname_user_vm
rename uosid to user_vmid
rename UOS_ACK to USER_VM_ACK
rename SOS_VM_CONFIG_CPU_AFFINITY to SERVICE_VM_CONFIG_CPU_AFFINITY
rename SOS_COM to SERVICE_VM_COM
rename SOS_UART1_VALID_NUM" to SERVICE_VM_UART1_VALID_NUM
rename SOS_BOOTARGS_DIFF to SERVICE_VM_BOOTARGS_DIFF
rename uos to user_vm in launch script and xml
Tracked-On: #6744
Signed-off-by: Liu Long <long.liu@linux.intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Add the VCAT_ENABLED element to RDTType so that user can enable/disable vCAT globally
Add the GUEST_FLAG_VCAT_ENABLED guest flag to enable/disable vCAT per-VM.
Currently we have the following per-VM clos element in scenario file for RDT use:
<clos>
<vcpu_clos>0</vcpu_clos>
<vcpu_clos>0</vcpu_clos>
</clos>
When the GUEST_FLAG_VCAT_ENABLED guest flag is not specified, clos is for RDT use,
vcpu_clos is per-CPU and it configures each CPU in VMs to a desired CLOS ID.
When the GUEST_FLAG_VCAT_ENABLED guest flag is specified, vCAT is enabled for this VM,
clos is for vCAT use, vcpu_clos is not per-CPU anymore in this case, just a list of
physical CLOSIDs (minimum 2) that are assigned to VMs for vCAT use. Each vcpu_clos
will be mapped to a virtual CLOSID, the first vcpu_clos is mapped to virtual CLOSID
0 and the second is mapped to virtual CLOSID 1, etc
Add xs:assert to prevent any problems with invalid configuration data for vCAT:
If any GUEST_FLAG_VCAT_ENABLED guest flag is specified, both RDT_ENABLED and VCAT_ENABLED
must be 'y'
If VCAT_ENABLED is 'y', RDT_ENABLED must be 'y' and CDP_ENABLED must be 'n'
For a vCAT VM, vcpu_clos cannot be set to CLOSID 0, CLOSID 0 is reserved to be used by hypervisor
For a vCAT VM, number of clos/vcpu_clos elements must be greater than 1
For a vCAT VM, each clos/vcpu_clos must be less than L2/L3 COS_MAX
For a vCAT VM, its clos/vcpu_clos elements cannot contain duplicate values
There should not be any CLOS IDs overlap between a vCAT VM and any other VMs
Tracked-On: #5917
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. remove HV_RAM_SIZE and CONFIG_HV_RAM_SIZE in the related python
code, schema and all existing scenario XMLs because PR 6664 has
changed it in HV side.
2. set HV_RAM_START default value to 2M.
Tracked-On: #6663
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Remove the restriction that SERIAL_CONSOLE needs to be ttys0, ttys1,
ttys2 or ttys3.
1. Lossen the restriction in xsd.
2. Rewrite the document.
3. Refine the intx.py. Refine the logic which take effect if the <irq>
is specified in "SOS_COM#_IRQ" for SOS VM's legacy vuart 0.
Tracked-On: #6610
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
Expand the capacity of legacy vuarts per VM. This change is applied to
manual scenario xml editing only.
A SOS VM can choose io port 0x3F8, 0x2F8, 0x3E8, 0x2E8 by selecting
SOS_COM1_BASE, SOS_COM2_BASE, SOS_COM3_BASE, SOS_COM4_BASE respectively.
Non SOS VM can choose io port 0x3F8, 0x2F8, 0x3E8, 0x2E8 by selecting
COM1_BASE, COM2_BASE, COM3_BASE, COM4_BASE respectively.
For any type of VM, selecting "CONFIG_COM_BASE" allows configuration tool
to pick an available io port from hardcoded list:
['0xA000', '0xA010', '0xA020', '0xA030', '0xA040', '0xA050', '0xA060', '0xA070']
A SOS VM can choose irq 4 by selecting SOS_COM1_IRQ and SOS_COM3_IRQ, and choose irq 3 by selecting SOS_COM2_IRQ and SOS_COM4_IRQ.
Non SOS VM can choose irq 4 by selecting COM1_IRQ and COM3_IRQ, and choose irq 3 by selecting COM2_IRQ and COM4_IRQ.
For SOS VM, selecting "CONFIG_COM_IRQ" allows configuration tool
to pick an available irq based on AVAILABLE_IRQ_INFO. For non SOS VM, it
will allocate an available irq from [1, 15].
Tracked-On: #6652
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
This patch adds a new priority based scheduler to support
vCPU scheduling based on their pre-configured priorities.
A vCPU can be running only if there is no higher priority
vCPU running on the same pCPU.
Tracked-On: #6571
Signed-off-by: Jie Deng <jie.deng@intel.com>
It is used to specify the maximum number of EFI memmap entries.
On some platforms, like Tiger Lake, the number of EFI memmap entries
becomes 268 when the BIOS settings are changed.
The current value of MAX_EFI_MMAP_ENTRIES (256) defined in hypervisor
is not big enough to cover such cases.
As the number of EFI memmap entries depends on the platforms and the
BIOS settings, this patch introduces a new entry MAX_EFI_MMAP_ENTRIES
in configurations so that it can be adjusted for different cases.
Tracked-On: #6442
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
This patch refines the configuration data description so that it is
consistent with the current implementation of the configuration tools.
Tracked-On: #6377
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Add SECURITY_VM_FIXUP config for Security VM whether it needs to do fixup
for TPM2 and SMBIOS
Tracked-On: #6320
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Signed-off-by: Fei Li <fei1.li@intel.com>
1. Update the necessary libraries to consistent with the "Build ACRN From Source"
document in the "Getting Started Guide" document.
2. Delete the related introduction with acrngt.conf and launch_uos_id1.sh files in
"Getting Started Guide" document.
3. Update WHL-IPC-I7 board's processor in Supported HW document.
4. Add cpu_affinity element's description in ACRN Configuration Data.
5. Update the description for shm_region in Launch XML format.
6. Update configurable/readonly attributes values.
7. Update the description for hv.CAPACITIES.MAX_MSIX_TABLE_NUM in schema/config.xsd.
Tracked-On: #5692
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Configure PTM in post-launched VM using <PTM> element. If the //vm/PTM
sets to 'y', pci_dev.c.xsl appends the virtual root port to
corresponding struct acrn_vm_pci_dev_config of that VM. Currently it
supports only post-launched VMs.
Configure enable_ptm for dm argument. If a uos/enable_ptm with uos id
= 'vm_id 'sets to 'y' and the vm/PTM with the same vm_id sets to 'y',
append an "enable_ptm" flag to the end of passthrough ethernet devices.
Currently there is only ethernet card can support the "enable_ptm"flag.
For the schema validation, the <PTM> can only be ['y', 'n'].
For the launched script validation, the <enable_ptm> can only be ['y',
'n']. If the <enable_ptm> sets to 'y' but the corresponding <PTM> sets
to 'n', the launch script will fail to generate.
Tracked-On: #6054
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
'psram' and 'PSRAM' are legacy names and replaced
with 'ssram' and 'SSRAM' respectively.
Tracked-On: #6012
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Shuang Zheng <shuang.zheng@intel.com>
- SOS does not allow LAPIC passthru unless nested virtualization is
enabled on SOS.
- Currently nested virtualization requires LAPIC passthru, so if
GUEST_FLAG_VMX_ENABLED is set, GUEST_FLAG_LAPIC_PASSTHROUGH must be
set in same VM.
- Per VM GUEST_FLAG_VMX_ENABLED can be set only if CONFIG_VMX_ENABLED
is set.
Tracked-On: #5923
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
NVMX_ENABLED: ACRN is built to support nested virtualization if set.
GUEST_FLAG_NVMX_ENABLED: indicates that the VMX capability can be present
in this guest to run nested VMs.
Tracked-On: #5923
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove UOS_RAM_SIZE and SOS_RAM_SIZE in scenario config since these
two config elements are useless.
Tracked-On: #5927
Signed-off-by: Shuang Zheng <shuang.zheng@intel.com>
Reviewed-by: Victor Sun <victor.sun@intel.com>
Add the capability to disable or enable #AC for Split-locked Access
through <scenario>.xmls. This was implemented through Kconfig. Move this
configuration from Kconfig to xmls.
Tracked-On: #5798
Signed-off-by: Yang,Yu-chu <yu-chu.yang@intel.com>
Some terms in the config option docs (Integer, Boolean) are being
flagged by one of our spell checking tools. Let's make it happy.
Tracked-On: #5692
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Start cleaning up formatting and content layout issues in the
xsd-derived configuration option documentation. Includes adding
documentation for unnamed embedded simple types within an element (and
updates to the XSLT transformation to display these), cleanup of element
and type documentation, typos and description clarity.
Improved xsdl translation to automatically include default values and if
an option is optional (instead of manually documenting this in the
description text).
Tracked-On: #5692
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
This patch introduces a schema (in XSD 1.1) for the scenario XML of ACRN
hypervisor for validation and documentation.
An XML schema defines the expected layout and value ranges of an XML
document. It allows a concise way to define our expectation on the
information in a scenario XML, including:
* structure of elements
* number of occurrences of elements with the same tags
* element data types and default values
* element descriptions
* any further properties such as readonly and configurable
Multiple XSD-based validators are available in the open source
community. A Python-based apporach will be introduced in a later patch and
integrated into the build system to ensure the integrity of the scenario
XML before we process it further.
A reference of the configuration data will be generated from the
<xs:documentation> blocks. Format for <xs:documentation> blocks will
properly output multiple text lines so features such as lists can be
used. All multi-line content must be left-aligned unless indentation is
specifically required by rst syntax. The trailing </xs:documentation> tag
should be on the same line as the last text line. For example:
<xs:simpleType name="SchedulerType">
<xs:annotation>
<xs:documentation>Three scheduler options are supported:
- ``SCHED_NOOP``: The NOOP (No-Operation) scheduler means there is a
strict 1 to 1 mapping between vCPUs and pCPUs.
- ``SCHED_IORR``: The IORR (IO sensitive Round Robin) scheduler supports
multipule vCPUs running on on one pCPU, scheduled by
a IO sensitive round robin policy.
``SCHED_BVT``: The BVT (Borrowed Virtual time) scheduler is a virtual
time based
scheduling algorithm, it dispatchs the runnable thread with the
earliest effective virtual time. *TODO: BVT scheduler will be built on
top of a prioritized scheduling mechanism, i.e. higher priority threads
get scheduled first, and same priority tasks are scheduled per BVT.*
Read more about the available scheduling options in
:ref:`cpu_sharing`.</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:enumeration value="SCHED_NOOP" />
<xs:enumeration value="SCHED_IORR" />
<xs:enumeration value="SCHED_BVT" />
</xs:restriction>
</xs:simpleType>
Tracked-On: #5672
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
