- this patch is to enable SMEP in hypervisor, SMEP protects
guests' memory from supervisor-mode instruction fetches,
in other words, hypervisor which operating in supervisor
mode can't fetch instructions from (guests' memory)
linear addresses that are accessible in user mode.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
This reverts commit 3a3aeac09f.
MTRR has been emulated in hypervisor, then don't need this workaround
patch.
Signed-off-by: Fei Jiang <fei.jiang@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Move common stuff, like ptdev entry and softirq, to new ptdev.c
Signed-off-by: Edwin Zhai <edwin.zhai@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
... following the naming convention of Linux kbuild.
v1 -> v2:
* Introduced.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
This patch introduces a configuration symbol RELEASE for managing debug/release
build in a similar way to how we manage PLATFORM.
Note:
1. 'make defconfig RELEASE=1' will still use the CONFIG_RELEASE defined in the
default configuration. The 'RELEASE=1' option has no effect in this case.
2. 'make RELEASE=1' is backward-compatible and enforces a release version to be
built.
v1 -> v2:
* Pass RELEASE instead of CONFIG_RELEASE to silentoldconfig.py to avoid
unintended overriding of the value.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
Since .config has PLATFORM now, it is expected that the PLATFORM= command line
option is no longer necessary as long as a proper .config exists.
This patch implements this expectation. Now the platform to be selected is
determined by the following steps.
1. If PLATFORM= is provided on the command line, the specified value is
used.
2. If there is no PLATFORM= on the command line and PLATFORM is defined in
config.mk, its value is used.
3. If neither PLATFORM= on the command line nor config.mk is available, a
predefined default value is used.
v1 -> v2:
* 'make oldconfig' should not pass CONFIG_xxx to the script since config.mk
can be out-dated.
* Change the default value of PLATFORM to SBL for backward compatibility of
'make all'.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
This patch enables 'make menuconfig' leveraging the menuconfig.py in kconfiglib,
which shows a TUI for modifying the current configurations.
Menuconfig.py is python3 only, and thus the existence of 'python3' instead of
'python' is checked and python3 is used to run all the scripts.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
The current implementation of the check_dep_* macros always append the
prerequisite checking target to BUILD_DEPS, but there are some cases when some
prerequisites are only necessary for some specific targets instead of general
builds.
This patch adds a second parameter to the check_dep_* macros specifying which
variable the generated target should be appended to.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
Makefile takes all double quotes in variable definitions literally. Thus with
the following definition:
FOO := "a"
expanding FOO in a file path results the following (which is invalid):
SRC += a/b/${FOO}.c --> SRC += a/b/"a".c
To avoid such issues, this patch drops the double quotes at the beginning and
end of the definition of symbols with string type.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
Before checking any given target, make has an additional phase to check if any
included makefile should be updated. This patch enforces running oldconfig in
this phase to update .config and config.mk (if necessary). This ensures that
make gets the correct configurations when executing the given target.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Geoffroy VanCutsem <geoffroy.vancutsem@intel.com>
This change is to fix a guest vm hang issue at vm reset, especially easy to
be seen when it's a watchdog timeout reset.
vlapic_init create and init vlapic.vlapic_timer without deleting the
timer from cpu_times list, which breaks the list, results in a timer remains
with callback points to an invalid location.
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Yan, Like <like.yan@intel.com>
There are some __unused attached to variables. But, those variables
are used by the function actually.
This patch remove them. No functional change.
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Now, we only add native msr save/restore functions. The native power
related functions will be put to this file.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
These two functions will be called when ACRN enter/exit S3.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Yan Like <like.yan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
They will be called when acrn enter S3.
NOTE: it's only needed for native BSP because all APs are offline.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Current code is missing to handle the following race condition:
Before:
sti
|
V
handle softirq with
a while loop
| <----- if a new softirq generated at this point,
V it will be missed to be handled.
cli
|
V
return with unclear softirq bitmap
After:
again:
sti
|
V
handle softirq with
a while loop
|
V
cli
|
V
check if a new softirq generated, if yes,
jump back to above again lable point,
and do a while loop again.
|
V
return with clear softirq bitmap
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add a volatile declaration to pointer parameter to avoid compiler
to optimize it by using old value saved in register instead of
accessing system memory.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The hardcoded CPU Px Cx table should be read only, so set them to static
and const for safety.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Intel Atom A3950 SoC also can be used in Acrn, and it has same Cx data as
Atom A3960 SoC.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
The pm S state data is from host ACPI info and needed for S3/S5
implementation.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
On some occations HV operates relying on host acpi info, we can use a
c file to store this data. The data could be hardcoded or use offline
tool that run on target first and then generate the file automatically.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently irq and vector numbers are used inconsistently.
* Sometimes vector or irq ids is used in bit operations, indicating
that they should be unsigned (which is required by MISRA C).
* At the same time we use -1 to indicate an unknown irq (in
common_register_handler()) or unavailable irq (in
alloc_irq()). Also (irq < 0) or (vector < 0) are used for error
checking. These indicate that irq or vector ids should be signed.
This patch converts irq and vector numbers to unsigned 32-bit integers, and
replace the previous -1 with IRQ_INVALID or VECTOR_INVALID. The branch
conditions are updated accordingly.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Also update all the references that need the absolute HPA with the
actual load addresses
- Save the trampoline code address to trampline_start16_paddr
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
- For UEFI boot, allocate memory for trampoline code in ACRN EFI,
and pass the pointer to HV through efi_ctx
- Correct LOW_RAM_SIZE and LOW_RAM_START in Kconfig and bsp_cfg.h
- use trampline_start16_paddr instead of the hardcoded
CONFIG_LOW_RAM_START for initial guest GDT and page tables
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
in real mode part, add extra pointers for page tables and long jump buffer
so it's possible for HV code to patch the relocation offset
in long mode part, use absolute addressing when referring HV symbols,
and use relative addressing for symbols within trampoline code
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
emalloc_for_low_mem() is used if CONFIG_EFI_STUB is defined.
e820_alloc_low_memory() is used for other cases
In either case, the allocated memory will be marked with E820_TYPE_RESERVED
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
MTRR feature was added after commit bce7ed1715 ("HV: config:
add Kconfig and defconfigs"), so the generated config.h doesn't
include CONFIG_MTRR_ENABLED
Signed-off-by: Zide Chen <zide.chen@intel.com>
- vm_gva2gpa is same as gva2gpa, so replace it with gva2gpa directly.
- remove dead usage of vm_gva2gpa in emulate_movs.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
using copy_from_gva to refine function acrn_update_ucode
v2:
- inject #PF if copy_from_gva meet -EFAULT
- remove VCPU_RETAIN_RIP when inject #PF
- refine MACRO GET_DATA_SIZE
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
using copy_from_gva for shell function shell_vcpu_dumpreg &
shell_vcpu_dumpmem
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
using copy_from_gva to do dump_guest_stack & show_guest_call_trace
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
there is no need to use wrap function vm_restart_instruction, we
can use VCPU_RETAIN_RIP directly
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
use copy_from_gva in vie_init, if copy_from_gva meet -EFAULT, inject #PF.
And for decode_instruction, if return -EFAULT, the caller should keep return
path with successful status.
v2:
- remove vm_restart_instruction when inject #PF
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
there are data transfer between guest virtual space(GVA) & hv(HVA), for
example, guest rip fetching during instruction decoding.
GVA is address continuous, but its GPA could be only 4K page address
continuous, this patch adds copy_from_gva & copy_to_gva functions by
doing page walking of GVA to avoid address breaking during accessing GVA.
v2:
- modify API interface based on new gva2gpa function, err_code added
- combine similar code with inline function _copy_gpa
- change API name from vcopy_from/to_vm to copy_from/to_gva
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
V2->V3 modified the description
V1->V2 add __unused to handler_private_data
while misra c analyse callback function, it will dereference the pointer
plus an implicit getting address when extra parentheses with inner
star(example:(*foo)()). the first dereference should be removed.
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
reviewed-by: Li,Fei1 <fei1.li@intel.com>
reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
if error code not valid, do not vmwrite VMX_ENTRY_EXCEPTION_EC. In cancel_event_injection, the
inject_info.error_core is not assigned when error code not valid.
Signed-off-by: Chris Ye <chris.ye@intel.com>
This patch drops "#include <bsp_cfg.h>" and include the generated config.h in
CFLAGS for the configuration data.
Also make sure that all configuration data have the 'CONFIG_' prefix.
v4 -> v5:
* No changes.
v3 -> v4:
* Add '-include config.h' to hypervisor/bsp/uefi/efi/Makefile.
* Update comments mentioning bsp_cfg.h.
v2 -> v3:
* Include config.h on the command line instead of in any header or source to
avoid including config.h multiple times.
* Add config.h as an additional dependency for source compilation.
v1 -> v2:
* No changes.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
This patch implements the following targets as an includable .mk to the make
system of the hypervisor.
make defconfig PLATFORM=xx:
force (re)generating the default configuration for xx
make oldconfig PLATFORM=xx:
generate a configuration for platform xx based on .config if available
make minimalconfig
save a minimized .config to defconfig
The default target (make all) will generate a default configuration if no
.config is available.
The values defined in .config are available in the toplevel Makefile after
kconfig/kconfig.mk is included.
v4 -> v5:
* Add minimalconfig for generating default configs.
v3 -> v4:
* No changes.
v2 -> v3:
* "make defconfig" now correctly overwrite an existing .config.
* Add short descriptions on where each target is supposed to be used.
v1 -> v2:
* Add proper dependency checks in the Makefile of hypervisor.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
This patch converts the configuration entries (previously defined in
bsp/*/include/bsp/bsp_cfg.h) to a Kconfig script.
With the platform specified, the default values will be exactly those in the
corresponding bsp_cfg.h.
v4 -> v5:
* No changes.
v3 -> v4:
* No changes.
v2 -> v3:
* No changes.
v1 -> v2:
* No changes.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Now, trampline code is used by both AP start and BSP s3 resume.
For s3 resume, ACPI (5.2.10 Firmware ACPI Control Structure (FACS).
table 5-37) defines the real mode address should be set to:
realmode address = CS(waking_vec >> 4): IP(wakeing_vec & 0x000F)
But not all bootloader (like ABL) follow ACPI definition about the
CS:IP setup before jump to trampline code for S3 resume.
To handle all these cases, a long jmp is issued at very beginning
of trampline code to fixup the CS:IP setup. After the fixup, the
CS is set to: (waking_vect >> 4), the IP is set to: (the_address_
of_next_instruction_of_long_jmp & 0xF). Which is aligned with ACPI
definition.
Another thing is that we can't calculate the fixup CS and IP value.
The reason is related with limitations of real mode (can't get
current ip address without stack). So we calculate the CS and IP
when preparing the trampline code.
Signed-off-by: Zheng Gen <gen.zheng@intel.com>
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
