To merge the multiboot bootargs within sbl_init_vm_boot_info(), buffer
overflow could happen when it doesn't provide correct 'dmax' argument
to strncpy_s().
Also, currently it doesn't check the availability of the dest buffer before
overwriting '\0' with a whitespace, which theoretically the dest string
could end up with no null terminator within it's array boundary.
This patch also creates a separate function to merge the cmdline strings,
because after the above fixes some lines in sbl_init_vm_boot_info()
function could have up to 7 tabs in front of the first character, which
looks messy and sbl_init_vm_boot_info() is getting too complicated.
Tracked-On: #2806
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
strncpy_s(d, dmax, s, slen): the 'dmax' includes the null terminator, while
slen doesn't. Thus if (dmax == slen == strlen(s)), strncpy_s() chooses to
discard the last character from s and instead write '\0' to d[dmax - 1].
strnlen_s(s, maxsize): if there is no terminating null character in the
first maxsize characters pointed to by s, strnlen_s() returns maxsize.
So in the following example or similar cases, we need to increase the size
of d[] by 1 to accommodate the null terminator, and add '1' to the dmax
argument to strncpy_s().
uint8_t d[MAX_LEN];
size = strnlen_s(s, MAX_LEN);
strncpy_s(d, MAX_LEN, s, size);
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
The init page tables installed in either cpu_primary.S or trampoline.S
are 1:1 mapping and won't be changed in the future.
The 'actual' hypervisor page table installed in enable_paging() is 1:1
mapping currently but it could be changed in the future. Both hva2hpa() and
hpa2hva() are implemented based on these page tables and can't be used
when the init page tables take effect.
This patch does the following cleanup:
- remove all hva2hpa()/hpa2hva() before calling enable_paging()
- get_hv_image_base() returns HVA, not HPA. So add hva2hpa() for all cases
that are called afte enable_paging().
Tracked-On: #2700
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
In order to remove the usage of hypervisor.h,
modularize the boot folder.
Current changes include modifications to remove
usage of acrn_vm structure pointer, from some of
the call, and remove calls to hypervisor.h,
as and when deemed fit.
Removed hva2gpa, as this was not used anywhere else
after the changes.
Tracked-On: #2694
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch mainly unifies init_vm_boot_info's implementation between SBL and
UEFI.
Tracked-On: #2708
Signed-off-by: Tw <wei.tan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch unifies the bsp interface between UEFI and SBL.
Tracked-On: #2708
Signed-off-by: Tw <wei.tan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch simplifies `get_primary_vcpu` and `vcpu_from_vid`.
The target_vcpu could be get from the index directly.
Tracked-On: #1842
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
get_dmar_info API is called from multiple functions in vtd.c. This patch
calls get_dmar_info once during init and uses the cached info during
runtime.
Tracked-On: #2657
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In terms of parsing multboot info, the differences between pre-launched VM
and SOS are minor:
- pre-launched VMs don't take bootargs from multiboot info.
- The kernel_load_addr is different between pre-launched VMs and SOS.
This patch removes the partition mode specific init_vm_boot_info(), and
handle SOS and pre-launched VMs differently in one single init_vm_boot_info().
Also, this makes ramdisk available for pre-launched VMs.
Tracked-On: #2587
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
bootargs_load_addr (GPA) and zero page which locates at one page follows it:
- SOS: currently it's fixed at 0x24EFC000. Theoretically, this address may
not exist if the system has small memory size.
- pre-launched VMs: currently it's at (vm_config->memory.size - 8KB).
It doesn't work if the guest has been assigned for more than 4GB memory
size, because zero page must be under 4GB.
- This patch reserves 8KB for bootargs_load_addr right before kernel_load_addr
for either SOS or pre-launched VMs.
ramdisk_load_addr (GPA):
- pre-launched VMs: currently it doesn't allow ramdisk.
- SOS: currently it's assigned at mods[].mm_mod_start. It's a bug because it
misses the hpa2gpa() conversion.
- This patch puts ramdisk_load_addr right after (kernel_load_addr + kernel_size),
which has 2 benefits:
- for pre-launched VMs, mods[].mm_mod_start may be out of its GPA range.
- it may be better to consolidate everything (bootarg, kernel, ramdisk) in
consecutive GPA, other than spread them out in different places.
Tracked-On: #2587
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Victor Sun <victor.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Due to ABL design change, it will reword the "dev_sec_info.param_addr="
to "ABL.svnseed" in command line.
Tracked-On: #2611
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Zhu Bing <bing.zhu@intel.com>
When a corresponding IOMMU is found for the device, this patch adds
support to program Interrupt Remapping hardware RTEs and the original
interrupt sources (MSI or IOAPIC) with IR format.
Tracked-On: #2426
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
IOAPIC info from DMAR table is needed to match the IOAPIC info from
MADT. This patch adds support to get id and bus, devfn for IOAPIC
from DMAR. IOAPIC info for SBL platform is hardcoded in the header
file.
Tracked-On: #2426
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
IOAPIC info, specifically ID, is needed to map the IOAPIC to
corresponding DMAR. DMAR table in ACPI has a field that has IOAPIC
ID, that matches the info provided in MADT. Both (IOAPIC info from
MADT and from DMAR) is needed for remapping IOAPIC interrupts.
Tracked-On: #2426
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
ASSERT could be used in some situations, such as, there are some pre-assumption
for some code, using ASSERT here for debug. It could not be used for detect error
when system booting where panic should be used.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ASSERT could be used in some situations, such as, there are some pre-assumption
for some code, using ASSERT here for debug. It could not be used for detect error
when system booting where panic should be used.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@inte.com>
move 'struct e820_entry' 'E820_TYPE_XXX' from mmu.h
to e820.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The patch is to fix MISRA violation in reloc.c by:
- remove multi-returns in relocate();
- remove non useful checking in relocate();
- add suffix U to macro definition
Tracked-On: #861
Signed-off-by: Chaohong guo <chaohong.guo@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. in UEFI bsp code, not need UEFI macro; it is controlled in makefile.
2. in vm/acpi/interrupt code, unify the API name for SBL & UEFI.
3. remove unnecessary header including and unused code.
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
-- add header file ld_sym.h in include/arch/x86/boot/
-- move 'ld_bss_start/end' from cpu.h to ld_sym.h,
avoid reverse dependency
-- move 'ld_text_end' from mmu.h to ld_sym.h
-- move 'ld_trampoline_load/start/end' to ld_sym.h
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The member of bootargs in acrn_vm_config will be replaced by
acrn_vm_os_config struct.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The member of mem_size and start_hpa in acrn_vm_config struct will
be replaced with the acrn_vm_mem_config struct;
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
For each vm_array[] item, its config is located in corresponding
index of vm_configs[], so vm_config pointer is not needed any more.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Under sharing mode, VM0 is identical with SOS VM. But the coupling of
SOS VM and VM 0 is not friendly for partition mode.
This patch is a pure term change of vm0 to sos VM, it does not change
any code logic or senmantic.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch is a pure term change of vm_description to vm_config,
the struct name of vm_description is changed to acrn_vm_config.
The patch does not change any code logic or senmantic.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. to avoid data type cast when using 'global_rsdp'
2. other minor fix
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
fix this violation "Value is not of appropriate type"
in get_kernel_load_addr()
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
1. add static for local functions and variables.
2. move vm_sw_loader from vcpu to vm
3. refine uefi.c to follow the code rules.
4. separate uefi.c for vm0 boot and bsp two parts. bsp layer just
access native HW related, can't access vm/vcpu, vm0 boot part can
access vm / vcpu data structure.
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
- rename biosacpi_search_rsdp() to found_rsdp();
- to make sure procedure has one exit point;
Tracked-On: #861
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move MACRO of R_X86_64_RELATIVE into #ifdef CONFIG_RELOC block;
Tracked-On: #861
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- to make sure procedure has one exit point;
- add NULL pointer check;
Tracked-On: #861
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- remove goto;
- make sure procedure has one exit point;
Tracked-On: #861
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- remark unused MACRO;
- remove goto;
- make sure procedure has one exit point;
Tracked-On: #861
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. move out vm related code from arch/pm.
2. remove unnecssary global variables.
3. keep the global variables as static, not used
by other modules directlly.
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Victor Sun <victor.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
With SMAP enabled, hypervisor can't access pages that
owned by guest(either SOS or UOS), and an override is
is provided: stac()/clac() to enable/disable access to
guest's memory pages.
Pre-conditon:
Mark hypervisor owned pages as supervisor mode (U/S = 0),
and set all othter memory pages as user mode (U/S = 1).
Tracked-On: #2056
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
They're some duplicated and strcpy_s is not safety as strncpy_s.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Huang, Yonghua <yonghua.huang@intel.com>
Identifier reuse may arise confusion. So should minimize the case of it
as much as possible. This patch is try to do this except the PCI related
module.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Implicit conversion may result in loss of information or undefined behaviour.
So make it with explicit conversion.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
This patch adds the necessary space before or after binary operator.
v1 -> v2:
* minor fix related to integer
[i - 1] ====> [i - 1U]
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
this patch move functions for AP trampoline into trampoline.c from reloc.c
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
This patch fixes the following violations:
1. Implicit conversion: actual to formal param
2. Value is not of appropriate type
3. No cast for widening complex int expression
4. Widening cast on complex integer expression
5. Narrower int conversion without cast.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
`@return` is dedicated for brief description of return values, not for comments
stating actual return values. In addition, sphinx + breathe does not join
multiple adjacent `@return`. This results in multiple `Return` sections in the
generated document, which is confusing.
This patch replaces `@return` with `@retval` for the lists of return
values. Adjacent `@retval` can be joined into one list by breathe.
v1 -> v2:
* Replace return value descriptions like `negative` and `positive` with
expressions like `<0` and `>0` in `@retval`.
* Keep the list of `@retval` comprehensive, even when there is a `@return` to
generally describe what the return value means.
* Drop duplicated `@return` when it does not give more information than the
`@retval` list.
Tracked-On: #1595
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
V1->V2:
change the probe_table return value to bool type
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Some data structure are only used under some condition. This patch move data
structure definition under its corresponding contion. Otherwise, it would
violate MISRA-C 413 S "User type declared but not used in code analysed".
For MACRO, it would violate MISRA-C 628 S "Macro not used in translation unit".
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
fix the following integer violations:
1. Signed/unsigned conversion without cast
2. Literal value requires a U suffix
3. Implicit conversion of underlying type
v3 -> v4:
* change the type of npk_loglevel/mem_loglevel/console_loglevel
from uint32_t to uint16_t
v2 -> v3:
* discard the return value of update_ept
* discard changes related to npk loglevel
v1 -> v2:
* remove the unnecessary changes related to the false positive
issues caused by scanning tool
* change the type of the local variable 'vlapic_id' from uint8_t
to uint32_t in function 'vlapic_build_id'
* change the type of the struct member 'flags' in shared_buf from
uint64_t to uint32_t
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
