'mevent_lmutex' is initialized as default type,
while attempting to recursively lock on this
kind of mutext results in undefined behaviour.
Recursively lock on 'mevent_lmutex' can be detected
in mevent thread when user tries to trigger system
reset from user VM, in this case, user VM reboot hang.
The backtrace for this issue:
#1 in mevent_qlock () at core/mevent.c:93
#2 in mevent_delete_even at core/mevent.c:357
===>Recursively LOCK
#3 in mevent_delete_close at core/mevent.c:387
#4 in acrn_timer_deinit at core/timer.c:106
#5 in virtio_reset_dev at hw/pci/virtio/virtio.c:171
#6 in virtio_console_reset at
hw/pci/virtio/virtio_console.c:196
#7 in virtio_console_destroy at
hw/pci/virtio/virtio_console.c:1015
#8 in virtio_console_teardown_backend at
hw/pci/virtio/virtio_console.c:1042
#9 in mevent_drain_del_list () at
core/mevent.c:348 ===> 1st LOCK
#10 in mevent_dispatch () at core/mevent.c:472
#11 in main at core/main.c:1110
So the root cause is:
mevent_mutex lock is recursively locked by mevent thread
itself (#9 for this first lock and #2 for recursively lock),
which is not allowed for mutex with default attribute.
This patch changes the mutex type of 'mevent_lmutex'
from default to "PTHREAD_MUTEX_RECURSIVE", because
recrusively lock shall be allowed as user of mevent
may call mevent functions (where mutex lock maybe required)
in teardown callbacks.
Tracked-On: #7133
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
The current code does not always check the return value of function
ioctl called in ACRN userspace, and lack of error message printing
to help debug.
This code fixes it by checking the return value of ioctl, and adding
function errormsg to return a string describing of the error code.
Tracked-On: #7029
Signed-off-by: Wen Qian <qian.wen@intel.com>
Signed-off-by: Li Fei <fei1.li@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Libvirt or kata container needs to send some commands
(such as VM destory command) to the DM instance of User VM
through command monitor socket, they will specify the socket
path and pass this path name to DM instance through DM parameter.
In this patch, add new DM parameter (cmd_monitor) to get socket
path from libvirt or kata container. If cmd_monitor is specified,
it initialize and deinitialize command monitor in DM main loop.
v2-->v3:
Include command monitor initialization and deinitialization.
Tracked-On: #5921
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
This monitor module is to initialize socket intance, register
handlers to handle command from socket message, close socket,
free socket instance:
init_cmd_monitor: initialize socket intance and register handlers
to handle command.
deinit_cmd_monitor: close socket and free socket instance.
In this patch DM makefile is updated to build command monitor.
v1--v2:
Update socket path and update log message format.
Parse JSON format command message using libcjson lib APIs.
v2-->v3:
Use socket path length MACRO.
Update JSON format command message to {"command": "xxx"}.
Tracked-On: #5921
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The command handler is to implement handlers for each command,
currently, two handler is implemented for command monitor:
user_vm_destroy_handler: the handler is for user VM destroy command,
which shuts down to standard post-launched user VM forcefully.
user_vm_blkrescan_handler: the handler is for user VM blkrescan
command, which rescan virtio-blk device to revalidate and update
the backend file for user VM.
v1--v2:
Update log message format.
Generate JSON format ack message using libcjson lib APIs.
v2-->v3:
Update ACK message to {"ack": 0} or {"ack": -1}
Tracked-On: #5921
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The command module provides interfaces to find a command
intance, register handler for specified command, dispatch
command and invoke related handler.
find_command: find a command instance by name.
register_command_handler: register the handler for one
command instance.
dispatch_command_handlers: dispatch the command and invoke
registered handler.
v1-->v2:
Only support single handler for one command instance.
v2-->v3:
Remove command id.
Add error check to avoid regiter handler to command
instance which has handler.
Update the second parameter type of register_command_handler
to avoid unnecessary type conversion.
Tracked-On: #5921
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The socket module is to provide interfaces below, the unix domain
socket can be created by command monitor for the communication
between DM instance and libvirt daemon or kata container:
init_socket: allocate a new socket instance according to socket path
deinit_socket: free a socket instance
open_socket: open one unix domain socket server, initialize a
socket, create one thread to listen to client, another thread to
poll message from client.
close_socket: close one unix domain socket server
find_socket_client: find socket client instance according to fd
write_socket_char: send message through unix domain socket server
v1--v2:
Update some log message format and copyright format.
v2-->v3:
Update SOCKET_MAX_CLIENT to 1H since the socket instance of
command monitor only have one client (libvirt or kata container).
Tracked-On: #5921
Signed-off-by: Xiangyang Wu <xiangyang.wu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Enable `lapic_pt` automatically for rtvm for better performance.
Reserve `--lapic_pt` for future use. If VM is not in realtime mode,
`--lapic_pt` will cause a warning.
Tracked-On: #6690
Signed-off-by: Yuanyuan Zhao <yuanyuan.zhao@linux.intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
This API depends on GET_PLATFORM_INFO ioctl command,
which will not be supported from ACRN HSM anymore.
This patch removes the definition of it and
also cleans related data structure.
Tracked-On: #6690
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Cpu affinty was set by pcpu id which can't be obtained
explictly by user. Use lapic id instead which can be easily
read from `/proc/cpuinfo` as `apicid`.
Tracked-On: #6690
Signed-off-by: Yuanyuan Zhao <yuanyuan.zhao@linux.intel.com>
Acked-by: Wang Yu1 <yu1.wang@intel.com>
The GET_PLATFORM_INFO will be removed from hypervisor. The acrn-dm can
only refer to Service VM's resources from now, all the resources out of
Service VM are not awared by acrn-dm. The original info got from
GET_PLATFORM_INFO needs to changed to Service VM's perspective like lapic id.
The pcpu_id is the index of lapic instance in MADT table. This patch
parses the Service VM's MADT table to convert the pcpu_id to lapic_id instead
of GET_PLATFORM_INFO.
Tracked-On: #6690
Signed-off-by: Yuanyuan Zhao <yuanyuan.zhao@linux.intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
fix bug: if PTM-CAP device, like TSN in multi-hostbridge could cause
acrn-dm crash.
original PTM PCI code has not handled multi-hostbridge case, and just
handled hostbridge (00:00.0) case.
this patch calls PCI access API to handle PTM-CAP device/bridge
(root port) structure, to avoid scan PCI hierarchical.
Tracked-On: #7045
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Reviewed-by: Fei Li <fei1.li@intel.com>
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
As a parameter of acrn-dm,the mac_seed is only used for virtio-net.
So this patch change it to the sub-parameter of virtio-net.
Tracked-On: #6690
Acked-by: Yu1 Wang <yu1.wang@intel.com>
Signed-off-by: Chenli Wei <chenli.wei@linux.intel.com>
Rename '--virtio_msix' to '--virtio_msi' for this param
means 'force virtio to use singel-vector MSI'.
`-W` is the short version of `--virtio_msi`. But it's
confusing that `-W` and `--virtio_msi` are irrelevant literally.
So remove the short version `W` to prompt user friendliness.
Tracked-On: #6690
Signed-off-by: Yuanyuan Zhao <yuanyuan.zhao@linux.intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Dynamic parameter '-A' means to generate acpi table in dm.
Few scenario use dm without '-A'. So remove it, and always
generate apci table automatically.
Tracked-On: #6690
Signed-off-by: Yuanyuan Zhao <yuanyuan.zhao@linux.intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Hook ssram init && de-init functions to vdev
devices lifecycle management:
1) initialize ssram when vdev devices
are initialized.
2) de-initialize ssram when vdev devices
are reset or destroyed.
notes:
ssram configuration data can be released only when
user VM shutdown, hence it can't be done in deinit_vssram().
- VM reboot:
do deinit_vssram() only.
- VM shutdown:
do both deinit_vssram() and clean_vssram_config().
Tracked-On: #7010
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Wang Yu1 <yu1.wang@intel.com>
1) With this patch, '--ssram' option is updated to enable
vSSRAM feature support for ACRN user VMs.
'--ssram' argument of Device Model shall follow below format:
--ssram {Ln,vcpu=vcpu_set,size=nK|M;}
example:
--ssram L2,vcpu=0,1,size=4K;L2,vcpu=2,3,size=1M;L3,vcpu=all,size=2M
2) define data structure and variable
to store the configuration data for later processing.
3) add new API to cleanup configuration data when VM shutdown.
Tracked-On: #7010
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Wang Yu1 <yu1.wang@intel.com>
virtual RTCT will be created on TCC driver interface, instead of
pass-through native RTCT to ACRN user VMs.
this patch removes dependency on native RTCT table:
- rename build_vrtct() function to init_ssram()
and minor changes inside.
- drop function create_and_inject_vrtct()
- add one API to get virtual RTCT table.
- rename variable 'pt_rtct' to 'ssram'
Tracked-On: #7010
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Wang Yu1 <yu1.wang@intel.com>
Rename them to unify the coding style or for simplification
purpose, also remove redundant function declearations
in pci_core.h header file.
v4 update:
SSRAM* -> VSSRAM*
ssram* -> vssram*
Tracked-On: #7010
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Wang Yu1 <yu1.wang@intel.com>
guest ssram will be virtualized based on tcc driver interface,
instead of pass-thru native rtct, rename its source files to
avoid confusing:
- rename:
rtct.c -> vssram.c
rtct.h -> vssram.h
- move rtct.c from platform/acpci/ to platform/
- new directory 'vssram' to hold vssram source files.
Tracked-On: #7010
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Wang Yu1 <yu1.wang@intel.com>
The following parameters have not used by new design:
1. --vsbl <vsbl_file_path>
2. --part_info <part_info_name>
3. -G, --gvtargs <GVT_args>
4. -s <slot>,pci-gvt
5. -Y, --mptgen
6. -s <slot>,virtio-hdcp
7. -s <slot>,npk
8. -s <slot>,virtio-coreu
9. -i, --ioc_node <ioc_mediator_parameters>
10. --pm_by_vuart [pty|tty],<node_path>
11. --pm_notify_channel <channel>
This patch remove these parameters from usage and comment in code to
explain they are all obsoleted now.
Tracked-On: #6690
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Signed-off-by: Chenli Wei <chenli.wei@linux.intel.com>
fix memory leakage issue in function 'acrn_parse_cpu_affinity()',
memory pointed by 'cp' is not released before function return.
Tracked-On: #6919
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
If a file descriptor being monitored by epoll_wait is closed
in another thread, the result is unspecified. So add all mevents
removed in other threads to delete list. And drain the list in
the dispatch mevent thread.
Tracked-On: #6877
Signed-off-by: Yuanyuan Zhao <yuanyuan.zhao@linux.intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The UUID has several usages before:
1, For HV to identify the static VM configuration of post-launched VM.
2, Seed virtualization.
3, Slightly prevent launching malicous VM from SOS as lack of secure
boot.
The UUID is confused to user, user don't understand what it is. And user
don't know where to get/apply the UUID. The worst experience is user
can't launch any VMs w/o re-compile the hv. Everything needs to be
static decided in building phase.
Now we decide to remove UUID and split each usage. For 1st usage, use
vmname as the identifier of static VM configuration. For 2nd one, we
will use --vseed as the new parameter. For 3rd one, will pretect by
SOS's dm-verity.
This patch will remove the UUID parameter and support 1st&3rd usages
from DM part. For 2nd usage, another patch will be submitted later.
Tracked-On: #6685
Signed-off-by: Yuanyuan Zhao <yuanyuan.zhao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Rename uos_rpmb_size to user_vm_rpmb_size.
rename get_uos_count to get_user_vm_count.
rename get_uos_id to get_user_vmid.
rename uos_id to user_vmid.
Tracked-On: #6744
Signed-off-by: Liu Long <long.liu@linux.intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Rename SOS_VM_NUM to SERVICE_VM_NUM.
rename SOS_SOCKET_PORT to SERVICE_VM_SOCKET_PORT.
rename PROCESS_RUN_IN_SOS to PROCESS_RUN_IN_SERVICE_VM.
rename PCI_DEV_TYPE_SOSEMUL to PCI_DEV_TYPE_SERVICE_VM_EMUL.
rename SHUTDOWN_REQ_FROM_SOS to SHUTDOWN_REQ_FROM_SERVICE_VM.
rename PROCESS_RUN_IN_SOS to PROCESS_RUN_IN_SERVICE_VM.
rename SHUTDOWN_REQ_FROM_UOS to SHUTDOWN_REQ_FROM_USER_VM.
rename UOS_SOCKET_PORT to USER_VM_SOCKET_PORT.
rename SOS_CONSOLE to SERVICE_VM_OS_CONSOLE.
rename SOS_LCS_SOCK to SERVICE_VM_LCS_SOCK.
rename SOS_VM_BOOTARGS to SERVICE_VM_OS_BOOTARGS.
rename SOS_ROOTFS to SERVICE_VM_ROOTFS.
rename SOS_IDLE to SERVICE_VM_IDLE.
rename SEVERITY_SOS to SEVERITY_SERVICE_VM.
rename SOS_VM_UUID to SERVICE_VM_UUID.
rename SOS_REQ to SERVICE_VM_REQ.
rename RTCT_NATIVE_FILE_PATH_IN_SOS to RTCT_NATIVE_FILE_PATH_IN_SERVICE_VM.
rename CBC_REQ_T_UOS_ACTIVE to CBC_REQ_T_USER_VM_ACTIVE.
rename CBC_REQ_T_UOS_INACTIVE to CBC_REQ_T_USER_VM_INACTIV.
rename uos_active to user_vm_active.
Tracked-On: #6744
Signed-off-by: Liu Long <long.liu@linux.intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
This patch refines the ACPI device passthrough framework by defining a
generic framework. Note that when user gives an HID by "--acpidev_pt
<HID>", the pt logic will go through all registered ops to see if
there's a match.
v4 -> v5:
parse_pt_acpidev/parse_pt_mmiodev -> create_pt_acpidev/create_pt_mmiodev
(there were already "init_xxx" function present, so rename to
create_xxx)
"super user" -> "superuser"
multiple API renames
Tracked-On: #6686
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
When a platform reboots or shuts down, the contents of RAM are not immediately
lost but begins to decay. During this period, there is a short timeframe during
which an attacker can turn the platform back on to boot into a program that
dumps the contents of memory (e.g., cold boot attacks). Encryption keys and
other secrets can be easily compromised through this method.
We already erasing the guest memory data when the guest is shut down normally.
However, if the guest is shut down abnormally, the contents of RAM may still
there. This patch mitigate this kind reset attack for a DM launched VM by
erasing the guest memory data by the guest has been created.
Tracked-On: #6061
Signed-off-by: Li Fei1 <fei1.li@intel.com>
vm_config size can be calced by platform_info.sw.max_vms *
platform_info.sw.vm_config_size.
Change vm_get_config() to call IOCTL ACRN_IOCTL_GET_PLATFORM_INFO
twice, first to get platform_info, second to get the vm_configs
content.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
IC_ADD_HV_VDEV -> ACRN_IOCTL_CREATE_VDEV
IC_REMOVE_HV_VDEV -> ACRN_IOCTL_DESTROY_VDEV
struct acrn_emul_dev -> struct acrn_vdev
Also, move struct acrn_vdev to acrn_common.h as this structure is used
by both DM and HV.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
IC_ASSIGN_MMIODEV -> ACRN_IOCTL_ASSIGN_MMIODEV
IC_DEASSIGN_MMIODEV -> ACRN_IOCTL_DEASSIGN_MMIODEV
struct acrn_mmiodev has slight change. Move struct acrn_mmiodev into
acrn_common.h because it is used by both DM and HV.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
IC_ASSIGN_PCIDEV -> ACRN_IOCTL_ASSIGN_PCIDEV
IC_DEASSIGN_PCIDEV -> ACRN_IOCTL_DEASSIGN_PCIDEV
QUIRK_PTDEV -> ACRN_PTDEV_QUIRK_ASSIGN
struct acrn_assign_pcidev -> struct acrn_pcidev
Move struct acrn_pcidev into acrn_common.h because it is used by both
DM and HV.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Negative return value of vm_create_ioreq_client is invalid. 0 is valid.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
vmm.h has some unused definitions.
Keep the useful definitions and delete vmm.h
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The hypervisor creates vCPUs for a User VM in VM creation interface. The
vm_create_vcpu() interface is not needed anymore.
Remove vm_create_vcpu() from acrn-dm.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Interface version is not recommended in Linux kernel community. Please
check Documentation/driver-api/ioctl.rst for reasons.
Remove the unused API version check from acrn-dm.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
return value 'err' of mmio_rb_lookup() being 0 ensures
'entry' is not NULL, hence checking it before 'free(entry)'
is unnecessary.
Tracked-On: #6157
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Two utility functions are copied and adapted from hyerpervisor:
ffs64
bitmap_clear_nolock
Two public functions are provided for future use (such as for RTCTv2)
pcpuid_from_vcpuid
lapicid_from_pcpuid
Tracked-On: #6020
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
This allows users to retrieve and use the requested platform_info information from hypervisor
Tracked-On: #6020
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Only free rb_entry when we remove this entry from the rb tree, otherwise, a
page fault would trigger when next rb itreation would access the freed rb_entry.
Tracked-On: #6056
Signed-off-by: Li Fei1 <fei1.li@intel.com>
A user can use "--pm_notify_channel uart,allow_trigger_s5" to indicate
the User VM is allowed to trigger system S5.
"--pm_notify_channel uart" means a vuart channel will be created in the
User VM to allow communication with the VM's life_mngr. The Service VM
can then initiate S5 in the guest via its dm's monitor interface. The
additional option, "allow_trigger_s5", will create a socket connection
with the Service VM's life_mngr, allowing this VM to initiate system S5.
v1 -> v2:
- rename pm_notify_channel type to PWR_EVENT_NOTIFY_UART_TRIG_PLAT_S5
Tracked-On: #6034
Signed-off-by: Peter Fang <peter.fang@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
