This patch fixes the MISRA-C violations in arch/x86/vmcs.c.
* make the function have only one exit point
v1 -> v2:
* update 'is_cr0_write_valid' and 'is_cr4_write_valid'
use `if ... else` rather than check 'ret' value
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch fixes the MISRA-C violations in arch/x86/vmcs.c
and arch/x86/vmx.c.
* add the required 'const' for pointer param if the object
pointed by the pointer is not modified
* remove the unnecessary cast on pointer
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch fixes the MISRA-C violations in arch/x86/vmcs.c.
* add local variable if the input parameter passed by value
is changed in function definition
* move the variable declaration inside function scope if
this variable is only used in one function
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch fixes the MISRA-C violations in arch/x86/vmcs.c.
* add the missing space before or after binary operator
* add the required brackets for logical conjunctions
* remove the redefined MACROs
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We have used the option --ffreestanding to assert hypervisor
is a freestanding environment, and hypervisor does not include
standard library.
"-Wformat/-Wformat-security"
Check calls to the standard library functions printf and scanf, etc.,
to make sure that the arguments supplied have types appropriate to
the format string specified, and that the conversions specified in
the format string make sense. these flags disabled by -ffreestanding
or -fno-builtin.
Tracked-On: #1122
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
MIRSA-C requires the const qualifier should be applied to pointer parameters
that address data not subject to change in rule 120D.
Tracked-On #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. move out vm related code from arch/pm.
2. remove unnecssary global variables.
3. keep the global variables as static, not used
by other modules directlly.
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Victor Sun <victor.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
78D: Global variable should be declared const.
Global variables should be declared constant wherever possible to
avoid unintentional modification.
27D: Variable should be declared static
pci_ops_vdev_msi is not accessed by other files. Remove the declaration
from the header and define it with the static qualifier; Because it's
referenced by populate_msi_struct(), so move the define statements forward.
33D: No real declaration for external variable
certain variables are available in sharing mode or partition mode only,
so that the declarations in header files must be enclosed with
CONFIG_PARTITION_MODE
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
-- fix MISRA-C violation "procedure has more than one exit point"
for this api
-- change start_vm to void type since it is always return 0
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1) Variable names shall start with a lower-case letter.
2) Multiplication and division come before addition and subtraction.
Everything else should be in parentheses.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
No one uses it and it's some duplicated with strchr.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
add get_ibrs_type API to get ibrs type.
this patch fix Misra C violation:
filename:/hypervisor/arch/x86/security.c function:None offset:19:
reason:Variable should be declared static. : ibrs_type
Tracked-On: #861
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
there are still some security related funcs in cpu_caps.c & cpu.c,
move them out into security.c.
Changes to be committed:
modified: Makefile
modified: arch/x86/cpu.c
modified: arch/x86/cpu_caps.c
modified: arch/x86/guest/vcpu.c
new file: arch/x86/security.c
modified: arch/x86/trusty.c
modified: arch/x86/vmx_asm.S
modified: include/arch/x86/cpu.h
modified: include/arch/x86/cpu_caps.h
modified: include/arch/x86/per_cpu.h
new file: include/arch/x86/security.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
deinfe rule like below:
- must support TPR shadow and apicv access
- based on above, check apicv register support
- based on above, check virtual interrupt delivery and post
interrupt support
Changes to be committed:
modified: arch/x86/cpu_caps.c
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
- we should not use print function before tsc setup
- is_ept_supported is internal API
- add is_apicv_supported to check apicv feature
- rename some functions to verb+obj format or better name
Changes to be committed:
modified: arch/x86/cpu.c
modified: arch/x86/cpu_caps.c
modified: include/arch/x86/cpu_caps.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
has_monitor_cap is more suitable name
v2:
- rename to has_monitor_cap
Changes to be committed:
modified: arch/x86/cpu.c
modified: arch/x86/cpu_caps.c
modified: include/arch/x86/cpu_caps.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
in cpu_caps.c, the vmx_caps & cpu_caps can be combined.
Changes to be committed:
modified: arch/x86/cpu_caps.c
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move cpu caps related functions like capability init/detect/check
in cpu.c & mmu.c into a new file cpu_caps.c
Changes to be committed:
modified: developer-guides/hld/hv-memmgt.rst
modified: ../hypervisor/Makefile
modified: ../hypervisor/arch/x86/cpu.c
new file: ../hypervisor/arch/x86/cpu_caps.c
modified: ../hypervisor/arch/x86/mmu.c
modified: ../hypervisor/arch/x86/vmx_asm.S
modified: ../hypervisor/include/arch/x86/cpu.h
new file: ../hypervisor/include/arch/x86/cpu_caps.h
modified: ../hypervisor/include/arch/x86/guest/vm.h
modified: ../hypervisor/include/arch/x86/mmu.h
modified: ../hypervisor/include/arch/x86/vmcs.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- 'buffer'with size of 'buffer_cnt', will overflow in
next loop if 'index == buffer_cnt - 1'.
Tracked-On: #1252
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C requires Function must have only 1 return entry.
Fixed it by use "if ... else ..." format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Fix violation "procedure has more than one exit point"
for this api.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Use enhanced rep fast-string operation to refine memcpy_s.
And assume that the destination and the source would not overlap.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
For security, this patch add one flag per vm and disable snoop control
for sos and enable snoop control for uos by default.
v2: add one flag in vm, not in iommu domain.
v3: add vm null check
Tracked-On: #2086
Signed-off-by: Zhipeng Gong <zhipeng.gong@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
13X: Identifier reuse: tag vs component.
A tag name shall be a unique identifier
Change the following names:
struct msi --> struct pci_msi
struct msix --> struct pci_msix
struct vpci --> struct acrn_vpci
union cfgdata -> union pci_cfgdata
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
vmx.c should only take care host vmx operations, which should not
contain vcpu reference, so refine vmx on/off APIs, move out use
of vcpu by adding one per cpu vmcs_run pointer.
as now each pcpu only run on one vcpu, so just keep running vmcs
in per cpu vmcs_run pointer is enough.
Changes to be committed:
modified: arch/x86/cpu.c
modified: arch/x86/init.c
modified: arch/x86/pm.c
modified: arch/x86/vmcs.c
modified: arch/x86/vmx.c
modified: include/arch/x86/per_cpu.h
modified: include/arch/x86/vmx.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove no need included header files and macro definitions
Changes to be committed:
modified: arch/x86/vmcs.c
modified: include/arch/x86/vmcs.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
one part is pure vmx operations which keeps in vmx.c
the other part is vmcs operations which is vcpu related, move them
into vmcs.c
Changes to be committed:
modified: Makefile
copied: arch/x86/vmx.c -> arch/x86/vmcs.c
modified: arch/x86/vmx.c
modified: arch/x86/vmx_asm.S
modified: include/arch/x86/hv_arch.h
new file: include/arch/x86/vmcs.h
modified: include/arch/x86/vmx.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
The bit mask for an out instruction is only applied to hv inout
handlers.
Apply the bit mask to dm inout handlers as well.
Tracked-On: #2075
Signed-off-by: Peter Fang <peter.fang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
By switching AP wakeup from broadcast to one by one, we could
set correct stack for each AP and drop the temp stack used during
AP boot.
Tracked-On: #2034
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
there is no need to clear CR4.TSD as there is no user mode
in ACRN hypervisor.
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
now UP2 board use ttyS1 as debug uart in HV, and vuart ttyS0 in
SOS kernel (acrn.conf default configure), its default IRQ is 4,
but SOS kernel will also assign IRQ4 to its ttyS1, they're sharing
one IRQ, and it can cause SOS boot hung issue, for HV not support
sharing IRQ now.
some boards use ttyS0 as debug uart, it has not this issue; for that
board, SOS will assign IRQ5 to its ttyS1, no sharing IRQ.
change it to IRQ6 to avoid the issue.
Tracked-On: #2030
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
36D Prototype and definition name mismatch
pci_scan_bus() and sharing_mode_find_vdev() wrong parameter in prototype.
14D Attempt to change parameter passed by value.
vmsix_table_rw() uses function parameter as local viarable.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
106D No prototype for non-static function.
2 functions missing prototyle declarations in header file.
120S Use of bit operator on signed type.
123S Use of underlying enum representation value.
enum values are treated like unsigned integer in vmsr.c
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
With SMAP enabled, hypervisor can't access pages that
owned by guest(either SOS or UOS), and an override is
is provided: stac()/clac() to enable/disable access to
guest's memory pages.
Pre-conditon:
Mark hypervisor owned pages as supervisor mode (U/S = 0),
and set all othter memory pages as user mode (U/S = 1).
Tracked-On: #2056
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
MTRR emulation belongs to virtual CPU component.
- rename mtrr.c to vmtrr.c and move it to arch/x86/guest
- rename mtrr.h to vmtrr.h and move it to include/arch/x86/guest
Tracked-On: #1842
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Intercept IA32_TSC_ADJUST MSR so that writing IA32_TSC_ADJUST from the
guests won't impact the TSC in root mode or potentially other vCPUs in
the same pCPU.
- MSR TSC_ADJUST needs to be isolated between normal and secure world,
so it's included in NUM_WORLD_MSRS.
- Upon writing to either IA32_TSC_ADJUST or IA32_TSC from the guests,
don't write to physical MSRS so it won't impact the host side, but
update the TSC offset VM-execution control.
- don't need to intercept rdmsr for IA32_TIME_STAMP_COUNTER.
- add the missing statement in save_world_ctx() to save the tsc_offset
during world switch.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
hypervisor initilization component triggered by boot component,
and it calls different components initilization functions from
the highest layer.
this patch added init.c and move reorged cpu init functions into
it, keep hardware management functions in cpu.c but move other
components' init function into init.c.
the hypervisor initilization components will call:
- init_cpu_pre
- init_cpu_post
- init_bsp
- init_debug_pre
- init_debug_post
- init_guest
- init_passthru
- enter_guest_mode
the hypervisor initilization component include files:
arch/x86/init.c
include/arch/x86/init.h
this component is higest layer, so there is no reverse dependencies for it.
v2:
- separate into 2 patches, 1 for reorg, 1 for pure move.
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
reorg both init functions, separate the initilization of different
components.
v2:
- separate into 2 patches, 1 for reorg, 1 for pure move.
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Xu, Anthony <anthony.xu@intel.com>
This patch fixes incorrect vm_id captured when sampling PMU data. Currently,
the vm_id gets attributed to ACRN hypervisor, rather than actual guest vm_id.
The issue is identified that the existing code captures the guest vm info
after vmexit_hander function is completed, in which the profiling module
points its context to VMM. When the vmexit happens by PMI, the guest context
should be captured so that the attribution to proper guest vm can happen.
This change will also allow to capture more accurate TSC when vmexit happens.
Tracked-On: #2043
Signed-off-by: Min Lim <min.yeol.lim@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Fix procedure has more than one exit point
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Huang, Yonghua <yonghua.huang@intel.com>
They're some duplicated and strcpy_s is not safety as strncpy_s.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Huang, Yonghua <yonghua.huang@intel.com>
functions like set_vcpuid_entries & guest_cpuid should only
server for virtual cpuid, so move such kind of functions
to guest/vcpuid.c.
and all native cpuid APIs will keep in cpuid.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Combination of BOARD and FIRMWARE is a more precious definition.
And we decide PLATFORM_XXX based on FIRMWARE, remove relative one in
board config.
We reserve PLATFORM for backward compatibility.
Tracked-On: #1995
Signed-off-by: Tw <wei.tan@intel.com>
Reviewed-by: Yin Fengwei < fengwei.yin@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
- enable NX feature in hypervisor:
1. Set 'XD' bit for all pages, including pages for guests
when initialize MMU tables in hypervisor.
2. remove 'XD' bit for pages that contain hypervisor instructions.
3. enable MSR EFER.NXE,which will enable page access restriction by
preventing instruction fetches form pages with XD bit set.
- remove "-Wl -z noexecstack" GCC flag option in hypervisor
Makefile as it would not affect stack attribute in hyervisor,
which setup stack itself, instead of by loader.
Tracked-On: #1122
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. change its APIs as more indepentent, and modify the callers' code
2. limit its global variables as static, and return const to the callers
3. remove unused code in "CONFIG_CMA"
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. e820 is modulized as separated files.
2. move boot_regs into multiboot.h as it's related with
multiboot info header
Tracked-On: #1842
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
based on previous patch, we can move idt.S and idt.h out of boot component
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
we will not enable interrupt until interrupt_init, so we can defer idt
fixup and lidt to interrupt_init.
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
we are not using ldt, so just init fs & gs with 0x10 which lead to
data segement descriptor in gdt.
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently there are two fields in ext_context to emulate IA32_PAT MSR:
- ia32_pat: hold the value of the emulated IA32_PAT MSR
- vmx_ia32_pat: used for load/store IA32_PAT MSR during world switch
This patch moves ext_context->ia32_pat to the common placeholder for
emulated MSRs acrn_vcpu_arch->guest_msrs[].
Also it renames ext_context->vmx_ia32_pat to ext_context->ia32_pat to
retain same naming convention in struct ext_context.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- implement unified APIs to access guest_msrs[] under struct acrn_vcpu.
- use these new APIs to read/write emulated TSC_DEADLINE MSR
- switch world_msrs[] and guest_msrs[] during world switch for MSRs that
need world isolation
- remove the old guest_msrs[] array and it's index macros.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Create two arrays for emulated MSRs:
- guest_msrs[] in struct acrn_vcpu_arch: emulation for all MSRs that are
included in emulated_guest_msrs[].
- world_msrs[] in struct cpu_context: it has separate copies for secure and
normal world for those MSRs that are in the first NUM_WORLD_MSRS entries
in emulated_guest_msrs[].
Split vmsr.c/emulated_msrs[] into 3 smaller arrays:
- emulated_guest_msrs[]: corresponding MSRs are emulated in guest_msrs[]
- mtrr_msrs[]: emulated MTRRs are saved in vMTRR module
- unsupported_msrs[]: GP for any guest accesses
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Use these operators in an expression is considered dangerous.
So avoid to use it in an expression which is not in stand-alone
expressions and the 3rd expression of a for loop.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Reassign reference parameter may lead to possibly serious errors
and unmaintainability. This patch wants to fix this by avoiding
do this.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Identifier reuse may arise confusion. So should minimize the case of it
as much as possible. This patch is try to do this except the PCI related
module.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
MISRAC requires that the array size should be declared explicitly.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Hypervisor uses '-O2' compiler option,
it will omit frame pointer by default for '-O2',
This patch add 'no-omit-frame-pointer' in debug version.
Tracked-On: #1979
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Implicit conversion may result in loss of information or undefined behaviour.
So make it with explicit conversion.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
There may the theoretic infinite loop with some code. But actually it doesn't.
This patch make these code more obvious it's not a potentially infinite loop.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
_FORTIFY_SOURCE is a Glibc feature which adds memory
and string function protection, this flag is only for
Glibc. The _FORTIFY_SOURCE is not used by hypervisor
because hypervisor is not include Glibc.
Tracked-On: #1122
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
On platforms, that do not support APICv register virtualization, all the
x2APIC MSRs need to intercepted by ACRN for emulation.
Tracked-On: #1973
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
This patch does:
- remove the unused API declaration
- fix use of uninitialized variable in instr_emul.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The code in comments was removed from md_wrap.c, so modify comments
to avoid confusion
Tracked-On: #1966
Signed-off-by: Chen Gang G <gang.g.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Since "uint8_t page[CPU_PAGE_SIZE]" wants to ensure the first_page only
took PAGE_SIZE memory space and aligned to PAGE_SIZE. However, it couldn't.
So just make it simpler.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Reviewed-by: Qi, Yadong <yadong.qi@intel.com>
This patch adds more comment to describe functions that are
interfaces to the other modules in the hypervisor. The comments
are in doxygen-style for document generation.
Tracked-On: #1595
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
This patch adds the necessary space before or after binary operator.
v1 -> v2:
* minor fix related to integer
[i - 1] ====> [i - 1U]
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
The function not used in extern c file, must add static.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The result of evaluate expression,it's type should be boolean.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Input parameter of mmio_write64/mmio_write32/mmio_write16/mmio_write8
should be 'void *addr' rather than 'const void *addr' since the object
pointed by 'addr' is modified in these operations.
This patch change the param type of mmio_write** and update its usage
accordingly.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
replace CPU_PAGE_MASK with PAGE_MASK
These two MACROs are duplicated and PAGE_MASK is a more reasonable name.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- replace CPU_PAGE_SHIFT with PAGE_SHIFT
These two MACROs are duplicated and PAGE_SHIFT is a more
reasonable name.
- remove unused MACROs related to page shift in cpu.h
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
replace CPU_PAGE_SIZE with PAGE_SIZE
These two MACROs are duplicated and PAGE_SIZE is a more reasonable name.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
separate the function definitions into debug/release directories
to better distinguish debug/release libraries
v1 -> v2:
- sbuf_get is defined in 'debug/sbuf.c' but not used anywhere.
remove the declaration in 'include/debug/sbuf.h' and keep the
definition in 'debug/sbuf.c' in case it will used later.
- sbuf_put and sbuf_share_setup is not used under RELEASE version.
remove the file 'release/sbuf.c'.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
now hypervisor will support to hide ignored PCI device from SOS,
it doesn't need pass the boot args to SOS.
Tracked-On: #1923
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
serial PCI device is just used for HV/SOS output debug information;
because it is used in hypervisor layer, SOS should not touch it.
so need to check and hide it from SOS.
Tracked-On: #1923
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
replace serial PCI MMIO base address configure with its BDF configure.
Tracked-On: #1923
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
this patch is the final one, it did some code clean up and move some definition
from vm0_boot.h to boot_context.h.
after this patch, the boot component include files:
arch/x86/boot/cpu_primary.S
arch/x86/boot/trampoline.S
arch/x86/boot/cpu_save_boot_ctx.S
arch/x86/boot/idt.S
boot/reloc.c
boot/include/reloc.h
include/arch/x86/boot/idt.h
include/arch/x86/boot/boot_context.h
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
this patch moves set_idt from header file to irq.c
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
this patch move functions for AP trampoline into trampoline.c from reloc.c
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
The PLATFORM configuration option is not used in any unique way. With simple
changes, we can directly use CONFIG_PLATFORM_UEFI and CONFIG_PLATFORM_SBL to
compile the ACRN hypervisor. This patch removes this config option and adjusts
the hypervisor Makefile accordingly.
The "old" way of specifying the platform from the command-line is not affected
by these changes, e.g.: "make PLATFORM=sbl"
Tracked-On: #1588
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
* Add more Kconfig options documentation for the hypervisor
* Reword some existing one to improve readibility
* Break some help text to not go beyond 80 characters
Tracked-On: #1588
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Co-Authored-By: David B. Kinder <david.b.kinder@intel.com>
This patch fixes the following violations:
1. Implicit conversion: actual to formal param
2. Value is not of appropriate type
3. No cast for widening complex int expression
4. Widening cast on complex integer expression
5. Narrower int conversion without cast.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Now it's using the memory reserve by hypervisor. So there's not
necessaty to map or ummap this region from SOS.
Tracked-On: #1942
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
The previous would reserve memory for trusty in SOS kernel. Howerer,
there would no available 16 MB continue memory any more after a long time.
This result in allocating memory for trusty failed. This patch will reserve
memory for trusty in ACRN hypervisor in which case the memory allocation
for trusty will never fail.
Tracked-On: #1942
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
This patch places all unsupported MSRs in the intercepted_msrs[], but
don't implement any handlers in the switch clauses. Hence any
accesses from guests result in GP exceptions.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Put most of the emulated MSR number in emulated_msrs[], and remove
the individual calls to enable_msr_interception().
- vcpu_thread() injects General Purpose exception to the guest if any
VMEXIT handler doesn't return 0. This patch removes vcpu_inject_gp()
from all MSR VMEXIT handlers to keep the code clean.
- remove dead code.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Regarding SGX, guests could access CPUID.07H.EBX[2] before query CPUID
leaf 12H.
Intel SDM 36.7.2: "If CPUID.(EAX=07H, ECX=0H):EBX.SGX = 1, the processor
also supports querying CPUID with EAX=12H on Intel SGX resource capability
and configuration."
Clear CPUID.07H.ECX[30] SGX_LC to make the guest view consistent.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch allows to disable the serial port directly from Kconfig. This used
to only be possible from the command-line (by passing "uart=disabled"). To
disable the serial port via Kconfig, simply unselect the "Serial IO type"
option.
The default options do not seem to have any effect anymore (and were confusing
anyway) so they are removed and the serial port is enabled for various platforms
in their corresponding *.config file.
Tracked-On: #1481
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
`@return` is dedicated for brief description of return values, not for comments
stating actual return values. In addition, sphinx + breathe does not join
multiple adjacent `@return`. This results in multiple `Return` sections in the
generated document, which is confusing.
This patch replaces `@return` with `@retval` for the lists of return
values. Adjacent `@retval` can be joined into one list by breathe.
v1 -> v2:
* Replace return value descriptions like `negative` and `positive` with
expressions like `<0` and `>0` in `@retval`.
* Keep the list of `@retval` comprehensive, even when there is a `@return` to
generally describe what the return value means.
* Drop duplicated `@return` when it does not give more information than the
`@retval` list.
Tracked-On: #1595
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
It is preferred to state the absence of a return value explicitly in the
doxygen-stile comments. Currently there are different styles of doing this,
including:
@return None
@return NULL
@return void
@return N/A
This patch unifies the above with `@return None`.
Tracked-On: #1595
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
The offset calculation should base on the MSI-x BAR address, not MSIX-table address.
Tracked-On: #1946
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
As SOS has already adapted to the new state transition of VHM requests for a
month, the old `valid` field can now be safely obsoleted.
This patch changes the `valid` field as reserved and drops all the code that
reads or modifies this field for backward compatibility. The embedded comments
are updated accordingly, following the doxygen style.
Tracked-On: #875
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C requires that if the return value of a function call is
assigned to a local variable, this value shall be used in all paths.
This patch moves the variable assignment right before the moment that
the variable is used.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Boot component prepares the very basic platform boot env. It finally call
into platform initilization entries:
- bsp_boot_init & cpu_secondary_init for start up
- or restore_s3_context for wakeup
This patch just move files into reorg dir.
Tracked-On: #1842
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
V1->V2:
make the return value match to int32_t
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
V1->V2:
change the probe_table return value to bool type
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
v1-v2:
Bypass this case:
When binary arithmetic operators of different precedence (e.g. '+'
and '*') are mixed in an expression, parentheses are added to the
sub-expressions using the operator with a higher precedence.
v1:
The operator precedence rules are complicated and it is easy to make a mistake.
So add brackets to make operator expression more readable.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
seperate the function definitions into debug/release directories
to better distinguish debug/release libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
seperate the function definitions into debug/release directories
to better distinguish debug/release libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
seperate the function definitions into debug/release directories
to better distinguish debug/release libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
seperate the function definitions into debug/release directories
to better distinguish debug/release libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
seperate the function definitions into debug/release directories
to better distinguish debug/release libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
seperate the function definitions into debug/release directories
to better distinguish debug/release libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
seperate the function definitions into debug/release directories
to better distinguish debug/release libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
V1->V2:
remove the unrelated code.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C required every switch statement shall have a default label.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove dynamic memory allocation in crypto lib, use array to
replace them.
Tracked-On: #1900
Reviewed-by: Bing Zhu <bing.zhu@intel.com>
Signed-off-by: Chen Gang G <gang.g.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
replace HV_DEBUG with CONFIG_COM_IRQ which is more reasonable
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
now the size of sanitized_page is 32KB,
revise it to 4KB.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
For data structure types "struct logmsg", its name is identical
with variable name in the same scope. This is a MISRA C violation.
This patch fix it.
Tracked-On: #1801
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch remove early logbuf support which is used to hold
log massges before shared buf setup by SOS.
Tracked-On: #1801
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
V1->V2:
update the git comment to describe why comply with the
single-exit rule.
V2->V3:
update the git comment title to give a scope declaration of this
patch.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
IEC 61508,ISO 26262 standards highly recommend single-exit rule.
Reduce the count of the "return entries".
Fix the violations which is comply with the cases list below:
1.Function has 2 return entries.
2.The first return entry is used to return the error code of
checking variable whether is valid.
Fix the violations in "if else" format.
V1->V2:
update the git comment to describe why comply with the
rule(function's return entry should be only one).
V2->V3:
update the git comment title to give a scope declaration of this
patch.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Currently guest IA32_TSC_AUX MSR is loaded manually right before VM
entry, and saved right after VM exit.
This patch enables VM-Entry Control and VM-Exit Control to switch
MSR IA32_TSC_AUX between host and guest automatically. This helps to
keep vcpu_thread() function and struct acrn_vcpu cleaner.
Also it removes the dead code of intercepting IA32_TSC_AUX.
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Some data structure are only used under some condition. This patch move data
structure definition under its corresponding contion. Otherwise, it would
violate MISRA-C 413 S "User type declared but not used in code analysed".
For MACRO, it would violate MISRA-C 628 S "Macro not used in translation unit".
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove the usage of HV_DEBUG related to shell command in assign.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove the usage of HV_DEBUG in vioapic.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
remove the usage of HV_DEBUG in ioapic.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
to avoid passing guest's memory block into hypervisor internal
process for security.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
enhance Makefile to compile debug/release into 2 libraries
v1 -> v2:
* auto make all the libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
In theory, there would have 256 pending interrupts on lapic ISR.
Add this check to avoid theoretic infinite loop for clearing
lapic isr. Leave the potentially hardware issue to machine check.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Although the lapic base MSR have the same value in per-cpu except that the BSP bit.
However, we would enter s3 on the BSP cpu. After the resume from s3, the BSP bit was
clear on the BSP cpu. This patch fix this bug.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now if the vmexit reason is virtulized EOI for level triggered
interrupts, HV will loop all the ptdev entries, it is time-consuming,
this patch add vpin to ptdev entry mapping for vpic and vioapic
when add intx entry for a vm,it can use the ptdev entry directly
according to the mapping for vpin and ptdev entry when EOI vmexit.
v3-->v4:
-- add check vpin in remove_intx_remapping
-- move check vpin from ptdev_add_intx_remapping to add_intx_remapping
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Move ptdev lock out from add_intx_remapping/add_msix_remapping
/remove_intx_remapping/remove_msix_remapping and make it protect
the whole add entry/remove entry process
v3-->v4:
--move ptdev lock out
v2-->v3:
-- still use ptdev lock for add/remove ptdev entry
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
-- Config MAX_PT_IRQ_ENTRIES 64 in Kconfig
-- Remove ptdev list
-- Add alloc_ptdev_entry_id api
v3-->v4:
-- move is_entry_active from assign.c to ptdev.h
-- Add clear active flag in release_entry
v2-->v3:
-- Remove redundancy active check for ptdev entry
in release_all_entries and get_ptdev_info
v1-->v2:
-- split to small patches
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
- fix code style: mix of tab and white spaces, alignments, etc.
- remove not meaningful comments. Also these comments are below the
source code which makes the code look messy.
- add more MSR register definitions
Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch introduce a new mode of IO request completion, polling mode.
Now, the sketch of ioreq process can be,
A. UOS vcpu0 generate PIO/MMIO ->
B. pcpu1(vcpu0 of UOS) trap into HV ->
C. pcpu1 build ioreq, send IPI and enter idle ->
D.1 pcpu0(vcpu0 of SOS) response IPI,
D.2 pcpu0 handle the ioreq in HV, kernel, DM,
D.3 pcpu0 mark ioreq as complete,
D.4 pcpu0 hypercall to enter HV ->
E.1 pcpu0 send IPI to wake pcpu1 up
E.2 UOS vcpu0 continue running
With this change, it skips D.4, E.1 steps. In step C, pcpu1 will enter a
polling ioreq state idle after send out the IPI.
It can save about ~5000 cpu cycles.
In polling mode, we do the polling in idle instead of pause cpu all the
time. It will consume more power. A better way is to use monitor/mwait
instructions which can put cpu into a sleep state with monitoring a
memory address. Unfortunately, APL has bug with monitor. We can gather
all ioreqs state into one monitorable memory and take advantage of
monitor/mwait for future platform.
The way polling or notification is per VM. We can config VMs in
different mode. By default, IO request completion will use notification
mode for all VMs. We can switch it by Kconfig.
Tracked-On: #1821
Signed-off-by: Shuo Liu <shuo.a.liu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch adds more comments to describe the structures and functions of vtd
that are public to the other components in the hypervisor. The comments are in
doxygen-style for document generation.
Tracked-On: #1595
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Clean up of a couple of README.rst files located respectively under hypervisor/
and devicemodel/ to remove obsolete and unmaintained information. Both hold a
basic introduction about the folder content and refer to the official
documentation website for more detailed information.
Tracked-On: #1827
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
1. use error code defined in errno.h instead of 1.
2. panic if error occured while adding devices to VM0 domain.
3. panic if failed to reqeust irq for iommu.
The two panic added would only occurs before any VM starts running.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
In current code, DMA remapping is enabled at very early stage, when there is no
device added.
Devices are added to VT-d context table when creating VMs.
There is potential risk that there may be device DMA transactions when DMA remapping is
enabled, but the device is not added to the VT-d context table. (Eg. this could happen in UEFI
enviroment when USB keyboard use in efi intenal shell.)
This patch defers DMA remapping enabling until vm creation.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Current code doesn't init interrupt config when resume from S3.
The related register contect will be lost during S3.
This patch re-init these regiters.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Add an internal API to do action according to action function provided,
which can simplify the code.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Move move public API to the bottom part of the file.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Becuase the number of character of a line is 120.
Merge lines for a statement if needed.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
dmar_uint -> dmar_unit
remove i in line 756 added by accident.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The guest could write the MSI-X Table fields in DWORD or QWORD. For
example the Message Address could be a QWORD write or two DWORD writes,
the Message Data could be a DWORD write or part of a QWORD write that
is combined with the Vector Control. This patch captures all the
possible combinations when the guest is configuring the MSI-X Table.
Tracked-On: #1568
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Though guests are not supposed to read Message Data/Addr, it's still better
off to initialize them to 0.
vector_control should be initialize to zero besides the mask bit.
Tracked-On: #1568
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
- in vmsix_cfgwrite(), it should write the new value 'val'.
- in vmsix_table_mmio_access_handler(), mmio_gpa is a typo for intercepted_gpa.
Tracked-On: #1568
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
remove the usage of HV_DEBUG in hypercall.c and vmcall.c
TO-DO:
Enhance Makefile to compile debug/release into 2 libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
CSE FW uses an AEK (Attestation keybox Encryption Key) to encrypt the keybox
with AES-256-GCM algorithm before sending it to Android/Trusty. This key is
derived from the latest platform Seed by CSE FW with KDF (key derivation function)
HMAC-SHA256. After Trusty retrieves this encrypted keybox over HECI/MEI driver,
Trusty needs the same AEKkey to decrypt it. Hence, before Trusty launches,
Hypervisor derives the same AEK key from Platform Seed with the same algorithm
and the same derivation parameters, then sends this AEK along with Trusty vSeed
to Trusty world memory.
Since Platform Seed is only visible to Hypervisor and it must not be
sent to any guest VM, only Hypervisor can derive this AEK from this
Platform Seed, just like previous per-Trusty virtual Seed derivation.
Please note that Android Attestation Keybox is shared in a single hardware
platform, so all the Trusty instance/world can get the same AEK for
decryption even if there are multiple Android User OS/VMs running
on top of Hypervisor.
v1 --> v2:
Add detailed description why we need the patch to derive an extra key
v2 --> v3:
Convert API descriptions to Doxygen
Tracked-On: #1812
Reviewed-by: Bing Zhu <bing.zhu@intel.com>
Reviewed-by: Kai Wang <kai.z.wang@intel.com>
Signed-off-by: Chen Gang G <gang.g.chen@intel.com>
Acked-by: Bing Zhu <bing.zhu@intel.com>
Revert the temporary workaround of calling allow_guest_pio_access() to
reset the I/O bitmap for CF9.
For CONFIG_ADDR register, only intercept I/O port CF8 to achieve these:
- In SOS, I/O bitmap for port CF9 is not set.
- In UOS or in partition mode, I/O requests to CF9/CFA/CFB won't be handled
by pci_cfgaddr_io_read/write() any more.
Tracked-On: #1815
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Register separate I/O emulation handlers for I/O port CF8 and CFC. This
makes the code simpler, and offers some flexibilities to be able to handle
CF8 and CFC ports differently.
Tracked-On: #1815
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
An I/O handler is not linked to the I/O access size, so in searching for
the registered I/O handler, don't need to check the I/O request's access
size.
In struct vm_io_handler_desc, change fields addr and len to port_start and
port_end respectively to adapt to this change.
Tracked-On: #1815
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. CPU_SEG_WRITE->CPU_SEG_READ: it's actually seg read
2. 0x%hu -> 0x%x: it need print hex format
Tracked-On: #1833
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
- Remove the usage of HV_DEBUG in hv_main.c
The usage of HV_DEBUG in hv_main.c is for the shell command 'vmexit'.
Since vmexit info has been captured by acrntrace, there is no need to
keep this duplicated feature in shell command.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Adding Kconfig option to define the vuart port base address/IRQ.
By default, use 0x3F8/IRQ4. For MRB, use 0x3E8/IRQ6.
We are experiencing problems on NUC after changing from 0x3F8/IRQ4
to 0x3E8/IRQ6.
Tracked-On: #1817
Change-Id: Ie407e51a7bc25ac0bb4c61453c969f1466fa33ca
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Due to the side-effect to cache of "wbinvd" instruction, just apply it
in case of noncoherent DMA.
Tracked-On: #1824
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
ioreqs acrossing VM reset is meaningless. So we reset their status when
VM reset.
Please note, device model and service os need to handle various ioreqs
pending status in emergency reset condition carefully. Otherwises, the
post processing of such ioreqs might overwrite this reset.
Tracked-On: projectacrn#1821
Signed-off-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Even in partition mode, we also need to clear vmid in vmid_bitmap to
indicate the VM is not present.
Tracked-On: projectacrn#1821
Signed-off-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
MISRA-C requires that the function call in which the returned
value is discarded shall be clearly indicated using (void).
This patch fixes the violations related to the following
function calls.
- instr_check_gva
- vlapic_set_local_intr
- prepare_vm
- enter_s3
- emulate_instruction
- ptdev_intx_pin_remap
- register_mmio_emulation_handler
v1 -> v2:
* discard the return value of enter_s3
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
This patch addes missing brackets for 'if/else' statements based on
MISRA-C requirements 12 S.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Reviewed-by: Huihuang Shi <huihuang.shi@intel.com>
576S: Function pointer is of wrong type. C90 requires the elements of an
designated initializer to appear in a fixed order, the same as the order of
declaration. C99 relaxes this rule but seems MISRA-C sticks to C90 in this
regard.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Reviewed-by: Huihuang Shi <huihuang.shi@intel.com>
- 331S: Literal value requires a U suffix.
- 612S: inline function should be declared static.
- 93S: Value is not of appropriate type. MISRA-C imposes strict type
checking: no comparison between signed and unsigned, etc.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Huihuang Shi <huihuang.shi@intel.com>
458S: Implicit conversion: actual to formal param (MR): "The value of an
actual parameter shall not be implicitly converted to the type of a formal
parameter, if that conversion might result in the loss of information".
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Huihuang Shi <huihuang.shi@intel.com>
fix the following integer violations:
1. Signed/unsigned conversion without cast
2. Literal value requires a U suffix
3. Implicit conversion of underlying type
v3 -> v4:
* change the type of npk_loglevel/mem_loglevel/console_loglevel
from uint32_t to uint16_t
v2 -> v3:
* discard the return value of update_ept
* discard changes related to npk loglevel
v1 -> v2:
* remove the unnecessary changes related to the false positive
issues caused by scanning tool
* change the type of the local variable 'vlapic_id' from uint8_t
to uint32_t in function 'vlapic_build_id'
* change the type of the struct member 'flags' in shared_buf from
uint64_t to uint32_t
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Functions shall not call themselves, either directly or indirectly.
vpic_set_pinstate will cal vpic_notify_intr and results to recursion
violations,fix it out by mov vpic_notify_intr out of vpic_set_pinstate.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
clean up mmio_read/mmio_write in instr_emul.c
- make these two functions inline
- discard the return value and add the pre condition
- rename these two functions to vie_mmio_read/vie_mmio_write
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In current code, there is an out of range access to the array buses defined in struct struct context_table.
This patch defines CONFIG_IOMMU_BUS_NUM to replace CONFIG_IOMMU_INIT_BUS_LIMIT, which is clearer.
CONFIG_IOMMU_BUS_NUM equals to (CONFIG_IOMMU_INIT_BUS_LIMIT + 1).
Tracked-On: #1807
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C requires that the function call in which the returned
value is discarded shall be clearly indicated using (void).
This patch fixes the violations related to the following
function calls.
- vlapic_set_intr
- vlapic_intr_edge
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
to decrease the value of 'create_vcpus' in fail case.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C reqires assembly code should comply with
the rules list below:
The assembly code's functionality should match the function's
name.If not,pls encapsulate the assembly code and give a suitable
name for describing the functionality.
V1->V2:
1.remove the dead code
2.update detail comment
V2->V3:
1.replace the macro name with upper case.
2.remove the typedef and rename the struct name
"_descriptor_table_" to "descriptor_table".
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
this patch is to avoid posisble inconsisent states for
VMs and vCPUs in configuration that SOS is SMP based
and Device Model may be multi-threads based.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Assign function pointer without the unary & operator.
Take 'register_io_emulation_handler' as an example:
void register_io_emulation_handler(struct acrn_vm *vm,
const struct vm_io_range *range,
io_read_fn_t io_read_fn_ptr,
io_write_fn_t io_write_fn_ptr)
The last two parameters are function pointer.
Sometimes we use function designator directly, while sometimes
with the unary & operator, as shown below.
- without &
register_io_emulation_handler(vm, &range, vuart_read, vuart_write);
- with &
register_io_emulation_handler(vm, &pci_cfg_range,
&pci_cfg_io_read, &pci_cfg_io_write);
To unify the coding style, we will go with the first way.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- Config MAX_EMULATED_MMIO_REGIONS 16 in Kconfig
-- Add emulated mmio array and emulated mmio regions
in vm structure
-- Remove mmio list in vm structure
-- Remove unregister_mmio_emulation_handler and
vioapic_cleanup APIs
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
updated kernel name from kernel-org.clearlinux.pk414-sos.4.14.52-63 to kernel-org.clearlinux.iot-lts2018-sos.4.19.0-16 for v0.3 release
Signed-off-by: Ailun258 <ailin.yang@intel.com>
Branch addressing using registers or memory operands must be prefixed by
a '*' in AT&T ASM language.
This change is to fix these warnings:
arch/x86/cpu.c:409: Warning: indirect call without `*'
arch/x86/cpu.c:553: Warning: indirect call without `*'
arch/x86/trampoline.S:168: Warning: indirect jmp without `*'
Ref: https://csiflabs.cs.ucdavis.edu/~ssdavis/50/att-syntax.htm
Tracked-On: #1764
Signed-off-by: Xinyun Liu <xinyun.liu@intel.com>
Reviewed-By: Yin Fengwei <fengwei.yin@intel.com>
The cpu model name of "Intel(R) Celeron(R) CPU N3350 @ 1.10GHz" is used in
APL UP2 board, which is in Acrn official support list.
Tracked-On: #1767
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- Add emulated port io index
-- Add emulated pio array in vm structure
-- Remove port list in vm structure
-- Remove free_io_emulation_resource/register_io_handler/
create_io_handler APIs
v2-->v3:
-- not add 'is_emulated', check len == 0U
-- Check if io_read/io_write handler is NULL before calling
-- Replace ENUM with MACRO for emulated pio index to avoid
MISRA-C violations
v1-->v2:
-- Remove EMUL_PIO_NUM in Kconfig, add emulated pio index
for PIC/PCI/UART/RTC/PM
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Current, SNP control bit is only set in ept_mr_add for cacheable memory.
However, memory type for VM0 is added as uncacheable type.
So SNP control is not set for VM0.
Add code to set SNP control bit for cacheable memory when ept modification.
Tracked-On: #1762
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Fix the issue that kernel console doesn't work with partition mode.
Tracked-On: #1756
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The the bdf(bus/dev/func) is used to determine which pass-through device should
be assigned/released. Now the hypervisor parses the corresponding bdf from the guest
physical address when hcall_assign_ptdev/hcall_deassign_ptdev is called.
As it is only uint16_t, it is unnecessary to use the GPA to pass the bdf parameter.
Instead the parameter can be used as the bdf directly.
In order to keep the compatibility, it still can get the bdf by using
copy_from_gpa when SOS passes the parameter based on the buffer. But this will
be depreciated.
This is based on the assumption that the GPA in SOS is greater than 0x10000
when one buffer is allocated to pass the corresponding hypercall parameter.
After the SOS uses the bdf to pass the hypercall paremeter, we can remove the code
that gets the bdf by using copy_from_gpa.
V1->V2: Add some comments for hcall_assign_ptdev/hcall_deassign_ptdev.
Tracked-on: #1751
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C requires that the controlling expression of an if statement or
an iteration-statement shall be Boolean type.
v1 -> v2:
* update the U suffix of constant to let the type of operands
to bit operations (&) is the same.
* update the type of 'i' from uint64_t to uint16_t in
'profiling_set_control' since it is limited by phys_cpu_num,
which is uint16_t.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
When a macro is expanded, the two tokens on either side of each ‘##’ operator
are combined into a single token, which then replaces the ‘##’ and the two
original tokens in the macro expansion. So we need use CAT__ to expand the
__LINE__ MACRO and use CAT_ to combine the expaneded MACRO.
Tracked-on: #1750
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Use pre-defined inline function for pci bus/slot/function calculation.
Tracked-on: #1747
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It is not necessary to use atomic operation to
set the initial value for 'created_vcpu' in vm structure.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
The old doc update commit changed the code by accident and broke
release version build. This patch fix the release build issue.
Tracked-On: #1595
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Fix the integer violations related to the following rules:
1. The operands to shift operations (<<, >>) shall be unsigned
integers.
2. The operands to bit operations (&, |, ~) shall be unsigned
integers.
- Replace 12U with CPU_PAGE_SHIFT when it is address shift case.
v1 -> v2:
* use existed MACRO to get bus/slot/func values
* update PCI_SLOT MACRO to make it more straightforward
* remove the incorrect replacement of 12U with CPU_PAGE_SHIFT
dmar_fault_msi_write
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The print_param struct's member emit who is used for callback,
the forth parameter of it is used for transmit the private data
of the "print_param".
The type translation between "void *" and private date broke the
violations.
Use the same type to fix it out.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Xu Anthony <anthony.xu@intel.com>
Fixed the condition to be able to collect MSR sample data
Also populating addition information to help identifity appropriate data
Tracked-On: #1693
Signed-off-by: Manisha Chinthapally <manisha.chinthapally@intel.com>
For all the hypercalls, we sync the comments from .h to .c as
comments in .h file are used in architectural design and the
comments in .c are used in module design.
Tracked-On: #1595
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
For data structure types "struct vm", its name is identical
with variable name in the same scope. This is a MISRA C violation.
Naming convention rule:If the data structure type is used by multi
modules, its corresponding logic resource is exposed to external
components (such as SOS, UOS), and its name meaning is simplistic
(such as vcpu, vm), its name needs prefix "acrn_".
The following udpates are made:
struct vm *vm-->struct acrn_vm *vm
Tracked-On: #861
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
For data structure types "struct vcpu_arch", its name
shall follow Naming convention.
Naming convention rule:If the data structure type is
used by multi modules, its corresponding logic resource
is exposed to external components (such as SOS, UOS),
and its name meaning is simplistic (such as vcpu, vm),
its name needs prefix "acrn_". Variable name can be
shortened from its data structure type name.
The following udpates are made:
struct vcpu_arch arch_vcpu-->struct acrn_vcpu_arch arch
Tracked-On: #861
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
For data structure types "struct vcpu", its name is identical
with variable name in the same scope. This is a MISRA C violation.
Naming convention rule:If the data structure type is used by multi
modules, its corresponding logic resource is exposed to external
components (such as SOS, UOS), and its name meaning is simplistic
(such as vcpu, vm), its name needs prefix "acrn_".
The following udpates are made:
struct vcpu *vcpu-->struct acrn_vcpu *vcpu
Tracked-On: #861
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Currently vpci treats IO port CF9 as a regular PCI CONFIG_ADDRESS port,
so that SOS can't do system reboot through port CF9.
This patch handles port CF9 in this way:
- SOS (vm0): it is allowed to actually access the physical IO port for byte
accesses.
- UOS (non-vm0) or partitioning guests: any accesses to port CF9 are
ignored.
Tracked-On: #1568
Signed-off-by: Zide Chen zide.chen@intel.com
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
This patch adds more comments to describe the structures and functions that are
public to the other components in the hypervisor. The comments are in
doxygen-style for document generation.
v2 -> v3:
* Reformat the flow in the doc for vhm_io_request.
v1 -> v2:
* Fix typos and inconsistencies in the comments.
* Wrap the text-based diagram in the doc for vhm_request in @verbatim
Tracked-On: #1595
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Unmap the trusty EPT mapping when destroy_secure_world. The reason is
now the normal world and trusty will share the PD and PT page. Before
we add the mapping for each world, we should unmap it from another world.
Besides, fix a minor bug for condition priority.
Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
MMIO registers might be changed at any time.
The changes might not be catched due to compiler optimization
if there is no 'volatile' keyword.
We have defined MMIO read/write APIs to address the above issue.
'volatile' keyword is being used in these defined MMIO read/write
APIs.
This patch updates the MMIO registers access implementation in
'msix.c' to use these defined MMIO read/write APIs.
v1 -> v2:
* update the algorithm to get the address of high 32-bit of
'pentry->addr'
- previous way:
&(pentry->addr) + 4U
===> &(pentry->addr) + 4 * 64 bits
since 'pentry->addr' is 64 bits
- new way:
(char *)&(pentry->addr) + 4U
===> &(pentry->addr) + 4 * 8 bits
since 'char' is 8 bits
Tracked-On: #1711
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
