The base address of LAPIC and IOAPIC should be parsed from MADT table,
so move the definition to platform_acpi_info.h.
Tracked-On: #1500
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The I/O APIC number should be parsed from host ACPI table, so move the
definition from Kconfig to platform_acpi_info.h.
Tracked-On: #1500
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace platform_acpi_info.c with platform_acpi_info.h and define needed
host ACPI info in MACROs. Then the struct host_acpi_info is not needed
any more.
This header file should be generated by offline tool automatically;
Tracked-On: #1500
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ABL pass seed_lists to HV through different interface/structures.
So, in this patch, add interface to retrieve seed from ABL and refactor
the seed parsing logic.
Tracked-On: #1488
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Zhu Bing <bing.zhu@intel.com>
@vioapic_set_pinstate() & vioapic_need_intr(),
add checking input value range for 'pin'.
Tracked-On: #1479
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
According to SDM 6.5 exception classification, if the fault
happens, the CPU will return to the faulting instruction. So
we shouldn't change rip to the next instruction if inject fault
to guest.
Tracked-On: #1473
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
All the platforms supported by ACRN supports x2APIC. So enabled
x2APIC for ACRN hv. Removed any code that is needed for xAPIC mode
of operation.
Tracked-On: #1455
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed by: Yonghua Huang <yonghua.huang@intel.com>
Let OBJS target depend on VERSION file instead of other targets like
install/all depending on it, since the version.h is being included in
.c files.
This fixes a following compilation issue:
| In file included from include/hv_debug.h:10,
| from include/hypervisor.h:37,
| from arch/x86/cpu.c:7:
| arch/x86/cpu.c: In function 'bsp_boot_post':
| arch/x86/cpu.c:453:4: error: 'HV_FULL_VERSION' undeclared...
Tracked-On: #1441
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Return value should be checked,fix it by add
"void" when the function return value is not used.
V1->V2:
replace printf with pr_warn.
V2->V3:
change the commit to make read easily.
Tracked-On:#861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C required the suffix(U/UL), such as:
(1) ---> (1U)
(1) ---> (1UL)
(1U << 0) ---> (1U << 0U)
This patch will add the suffix(U/UL) to come up MISRA-C into
hypervisor/include directory.
Tracked-On: #1468
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
An issue reported on KBL NUC (No APIC-V), when runing GVT test
case, it is easily to cause SOS/UOS hung. This patch is to root
cause it and how to avoid it.
On some platforms with no APIC-V support, this modidication can
avoid SOS hung when no IRR but event pending bit set.
If no APIC-V, interrupt injection will use IRR in vLAPIC and
event pending bitmap; work logic as following (set ABC for notes):
1. in ISR or when UOS send an interrupt to SOS/VHM (like IO request),
step A: set IRR --> step B: set event pending bit;
2. in SOS event handing, step C: check/clear event pending bit -->
step D: probe/get IRR --> step E: clear/handle IRR.
3. after that, it will probe IRR again to check if other IRR left:
step F: probe IRR --> step G: set event pending bit --> step H:
enable IRQ window in VMX.
Before, from step C to D, if pending bit checked, but no IRR, it will
return -1, then the CPU will goto ZOMBIE status. It can cause
SOS hung. It can happen occasionally under following case :
4. between UOS step A and step B, SOS can goto step F, so it
gets IRR, and step G --> step H, then SOS enter non-root mode, for
IRQ window enabled, it will cause vmexit to continue step C/D/E.
5. then UOS does step B, to set pending bit, but no IRR now. When next
vmexit, SOS does step C and D, it can't get IRR, failure happens.
In summary, a failed case steps: A-->F-->G-->H-->C-->D-->E-->B-->C-->D
So we allow that when event pending bit checked, IRR could be cleared
already.It just wastes one probe time occasionally.
Tracked-On: #1363
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
to enable APICv Posted interrupt supported, following the
specifications defined in Intel SDM Section #29.6, Volume3.
Posted-interrupt processing is a feature by which a processor
processes the virtual interrupts by recording them as pending
on the virtual-APIC page.
Injecting interrupts to VCPU from remote CPU without causing
VM exit on the destination, following steps in SDM Section 29.6,volume3:
Tracked-On: #1447
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
use pin_state[pin] to record vpic pin signal, and change the interface name
accordingly.
Tracked-On: #1269
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Now we have name reuse definitions in hypervisor as following:
"enum cpu_state cpu_state" in per_cpu.h,
"struct shell_cmd *shell_cmd" in shell_priv.h.
MISRAC requires that tag names shall not be reused anywhere
with in a program.So these definitions violate MISRAC rules
"identifier resue".This patch is used to fix it.
1. modify the definitions to "enum pcpu_boot_state boot_state"
and "struct shell_cmd *cmds".
2. modifty the relevant usage.
v1->v2
update commit message to be more explicit.
v2->v3
update the enum definition.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now, UOS will use hypercall to init BSP state, we could remove
set_bsp_real_mode_entry() and set_bsp_protect_mode_regs().
For SOS, GDT will inherit from SBL or UEFI. For UOS, DM will
prepare GDT. We don't need hypervisor to prepare GDT for guest.
The entry_addr of vcpu struct could be removed. The guest entry
is set through BSP rip register.
GUEST_CFG_OFFSET is not needed any more after this patchset.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move vcpu mode set to function vcpu_set_regs.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
For UOS, there is no BSP init state saved in hv. We always need
DM to set BSP init state by using hypercall. So we can't auto
start vm during vm reset.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now, we make UOS to set BSP init state by using hypercall. We
could drop the old UOS loader in HV and make vm loader in HV
only for SOS.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
DM will use this hypercall to initialize the UOS BSP state.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Use customized function to generate proper config.h
which depend on kconfig,write the customized format
to support it.
V1->V2:
Add comments.
Tracked-On: #861
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Use genld.sh instead of config.h to generate link_ram.ld.
It can avoid the conflicts of the syntax between ld script and
C.
V1->V2:
change the deps name to config,
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
reviewed-by: Junjie Mao <junjie.mao@intel.com>
From SDM Vol3 26.3.2.5:
Once the virtual interrupt is recognized, it will be delivered in VMX
non-root operation immediately after VM entry(including any specified
event injection) completes.
So the hardware can handle vmcs event injection and evaluation/delivery
of apicv virtual interrupts in one time vm-entry.
This patch move the apicv irr/rvi sync before handle vmcs events
injection. The old code cause the apicv virtual interrupt evaluation and
delivery be handled until next vm-exit if met pending exceptions.
Tracked-On: #1443
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The vcpu state is initialized outside of init_guest_state:
- SOS BSP state is initialized in SOS loader
- UOS BSP state is initialized in UOS loader
- AP state is initialized during SIPI signal emulation
We could make init_guest_state only update the vcpu state
to VMCS structure.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
NOTE: this patch is only workaround patch for UOS BSP state init.
Eventually, the DM will call hypercall to init UOS BSP state.
We use this workaround patch here to simplify the init_guest_state.
Will make the caller of init_guest_state calls init_guest_vmx
directly.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
We move the SOS BSP state init to vm loader and drop
function init_guest_context_vm0_bsp.
Update the definition of vm0_boot_context to fix code
violations.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
With reset_vcpu_regs as pre-condition, we only need to set
cs_selector and cs_base for AP.
We call set_ap_entry in two places:
1. When emulation AP SIPI
2. When sos BSP resume from S3. The BSP is resumed to real
mode with entry set to wakeup_vec. We call set_ap_entry
API here with entry twisted from wakeup_vec.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This reset_vcpu_regs function will reset the vcpu registers to
default value: realmode with entry 0xFFFFFFF0
Make call to reset_vcpu_regs during create_vcpu and reset_vcpu
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
If defined CONFIG_VM0_DESC, HV will use predefined vm0_desc
to config VM0,now it is unneccessary, then remove these code.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
TR selector initianlization using pre-defined HOST_GDT_RING0_CPU_TSS_SEL
rather than loading from register. Instead calculating real base address
of TSS based on TR selector and gdt, getting it from per cpu data.
Tracked-On: #1394
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
'target_vm' returned from 'get_vm_from_vmid()' maybe NULL,
passing to 'is_vm0()' without check.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- add missing brackets for 'if/else' statements based on MISRA-C
requirements
v1 -> v2:
* add brackets for each conditions in 'if' statements to improve
the readability
* modify 'ptdev_init' to make the logic clearer
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
COM1_IRQ's polarity setting is from ACPI table, as hypervisor do not want
to parse ACPI table here, it just get the configuration from vioapic RTE
setting as a work-around.
TODO:
Here should assert vuart irq according to COM1_IRQ polarity. The best way
is to get the polarity info from ACIP table. But we just get the info from
vioapic configuration. Based on this, we can still have irq storm during
guest modify the vioapic setting.
As it's only for debug uart, we want to make it as an known issue.
Tracked-On: https://github.com/projectacrn/acrn-hypervisor/issues/1432
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
In the current hypervisor design, when HPA is not
found for the specified gpa by calling gpa2hpa or
local_gpa2hpa, 0 will be returned as a error code,
but 0 may be a valid HPA for vm0; error checking
is missed when invoking gpa2hpa or local_gpa2hpa;
when invoking lookup_address, the caller guarantees
that parameter pointer pml4_page and pointer pg_size
is not NULL.
If local_gpa2hpa/gpa2hpa returns a invalid HPA,
it means that this function fails to find the
HPA of the specified gpa of vm. If local_gpa2hpa/gpa2hpa
return value is a valid HPA, it means that this
function have found the HPA of the specified gpa of vm.
Each valid vm's EPTP is initialized during vm creating,
vm's EPTP is valid until this vm is destroyed. So the caller
can guarantee parameter pointer pml4_page is not NULL.
The caller uses a temporary variable to store page size.
So the caller can guarantee parameter pointer pg_size
is not NULL.
In this patch, define a invalid HPA for gpa2hpa and
local_gpa2hpa;add some error checking when invoking
local_gpa2hpa/gpa2hpa;add precondition for lookup_address
function and remove redundant error checking.
V1-->V2:
Define INVALID_HPA as a invalid HPA for gpa2hpa
and local_gpa2hpa;
Updated related error checking when invoking
gpa2hpa or local_gpa2hpa;
V2-->V3:
Add some debug information if specified gpa2hpa
mapping doesn't exit and ept_mr_del is called;
Update INVALID_HPA definition easier to be reviewed.
V3-->V4:
Add vm->id and gpa into pr_error;
Add precondition to ept_mr_del to cover [gpa,gpa+size)
unmapping case.
V4-->V5:
Update comments;
Update pr_error message.
Tracked-On: #1258
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
- improve the readability of ept_cap_detect
right shift 32 bits of msr_val to check bits 63:32 of msr_val
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Because of the return type inconsistent,change the
sbuf return type to uint32_t to fix it,and make the
pre-condition to check the parameter whether is NULL.
V1->V2:
1.add () to bool expression
2.add pre-assumption to sbuf_get and sbuf_put
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1.Function return type inconsistent
2.cast on a constant value
V1->V2 add () to return type
V2->V3 keep the sbuf_get and sbuf_put return code
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Expression should be boolean immediate before 'if','while' key-words.
V1->V2 add () to bool expression
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Page table operation would not fault except:
1. the hypervisor it out of memory to allcate a page for page table operation
2. there is a bug with page table operation in hypervisor or devicemodle
While we assue that these would not happened in our platform when release, so
there is no need to check whether there is a fault with page table operation. However,
for debug version, we would panic the hypervisor if we can't meet the conditions really.
Tracked-On: #1124
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Sometimes we need to invalidate cached translation information for guest
when change some bits in CR0/CR4 which related to paging. Here're two cases:
1. If there change some bits to enable/disable paging (mode) or access rights.
For CR0: PG/WP/CD/NW; For CR4: PGE/PSE/PAE/SMEP/SMAP/PKE
2. When guest using PAE paging, we should reload the PDPTE registers sometimes,
detail in SDM Vol 3 Chap 4.4.1 and Chap 4.11.1
Tracked-On: #1379
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
add is_long_mode to check whether the processor is operating in IA-32e mode
add is_paging_enabled to check whether paging is enabled
add is_pae to check whether physical address extension is enabled.
Tracked-On: #1379
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Loop the global vm_array[] instead of the vm_list.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- Replace dynamic memory allocation with static memory
-- Remove the parameter check if the vm is NULL
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch is ready for next one,we will switch from
pointer to embedded structures such as structure vcpu,
some const qualifiers can be improper and raise compilation errors,
this patch remove const qualifier for struct vm.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C required the suffix(U), such as:
(1U << 0) ---> (1U << 0U)
This patch will add the suffix(U) to come up MISRA-C.
Tracked-On: #1385
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
vuart irq COM1_IRQ is configured as active low in ACPI table, so using
GSI_FALLING_PULSE.
Tracked-On: #1269
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
add active_polarity to decide what signal to call: GSI_SET_LOW, GSI_SET_HIGH,
GSI_FALLING_PULSE or GSI_RAISING_PULSE.
Tracked-On: #1269
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
a guest may use per-cpu vector allocation mechanism which may lead to
same vector on different vcpu for different vioapic pins.
when we broadcast EOI from vlapic to vioapic, it could trigger
ptdev_intx_ack for incorrect vioapic pin which will lead to incorrect
vioapic irq deassert.
old implementation is recording assert & deassert by acnt, like:
- assert -> acnt++
- deassert -> acnt--
which means an incorrect deassert may descrease acnt from 0 to -1, it leads
to error.
this patch change the recording method for a pin assert/deassert, it
just use pin_state bit set/clear to indicate line state:
- high -> pin_state bitmap set
- low -> pin_state bitmap clear
and the irq assert will be triggered based on polarity setting during line
state changing.
it can avoid the failure of incorrect deassert on old implementation, and for
ptdev sharing irq, the dev hardware could re-trigger interrupt after deassert.
but for emulated device, there is no mechanism to re-trigger interrupt if
there is irq sharing - for DM, we already has constraint to restrict vGSI
sharing, so there is no problem of it.
Tracked-On: #1269
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
There are chances that names with leading underscore declared by
developers are conflict with the ones reserved for the compiler.
What this patch does:
- rename these functions/variables/macros starting with
underscore to avoid such unintentational mistakes.
- remove gpr.h without any contents
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Commit 6085781 replaced __emalloc() with a call to uefi allocate_page()
and allows UEFI FW to allocate memory for hypervisor from high to low
address below 4GB. However, this change triggers an issue (might be
memory corruption), in turn, PXE boot cannot work.
Since root cause the issue might take some time, the PXE boot issue
blocks auto-test, we disable hypervisor relocation by default for the
time being in config option, and users can enable it by themselves. In
the following weeks, if we root cause the issue, we can re-enable
relocation feature.`
Tracked-On: #1371
Signed-off-by: Chaohong guo <chaohong.guo@intel.com>
The patch is replace irq_static_mappings type from 2 dimension array
into structure and one dimension array.
Tracked-On: #1375
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Reviewed-by: Jason Chen <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Move struct acrn_vcpu_regs, acrn_descriptor_ptr and
acrn_gp_regs to acrn_common.h. The struct acrn_vcpu_regs
will be used as parameter of hypercall
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Doxygen API comment added to hypercall.h was incorrect causing the doc
build process to fail with a warning (parameter not documented).
Fixes: #1353
Tracked-On: #1353
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
For SBL platform, struct acrn_vcpu_regs are used as boot context.
Now the boot_ctx is only for UEFI platform. Rename struct boot_ctx
to efi_context.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Add struct acrn_vcpu_regs and make struct boot_ctx based on
struct acrn_vcpu_regs.
vm0_boot_context is also changed from struct boot_ctx to struct
acrn_vcpu_regs.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
We will define the hypercall to set acrn vcpu registers and
move this struct to acrn_commmon.h for reference from hypercall
parameter definition.
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
struct seg_desc_vmcs is actually for segment descriptor vmcs fields.
Change its name to vmcs_seg_field
Tracked-On: #1231
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The printf related functions have been called by other various
functions, e.g. get_ptdev_info(), get_ioapic_info, etc. The patch
is used to clear up the usage.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Current free_irq sequence will release vector first, then use the
released vector to free irq number.It will cause irq leak for MSI IRQ.
At present, there is no one to free the irqs which in irq_static_mappings,
So this patch will only make sure free non-gsi irqs.
Tracked-On: #1359
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Timer IRQ was static mapped IRQ.
It should not be cleaned up when one of the cpu dead.
The patch will retain the timer irq.
Tracked-On: #1359
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace dynamic allocation for vuart rx/tx buffer
with static array.
v2-->v3:
-- Reduce the size of vuart tx buffer from 64K to 8K
-- For non-partition mode, will use global rx/tx buffer,
for partition mode, will use per VM rx/tx buffer.
-- Change several APIs to inline
v1-->v2:
-- Move vuart rx/tx buffer into acrn_vuart data structure
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In hypervisor, all the parameter and return value printf related are
unsigned int, this patch is used to fix the function definitions.
v1->v2:
*Modify the return value of various functions, such as printf(),
vprintf(), charout(), do_printf(), charmem, print_pow2(),
print_decimal to void due to never used, no necessary to use,
or has already returned by param.
*Delete the impossible judgement of param->emit due to the type
is unsigned.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C states that a void procedure used in expressions is dangerous.
This patch removes the improper 'return' when calling the void procedure
'send_dest_ipi'.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- replace vpic/vioapic_xassert_irq() APIs
with vpic/vioapic_set_irq()
- unify the description of IRQ/PIN state in vpic. & vioapic.c
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. The wrong operand size is assigned in instruction decode phase
if the operand size is 1 byte.
According to the SDM, the bit 0(w bit) of opcode should be checked
first to detect whether the operand size is 1 byte. Then, check
whether there is prefix to overwrite the default operand size.
The original instruction decode doesn't care about the operand
size. But do opsize fixup during instruction emulation phase.
With ACRN we need operand size packed to ioreq and send to DM
after instruction decode.
2. We should always touch the GPA by following opsize to avoid side
effect (especially when GPA is for a MMIO).
Tracked-On: #1337
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch fixes the following issue pointed by Xiangyang and Junjie.
There are some macro arguments acting as formal parameter names.
Drop such arguments since they make no difference to the expanded
implementation and they might confuse some developers.
Here is an example.
'ptr' is dropped in this patch, which is acting as a formal parameter
name and make no difference to the expanded implementation.
-#define build_atomic_load(name, size, type, ptr) \
+#define build_atomic_load(name, size, type) \
static inline type name(const volatile type *ptr) \
{ \
type ret; \
asm volatile("mov" size " %1,%0" \
: "=r" (ret) \
: "m" (*ptr) \
: "cc", "memory"); \
return ret; \
}
Some minor coding style fixes are also included in this patch.
- use TAB for the alignment rather than mixing TAB with space
- fix some typo in the comments
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
merge hv_lib.h and hypervisor.h into one file
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now, the warning is promoted to error. The warning break ACRN
release build.
Tracked-On: #1343
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Fix the compiler warning and turn on the flag to make
compiler warning as compiler error.
Tracked-On: #1343
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Currently, hypervisor doesn't have the information of pci devices
on the platform when init. In order to reduce boot time and memory
usage, hypervisor set a bus limitation for pci devices when init vtd.
However, maximum bus number varies on different platforms.
This patch add a config for the bus limitation.
Set 0xF as the default value for the maximum bus number on sbl platform.
Set 0xFF as the default value for the maximum bus number on uefi platfrom.
Tracked-On: #1339
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch fixes the typo introduced in atomic operaions refine.
The usage of the parameter in function body was not updated according
to the changes of input parameter.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
MISRA-C requires that there should be no unused parameters in
functions.
This patch removes the unused parameters that is not being used
unconditionally.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Fix a Doxygen comment in the hypercall.h header file which is
missing the name of the parameter, this is causing warnings when
generating the documentation related to the
hcall_set_callback_vector() hypercall.
Tracked-On: #1335
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Currently the acrn-hypervisor is using the PLATFORM_IPI vector to notify
the sos_kernel. And then sos_kernel will handle the notification from acrn
hypervisor in PLATFORM_IPI ISR. But as the PLATFORM_IPI ISR can be registered
by the other modules, it will have the conflict when trying to register
acrn intr ISR. So the HYPERVISOR_CALLBACK_VECTOR will be used instead.
In order to switch the notification vector from PLATFORM_IPI to
HYPERVISOR_CALLBACK_VECTOR, one API is added so that sos can configure
the up-notifier interrrupt vector.
Tracked-On: https://github.com/projectacrn/acrn-hypervisor/issues/1325
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It is from the HYPERVISOR_CALLBACK_VECTOR in sos_kernel.
After this vector is used in both kernel and hypervisor, this will be defined
as the default vector.
Tracked-On: https://github.com/projectacrn/acrn-hypervisor/issues/1325
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This is to do the preparation of switch the notifier vector from
PLATFORM_IPI to HYPERVISOR_CALLBACK_VECTOR.
Currently the acrn-hypervisor is using the PLATFORM_IPI vector to notify
the sos_kernel. And then sos_kernel will handle the notification from acrn
hypervisor in PLATFORM_IPI ISR. But as the PLATFORM_IPI ISR can be registered
by the other modules, it will have the conflict when trying to register
acrn intr ISR. So the HYPERVISOR_CALLBACK_VECTOR will be used instead.
Tracked-On: https://github.com/projectacrn/acrn-hypervisor/issues/1325
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRAC checks whether a variable is assigned a value not used in
all branches of a program. Var value which is unused on all paths
can be removed with a consequent improvement in the readability
and efficiency of the code. This patch is used to fix these
violations.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Replace all the host paths with a prefix sysroot directory, it defaults
to be empty, but can be overridden by the variable set in
environment(make -e) or being passed to make command.
Tracked-On: #1307
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
MISRA-C requires that there should be no unused parameters in
functions.
In some cases, we will keep the unused parameters.
vmexit handler is one example. It is used as function pointer.
Some of the vmexit handlers use the input parameter 'vcpu', some of
them don't. We still need to keep the unused parameters 'vcpu' for
those handlers don't use 'vcpu'.
This patch removes the unused parameters that is not being used
unconditionally.
v1 -> v2:
* remove the non-implemented API 'vlapic_id_write_handler'
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
this patch change type of global variable for saving registers on execption.
global variable 'crash_ctx' should not be set to static.
crash_ctx is for offline analysis when system crashed, not for runtime usage.
as crash_ctx is only be set without being read, compiler will regard
crash_ctx as an useless variable if it is set to static, and will not
generate code for it.
Tracked-On: #1295
Signed-off-by: zhouji3x <jianfengx.zhou@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
MISRA-C states that redundant code reduce the maintainability of code.
In some cases, we would like to keep the current unused static functions
for code completeness, such as checking register info. These functions
might be used later.
This patch removes the unused static function 'mmu_pt_for_pde'.
Looks like it is legacy code and not being used in our project.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
MISRA-C requires that every switch case shall be terminated with break
to avoid the unintentional fall through.
The code will become redundant if we enforce this rule.
So, we will keep the current implementation for the following two cases.
1. The fall through is intentional.
2. The function is returned in the switch case.
If we decide to eliminate the mutiple returns in one function later,
this case would be handled properly at that time.
What this patch does:
- add the mssing break for the default case
- add the pre condition for some functions and remove the corresponding
panic which will never happen since the function caller could guarantee
the pre condition based on the code implementation
v1 -> v2:
* remove the redundant cases above default in 'vlapic_get_lvtptr'
* add the similar pre condition for 'lvt_off_to_idx' as
'vlapic_get_lvtptr' since all the function callers could guarantee it
* remove the assertion in 'lvt_off_to_idx' since the pre condition
could guarantee that the assertion will never happen
* add the similar pre condition for 'vpic_set_irqstate' as
'vioapic_set_irqstate' since all the function callers could guarantee it
* remove the assertion in 'vpic_set_irqstate' since the pre condition
could guarantee that the assertion will never happen
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Convert GSI_MASK_IRQ and GSI_UNMASK_IRQ to inline functions.
v1 -> v2:
After changing GSI_MASK_IRQ and GSI_UNMASK_IRQ from MACROs to functions,
'gsi_(mask|unmask)_irq' are the exposed APIs and 'irq_gsi_mask_unmask'
becomes internal.
In order to reflect this change,
- change 'irq_gsi_mask_unmask' as internal function in ioapic.c
- declare 'gsi_(mask|unmask)_irq' in ioapic.h
- define 'gsi_(mask|unmask)_irq' in ioapic.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
The hypercall can be used by SOS/DM to monitor UOS
pass-thru devices' interrupt data; and if an "interrupt
storm" happens in UOS, it can be used to delay the UOS
PTdev interrupt's injection for sometime.
The two functions are implemented by one hypercall with
two sub-commands, and with the data/params in the buffer.
Tracked-On: #866
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch is to enhance the feature of "interrupt storm
mitigation"; when interrupt storm happens on one UOS
it should keep as smaller effect to SOS as possible.
Add variables in PTdev entry & VM, used to record one
UOS's pass-thru devices' interrupt data; add a function
to collect the data.
Also add a timer used to delay UOS pass-thru devices'
interrupt injection if an "interrupt storm" detected
by SOS.
Tracked-On: #866
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Current code enables IOMMU from init_iommu_vm0_domain which is called
from vm0/sos boot sequence. For partition mode VMs, this is not called as
VMs are numbered from 1.
This patch adds support to initialize root table pointer for each IOMMU
and enable all IOMMUs from init_iommu. Hence IOMMUs are enabled even
though ACRN does not boot vm0.
This patch also has changes to fix#1270.
Tracked-On: #1246#1270
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Some code has switch fallthrough cases, it causes some warning during
compiling. Adding a comment can quiet it.
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
Due to the last patches, some funcs in malloc.c and stdlib.h files for
EFI stub module are no longer used. This commit just removes them, no
other changes is being introduced. The funcs are:
emalloc/efree, calloc/malloc/free, strstr/strdup
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Ackedr-by: Gen Zheng <gen.zheng@intel.com>
emalloc() is called only by construct_mbi() during creating e820 mmap
layout. The switching has two benefits: first, UEFI FW might keep some
memory in pool, unlike call to emalloc(), call to allocate_pool() might
have no impact on e820 mmap; on the other hand, we can remove emalloc()
routine after this switching.
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Reviewed-by: Anthony Xu <Anthony.Xu@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
To reduce the call to dynamic memory allocation, the patch tries to
alloate memroy together with hypervisor when hypervisor is being
relocated by efi stub code. The memory allocated will be right at the
end of HV memory. Three structs will be done in this way: 1) boot_ctx,
which saves EFI boot state and is passed to SOS; 2) multiboot_info,
faked multi-boot header for passing boot info to hypervisor; and 3)
multiboot_mmap, e820 mmap structure.
after this, the EFI stub code (which boot hypervisor) will only have 3
to dynamic memory:
1. the call for hv binary and the 3 struct;
2. the call to CPU boot trampoline code;
3. the call to alloc mmap buf when inquery memory layout from UEFI FW;
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Reviewed-by: Jason Chen <jason.cj.chen@intel.com>
Reviewed-by: Anthony Xu <Anthony.Xu@intel.com>
Reviewed-by: Eddie Dong <Eddid.Dong@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
UEFI provides the func allocate_pages() with the option of AllocateAddress
and AllocateMaxAddress to allocate memory at fixed address or below the
specified address respectively. Make use of the interface, simplify the
memory allocation for hyperivosr when CONFIG_RELOC is enabled.
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Reviewedd-by: Anthony Xu <Anthony.Xu@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
CPU boot binary need to reside in the memory below 1MB. UEFI firmware
does provide that functionality to limit the highest physical addr of
allocated memory. we just call the right UEFI API and no longer do it
in EFI stub code.
Tracked-On:#1260
Signed-off-by: Chaohong Guo <chaohong.guo@intel.com>
Reviewed-by: Jason Chen <jason.cj.chen@intel.com>
Acked-by: Gen Zheng <gen.zheng@intel.com>
Reviewed-by: Anthony Xu <Anthony.Xu@intel.com>
Logically, out-of-range access won't happen at these places. However, it
depends on the behaviour of other codes.
This commit makes changes to explicitly eliminate the possibility in these
functions.
Tracked-On: #1235
Signed-off-by: Yan, Like <like.yan@intel.com>
- use sizeof(struct lapic_regs),instead of arbitrary size
to lear 'apic_page' memory region in vlapic.c
- fix potential buffer overflow issues in vpic.c & ioapic.c
Tracked-On: #1252
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
These MACROs are never used by current code so remove it. The needed APIC
info is defined in other files with other MACROs.
We will unify kinds of APIC info definition in one place soon.
Tracked-On: #1274
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add acpi_fixup() api in bsp that can override platform ACPI info when
do init_bsp(), this is useful when platform bootloader is not lock
down before production.
In current code only the wake vector addresses would be parsed after
boot and then override to host_acpi_info, we can add more in furture
based on our needs.
Tracked-On: #1264
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Per ACPI spec, there are two fundamental types of ACPI tables:
Tables that contain AML code produced from the ACPI Source Language (ASL).
These include the DSDT, any SSDTs, and sometimes OEM-specific tables (OEMx).
Tables that contain simple data and no AML byte code. These types of tables
are known as ACPI Data Tables. They include tables such as the FADT, MADT,
ECDT, SRAT, etc. -essentially any table other than a DSDT or SSDT.
The second type of table, the ACPI Data Table, could be parsed here.
If Kconfig of CONSTANT_ACPI is set to yes, this parser is not needed.
Tracked-On: #1264
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
If CONFIG_CONSTANT_ACPI is true, then the value in host_acpi_info structure
is constant. Otherwise the host_acpi_info value could be overrided.
This is useful when platform ACPI table value is not fixed in Bootloader
before production.
In production release, this config should be set to yes.
Tracked-On: #1264
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRAC has requirement about implict conversion: actual to formal
param. This patch is used to fix part of these violations.
1.Add a new structure seg_desc_vmcs to hold the VMCS field address of
segment selector to clean up seg_desc structure.
2.Add the definition of maximum MSI entry and the relevant judgement.
3.The violations in shell.c, logmsg.c will be fixed in other series of
patches with modification of function snprintf(), vsnprintf() and other
related usages.
v1->v2:
*Move the definition of struct seg_desc_vmcs from instr_emul.h to
instr_emul.c.
*Modify the formal parameter type in function definition from uint8_t
to char instead of using cast.
*Drop the const declaration for char data in formal parameter.
v2->v3:
*update the data missing conversion.
*change type of internal parameter len to avoid casting in npklog.c.
*change the conversion from signed char to unsigned int in
uart16550_getc() to solve sign-extension.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C states that redundant macros reduce the maintainability of code.
In some cases, we would like to keep the current unused macros for code
completeness, such as cpu registers. These macros might be used later.
This patch removes some unused macros that is not critical for code
completeness.
v1 -> v2:
* Keep TRUSTY_VERSION in trusty.c.
Yadong will cook another patch which will utilize TRUSTY_VERSION.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the current hypervisor hypercall, first all vcpu is
allocated to SOS, vcpu's vm field is initialized to vm0.
When the vcpu is offlined, vcpu will be paused and vcpu's
vm field is set as NULL by DM. When UOS is created, vcpu's
vm field is set as UOS's vm. So when vmcall_vmexit_handler
is invoked, vcpu's vm filed is always non-NULL.
error checking for vm pointer is done in the function
"vmcall_vmexit_handler", vmcall_vmexit_handler will
guarantee that vm is vm0.
So all hypercall functions (these functions is just for handler
hypercall, except vmcall_vmexit_handler) don't need to check
whether invoking vm is NULL and don't need to check whether
invoking vm is vm0 or not.
Remove related invoking vm error checking for hypercall handling.
V1 --> V2:
Add pre-condition for hypercall in the head file.
V2 --> V3:
Add pre-condition for copy_from_gpa and copy_to_gpa.
V3 --> V4:
Add pre-condition both in the head file and source file.
Tracked-On:#1258
Signed-off-by: Xiangyang Wu <xiangyang.wu@linux.intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Current code enables IOMMU from init_iommu_vm0_domain which is called
from vm0/sos boot sequence. For partition mode VMs, this is not called as
VMs are numbered from 1.
This patch adds support to initialize root table pointer for each IOMMU
and enable all IOMMUs from init_iommu. Hence IOMMUs are enabled even
though ACRN does not boot vm0.
Tracked-On: #1246
Signed-off-by: Sainath Grandhi sainath.grandhi@intel.com
In current code of suspend_iommu/resume_iommu, there is potential buffer overflow
according to the code.
This patch put the buffer to struct dmar_drhd_rt, so that no need to access the buffer
via index.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Tracked-On: #1252
Acked-by: Eddie Dong <eddie.dong@intel.com>
Delete the dead code get_irq_info(), local_get_irq_info() in io_request.c
and definition in guest.h.
v1->v2
*the dead code used pointers which not checked before use, therefore it
causes "pointer not checked for null before use". To make it clearly,
modify the subject to "delete the dead code" directly.
*remove dead code local_get_irq_info() in io_request.c and definition
in guest.h together.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In ACRN hypervisor, u/int64_t is defined as unsigned/ long.
It's nature to use %l to print it. But current printf use
%l to print int and only use %ll for long.
This patch fix it by treat long and long long same for printf.
Tracked-On: #1230
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The vie->opcode should be updated when decode_two_byte_opcode(),
otherwise for two bytes opcode emulate(movzx/movsx) will fail.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
- move the contents in macros.h and stdarg.h to util.h
- remove macros.h and stdarg.h
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRAC has requirements about literal value requires a U suffix and
signed/unsigned conversion with cast. This patch is used to solve
these violations.
v1->v2
*Drop the cast of sz from uint32_t to int32_t, the signed/unsigned
violation of nchars will be solved by other patch together with
printf/sprintf/console/vuart/uart code.
*Delete the unnecessary L suffix of shifting operand.
Tracked-On: #861
Signed-off-by: Junjun Shan <junjun.shan@intel.com>
Reviewed by: Junjie Mao <junjie.mao@intel.com>
in local_set_vm_memory_region, hpa is not used for MR_DEL, and it does
not need check HV memory overlap for a MR_DEL operation.
this is a bug exposed by remapping SOS first page, as the remap page whose
gpa = 0 actually fall into HV memory area; while during MR_DEL, the input
param vm0_gpa is set to 0 by default.
Tracked-On: #1124
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
According to SDM 4.6 Access Rights definition, if SMAP/SMEP
is enabled, more conditions are used to decide the access rights
like SMAP/SMEP, EFLAGS.AC, R/W bit in every paging-structure entry
for page walking.
This patch add the check to guest page walking function and inject
page fault accordingly.
Tracked-On: #1207
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The current movs emulation has issues:
1. it use gva to get/put data.
2. it only support src and dst operand are memory which does not
apply to our case (one of them should be mmio and triggers
EPT voilation).
This patch fix the issue by:
1. convert the address from gva to hva before access it.
2. handle mmio emulation.
Also fix the issue introduced by previous instruction reshuffle
patchset:
1. the desc validation should be only applied to none-64bit mode.
2. gva2gpa should be given correct guest virtual address.
Specailly for movs, we cache the dst gpa if the check during
movs decoding success. And use it directly during movs
emulation.
Tracked-On: #1207
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Tested-by: Qi Yadong <yadog.qi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- replace the usage of mdelay with udelay
- remove lib/mdelay.c
- rename udelay.c to misc.c
future other small APIs could put in misc.c
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- update 'vlapic' in 'struct vcpu_arch' from pointer
to instance
-- add inline function(vcpu_vlapic) in vcpu.h
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It has been defined in 'struct vcpu_arch'
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move structure vlapic_pir_desc/vlapic_timer/
acrn_vlapic from vlapic_priv.h to vlapic.h
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace pointer with static memory for apicv_apic_access_addr
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace pointer with static memory for msr_bitmap
inside structure vm_arch.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Replace vmcs pointer with static memory for vmcs region
inside structure vcpu_arch.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MRB bootloader is switched to ABL ver 1820HF1_release, so change platform
acpi info accordingly to support system S3.
Tracked-On: #1196
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In function start_cpus, we allocated memory under 1M when
preparing AP trampoline code.
With S3 feature enabled, start_cpus is called every time after
ACRN resume from S3 which leaks the allocated memory for AP
trampoline code.
To avoid memory leak, move the AP trampoline preparing function
out of start_cpus to make sure the memory for AP trampoline is
only allocated one time when system boot.
Tracked-On: #1156
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Zide Chen <zide.chen@intel.com>
- convert function like macros to inline functions based on MISRA-C
requirement
- remove some unused and duplicated macros
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
as SOS mapped all memory at the beginning, so trap vlapic need unmap its
memory; for UOS, there is no need as UOS never mapped it.
Tracked-On: #1124
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
error message for "read" or "write" was incorrect.
for developers, we just need print out direction & type value.
Tracked-On: #875
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
MRB bootloader is switched to ABL, so change platform acpi info accordingly
to support system S3.
Tracked-On: #1196
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
for each pass-thru device and its entry owned by one VM, so
change the pass-thru device's softirq lock & entry list into
per VM, so one VM's PT device interrupt process will not
interfere with other VMs; especially in case one user OS
"interrupt storm" happens, it will have little effect on
service OS.
Tracked-On: #866
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The arch_vcpu->irq_window_enabled is almost useless in original code.
This patch use it to avoid unnecessary "interrupt-window exiting"
conditions check if "interrupt-window exiting" is aleady enabled.
Tracked-On: #1190
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The external interrupt events only can be inject if RFLAGS.IF = 1 and no
blocking by both STI and MOV SS. If met this scenario, we need to enable
"interrupt-window exiting" for injection in next VMEXIT.
Tracked-On: #1189
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
If the "virtual-interrupt delivery" is enabled for vmx apicv, then need
avoid to enable interrupt-window exiting. From SDM Vol3, 29.2.1, the
evaluation of pending virtual interrupts only be trigger if
"interrupt-window exiting" is 0.
The original code will enable interrupt-window vmexit if any pending
vlapic interrupts even the "virtual-interrupt delivery" is enabled. It
will cause the pending interrupts can't be evaluate immediately until
guest triggered interrupt-window vmexit.
For "virtual-interrupt delivery" enabled case, just need sync the
pending interrupts to irr and update rvi if needed. And CPU will
evaluate and automatic injecct virtual interrupt at appropriate time. It
doesn't rely on interrupt-window vmexit.
For "virtual-interrupt delivery" disabled case, need to check if satisfy
the virtual interrupt injection conditions before doing the interrupt
injection. If not, then need to enable interrupt-window vmexit and
re-check the conditions in the next time vmexit.
Tracked-On: #1187
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
-- Change vmx_off/exec_vmxon/exec_vmclear/exec_vmptrld/
exec_vmxon_instr/init_vmcs to void type
-- for vmxon/vmclear/vmptrld, add pre-conditions to
guarantee sucessful execution.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Check if the VMX capability is locked with incorrect value,
at the time when HV do the hardware capability detect.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Remove vmxon_region_pa from structure per_cpu_region,
and define vmxon_region inside per_cpu_region.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add the brackets for Macro parameter to avoid the unintentional
mistakes.
A simple example that may cause mistakes:
#define minus(x) -x
When the following call is made,
z = minus(a-b)
it becomes:
z = -a-b;
where "-a - b" is equivalent to "(-a) - b" rather than "- (a - b)", as
expected.
v2 -> v3:
* convert DMAR_WAIT_COMPLETION to inline function
* remove the macro PIC_PIN_FOREACH and implement the well-formed
for loop in each case
* replace __CPP_STRING with STRINGIFY and remove the unused CPP_STRING
v1 -> v2:
* Remove some changes to function like macro since MISRA-C requires to
use inline functions if it is possible.
These MACRO brackets violations will be fixed together when fixing
other issues related to function like macro.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
If hardware_detect_support() failed,as it return to
bsp_boot_init with a different stack and thus returning
from bsp_boot_init becomes an undefined behavior.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C requires that each function defined and declared shall be called
or referenced in code analyzed.
In some cases, we would like to keep the non-called functions for code
completeness, such as
vcpu_inject_extint/vcpu_inject_nmi/vcpu_inject_gp/vcpu_inject_pf
/vcpu_inject_ud/vcpu_inject_ac/vcpu_inject_ss.
This pacth removes some functions that are independent and are not
called in our code base.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Pre-allocate 2 pages of static memory for shell log buffer.
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C requires that each parameter in the MACRO shall be in brackets.
In some cases, adding brackets for all of the parameters may not be a
perfect solution.
For example, it may affect the code readability when there are many
parameters used in the MACRO.
And duplicated brackets will appear when one MACRO called another MACRO
which is using same parameters.
This patch convert some MACROs to inline functions to avoid such cases.
v1 -> v2:
* Remove the unnecessary changes in hypervisor/bsp/uefi/efi/boot.h
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
commit a71dedecd4 ("hv: treewide: fix 'Array has no bounds specified")
misses one '&', which breaks the hypervisor relocation feature.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
- Converted MACROS to functions
- Defined pci_bar_type enum
- Defined pci_bdf as union instead of uint16_t to eliminate macros
- Use L or UL postfix after unsigned integers
Tracked-On: #1126
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
MISRA-C requires that the controlling expression of an if statement or
an iteration-statement shall be Boolean type.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
We have two same log message in decode_instruction. It's a little bit confusing.
So, this patch refine the log message to make it more explicit.
BTW, we refine one message in create_vcpu.
Tracked-On: #1136
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch fixes the following issues:
- No newline after semi colon.
- No space after semi colon in for expression.
- No space between if, while, for and expresn.
v1 -> v2:
* Fix the typo for the for loop change.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
We don't need find_next_table to walk to the next EPT page table.
Tracked-On: #1124
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Add 1GB large page support limit on our platform.
Tracked-On: #1124
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
VMs in partition mode uses a kernel patch to switch to physical mode xAPIC.
The kernel patch together with this patch makes sure device MSIs use
physical mode as DM and physical APIC IDs in Destination field.
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
To be sure hypervisor and DM are position independent
and executable.
Tracked-On: #1122
Signed-off-by: wenshelx <wenshengx.wang@intel.com>
Acked-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
This patch fixes the following issues:
- Assignment operation in expression.
- For loop incrementation is not simple.
- No brackets to loop body.
- Use of comma operator.
v1 -> v2:
* Replace &x->y with &(x->y) based on our new coding rule
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Since vmexit handling in ACRN partition mode is not complex (since no SOS and
all devices passthru), interrupts can stay disabled in root mode during
vmexit handling.
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
There is no requirement to hpa2gpa for trusty memory,
now we use the same inverted eptp for normal world and secure world,
that is it can get some trusty memory information by the inverted
page tables in normal world,then this patch removed the inverted
page tables for trusty memory.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Change guest_msrs in vcpu data structure from pointer to array, which
could avoid the dynamic memory allocation.
v1 -> v2:
* Remove the unnecessary initialization for guest_msrs[] since vcpu is
allocated by calloc.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
We should specify gpa for uos or sos when restore memory, otherwise
it would cause resume failure issue.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
-- rename struct vioapic --> struct acrn_vioapic
-- update 'vioapic' field in 'struct arch_vm' from pointer
to instance
-- change vm_ioapic(vm) to inline, and move it to vm.h
-- change vioapic_init to void type
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- update 'vuart' field in 'struct vm' from pointer
to instance
-- replace MACRO with inline function for vm_vuart,
and move it to vm.h
-- change vuart_init to void type
-- rename struct vuart -->struct acrn_vuart
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- update 'vpic' field in 'struct vm' from pointer
to instance, and move it from 'struct vm' to 'struct arch_vm'
-- replace MACRO with inline function for vm_pic, and move it
to vm.h
-- changed vpic_init to void type
-- removed vpic_cleanup
-- move struct acrn_vpic/i8259_reg_state from vpic.c to vpic.h
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In the gdt.h, it defines unions and parameters which is not used
in hypervisor. Removed them to keep the gdt definition simple.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Modify and simplify the code:
1. Removed unused definitions and pre-compile code
2. remove test code
3. Code style
Signed-off-by: Chen, Gang G <gang.g.chen@intel.com>
- by default, ACRN will not support platform without
below APICv features:
-- Use TPR shadow
-- APIC-register virtualization
- remove mmio emualtion of local APIC for guest
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
In current code, the address translation type for passthrough devices
in SOS is passthrough type, which means the device in SOS can access
the whole physcial memory.
This patch uses SOS EPT to translate address for passthrough
devices. So that the memory of VMM or trusty can be protected from
SOS PTDev.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
For the instructions other than MOVS, one operand is register
and another one is memory which trigger EPT voilation. In this
case, there is one possibility that EPT voilation happens before
guest fault:
the fault is triggered by related guest PTE access bit
voilation (like write to a gva with R/W bit cleared in PTE).
So we do this kind of check and inject exception to guest
accordingly during instruction decoding phase.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Unlike the other instructions we emulated, MOVS has two operands
both are memory.
So we need to check whether the operand is valid GVA. With VMX
enabled, the src operand is always checked first by VMX. Which
means if src operand is not valid GVA, it will trigger fault
in guest before trigger EPT. So we don't need to check src
operand. Only need to check dst operand here.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Drop the get_gla function and add
- get_gva_di_si_nocheck
get gva from ES:DI and DS(other segment):SI without
check faulure case
- get_gva_di_si_check
get gva from ES:DI and DS(other segment):SI with failure
case checked
TODO:
- Save dst_gpa and src_gpa for instruction emulation phase
use.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
We will do check only during instruction decode phase.
vie_calculate_gla will be called both in instruction emulation
phase, we move the check out of vie_calculate_gla.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
According to SDM vol3 25.1.1
With VMX enabled, following exception will be handled by guest
without trigger VM exit:
- faults based on privilege level
- general protection due to relevent segment being unusable
- general protection due to offset beyond limit of relevent segment
- alignment check exception
ACRN always assume VMX is enabled. So we don't need to these check
in instruction emulation. But we need to do page fault related check.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
If rm show there is no SIB following rm field, we should get
base_register info from rm.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- call these functions directly, no need to register
callbacks.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The virt_vector/phys_vector are only used for debugging.
Rename msix to is_msix.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Then we don't need to check whether phys_pin is valid in others.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Then use the source id to lookup the ptdev remapping entry.
For msi interrupt ptdev: use bdf and vector_index to identify the id;
For intx interrupt ptdev: use pin and pin source to identify the id.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The npk_log is a log destination for the hypervisor, similar to the
console_log and the mem_log. It can be enabled/disabled/configured
by the SOS kernel via the hypercall HC_SETUP_HV_NPK_LOG.
The configuration includes:
1. Set the MMIO base address of the reserved NPK master.
2. Set the log level of the hypervisor NPK log.
After that, the npk_log can be enabled to write the hypervisor logs to
the MMIO address of the reserved NPK master with a simple header.
Signed-off-by: Zhi Jin <zhi.jin@intel.com>
Signed-off-by: Liu, Xiaojing <xiaojing.liu@intel.com>
Reviewed-by: CHEN Gang <gang.c.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The hypercall HC_SETUP_HV_NPK_LOG is added to enable/disable/configure
the hypervisor NPK log.
Signed-off-by: Zhi Jin <zhi.jin@intel.com>
Signed-off-by: Zhonghua Sun <zhonghua.sun@intel.com>
Reviewed-by: CHEN Gang <gang.c.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Since this interrupt pin is passed through to the guest, we could set
it as we like. There's no need a flag to emulate the masked status.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
The apicv is one hardware acceleration feature of vlapic. All vlapic
APIs should keep vlapic_ as the prefix.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
From SDM Vol3 10.4.6:
Some processors permit software to modify the APIC ID. However, the
ability of software to modify the APIC ID is processor model specific.
Because of this, operating system software should avoid writing to the
local APIC ID register.
So to permit change APIC ID is not one *must* feature. Keep it simple,
we are also reject to modify it.
This patch does code cleaning up for LAPIC ID related emulation.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Since these APIs always return 0,
change them to void type,
vcpu_set_cr0()
vmx_write_cr0()
vcpu_set_cr4()
vmx_write_cr4()
kick_notification()
tsc_deadline_handler()
dmar_fault_handler()
ptdev_interrupt_handler()
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
We didn't emualte them well, so just disable them.
Here are PMU CPUID.0A, Intel RDT CPUID.0F and CPUID.10, Intel SGX CPUID.12,
Intel Processor Trace CPUID.14
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
- Clean up some code regarding to % and / operations since bit
operations are faster.
x % 64U ---> x & 0x3fU
x % 32U ---> x & 0x1fU
x % 16U ---> x & 0xfU
x % 8U ---> x & 0x7U
x % 4U ---> x & 0x3U
x % 2U ---> x & 0x1U
x / 64U ---> x >> 6U
x / 32U ---> x >> 5U
x / 16U ---> x >> 4U
x / 8U ---> x >> 3U
x / 4U ---> x >> 2U
x / 2U ---> x >> 1U
- Minor changes regarding to coding styles
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit replaces the "used" field of irq_desc with a bitmap to maintain
the irq use status to save memory and LOC, and improve the efficiency as well.
Signed-off-by: Yan, Like <like.yan@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- update 'apic_page' field in 'struct acrn_vlapic',
from pointer type to 'struct lapic_regs' type.
- delete 'pir' and update 'pir_desc' to 'vlapic_pir_desc'
type.
- fix potential memory leak in 'vlapic_create()'
should free allocated memory in case of registering
mmio handler failure.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
MISRAC requires that the array size should be declared explicitly.
This patch fixes the issues caused by vm0_boot_context.
Fix pattern is like below:
extern char start_of_ROM, end_of_ROM, start_of_FLASH;
memcpy (& start_of_FLASH, & start_of_ROM, & end_of_ROM - &
start_of_ROM);
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Use func(void) rather than func() for the function declaration and
definition based on MISRAC requirement.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Fix the parameter type mismatch between API declaration and definition.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
-- change send_start_ipi/do_copy_earlylog to void type
-- drop the return value for vcpu_queue_execption
when inject GP/PF/UD/AC/SS
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
ACRN in partition mode provides vUART for all VMs. This patch adds
support to add console redirection for multiple VMs.
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
-- change two timer callbacks to void type
-- ignore the return value for add_timer
-- add (void) before several functions(memset/memcpy/
vcpu_get_xxx)
v1-->v2:
ignore the return value for add_timer
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
for secure and normal world has different EPTP, in secure world,
it could trap to hypervisor and call gpa2hpa function. So it need
check if it is in normal or secure world for EPTP selection.
Detailed explanation from Yadong Qi <yadong.qi@intel.com>:
Currently, trusty OS does not handle interrupt, so when an interrupt
is delivering in trusty, trusty will set it to LAPIC IRR register by
inject self_ipi() and then call world_switch to switch to Android,
So android will receive/handle the interrupt properly.Since the
vLAPIC is enabled in ACRN, so when trusty try to inject self_ipi(),
APIC-ACCESS vmexit will happen. Then ACRN will do instruction
decode/emulation, so the GPA2HPA will fail since page walk is using
nworld_eptp. It is probability an issue.
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit changes the order of functions in arch/x86/irq.c, and internal
function names to make it looks cleaner, with no change within any function.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
There are several similar irq handlers with confusing function names and it's
not friendly to call update_irq_handler() to update a proper handler after
request_irq().
With this commit, a single generic irq handler is being used, in which, no lock
need to be acquired because our design could guarantee there is no concurrent
irq handling and irq handler request/free.
A flags field is added to irq_desc struct to select the proper processing flow
for an irq. Irqflags is defined as follows:
IRQF_NONE (0U)
IRQF_LEVEL (1U << 1U) /* 1: level trigger; 0: edge trigger */
IRQF_PT (1U << 2U) /* 1: for passthrough dev */
Because we have only one irq handler, update_irq_handler() should be replace by
set_irq_trigger_mode(), whichs set trigger mode flag of a certian irq.
Accordingly, the code where called update_irq_handler() need to be updated.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit refactors vector allocation/free codes, two functions are
defined to help alloc/free vectors for an irq:
- uint32_t alloc_irq_vector(uint32_t irq)
- alloc a free vector (0x20 ~ 0xDF), and bind it to irq, for legacy irqs
and static mapped irqs, vector has been allocated and bind, so just
check the mapping correctness;
- return: valid vector on success, VECTOR_INVALID on failure.
- void free_irq_vector(uint32_t irq)
- free vector allocated via alloc_irq_vector(), for legacy irqs and static
mapped irqs, nothing need to do.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit refactors the alloc/free irq num, two functions are defined:
- uint32_t alloc_irq_num(uint32_t irq)
- if irq is valid, mark the irq_desc as used; if it's IRQ_INVALID,
alloc a free irq, or else do nothing;
- return: irq num on success, or IRQ_INVALID on failure.
- void free_irq_num(uint32_t irq)
- free the irq num allocated via alloc_irq_num();
And a global spinlock to protect it from concurrent allocation/free.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit cleans up fiels of struct irq_desc:
- remove name, irq_desc_state, irq_cnt and irq_lost_cnt which are not used.
- remove irq_ prefix of irq_lock field of struct irq_desc;
- change enum irq_state to enum irq_use_state;
Signed-off-by: Yan, Like <like.yan@intel.com>
Reviewed-by: Li, Fei <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
removed some unnecessary variables and functions.
v1-->v2:
Replace div-by-zero with an inline ASM code
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- Fix the data type violations based on MISRA-C requirements
- Add '-fsigned-char' in Makefile to let the compiler treats 'char' be
signed, like 'signed char'.
Otherwise, the static checker treats 'char', 'signed char' and 'unsigned
char' as three different types.
- Fix some minor coding style issues, such as TAB issues, line over 80
characters issues and comments style
v1 -> v2:
* fix the violation regarding to 'fifo_getchar'
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
1)Fix to take into account the size of proc entries in MPtable.
2)Change APIC ids to virtual APIC IDs
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
ACRN in partition mode needs to boot VMs from HV. This patch make ACRN
treat all VMs in the same way (as vm0) w.r.t. setting up the guest memory
for kernel, bootargs and zeropage
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
1) Changed VM memory size from 2 GB to 512 MB
Some platforms might not have a total of 4 GB above 4 GB in host e820
With this change, we need a total of only 1 GB above 4 GB in host e820
2) Update e820 entries for the above change
3) type fix for VM1_CPUS and VM2_CPUS
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
V1:
In order to better comply with MISRA C,
add const qualifiers whereeven required.
In the patch, these are being added to pointers
which are normally used in "get" functions.
V2: Corrected the issues in the patch
pointed by Junjie in his review comments.
Moved the const qualifiers to the correct
places. Removed some changes which are not
needed.
V3: Updated patch comment.
This modifies a subset of all the functions
which might need constant qualifiers
for the their parameters.
This is not and exhaustive patch. This only
targets obvious places where we can use
the const qualifier. More changes will be
submitted in future patches, if required.
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
vlapic_vmx_vapic_set_tmr is nobody use now, remove it first to avoid
build warning.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
ACRN currently do not support SMM and SMI. Print one explicit warning
for it.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
From SDM Vol3 Table 10-1 Local APIC Register Address Map. The 0x3F0 is
reserved.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Currently, ACRN hasn't expose x2apic capability through cpuid.
And x2apic related code in vlapic.c has no real functionality. This
patch clear related code.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
In interrupt-window exiting handler, disable it directly even there has
pending interrupts. The later acrn_handle_pending_request will
re-evaluation and re-enable it if needed.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The guc boot option is refined on the new linux kernel. The boot option of
"i915.enable_guc=0" should be added in order to disable Guc instead of using
"enable_guc_loading/submission". But in order to use the same boot option on
multi kernel, both of them are kept.
V1->V2: Add the option on APL-NUC platform
Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Binbin Wu<binbin.wu@intel.com>
This patch adds code to support read-only RTC support for guests
run by partition mode ACRN. It supports RW for CMOS address port 0x70
and RO for CMOS data port 0x71. Reads to CMOS RAM offsets are fetched
by reading CMOS h/w directly and writes to CMOS offsets are discarded.
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Now the guest may change "Destination Field", "Trigger Mode",
"Interrupt Input Pin Polarity" even "Interrupt Vector" when
"Interrupt Mask" not masked. So we should update the pass through
device interrupt pin rte in this situation. The old logic would
update it only when "Interrupt Mask" or "Trigger Mode" or
"Interrupt Input Pin Polarity" was changed.
update ptdev native ioapic rte when (a) something changed and
(b) the old rte interrupt mask is not masked or the new rte interrupt
mask is not masked.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
MISRA-C requires that shift operation cannot exceed the word length.
What this patch does:
- Fix the bug in 'vuart_init'
The register 'dll' and 'dlh' should be uint8_t rather than char.
'dll' is the lower 8-bit of divisor.
'dlh' is the higher 8-bit of divisor.
So, the shift value should be 8U rather than 16U.
- Fix other data type issues regarding to the registers in 'struct
vuart'
The registers should be unsigned variables.
v1 -> v2:
* Use a local variable 'uint8_t value_u8 = (uint8_t)value' to avoid
mutiple times type conversion
* Use '(uint8_t)divisor' rather than '(uint8_t)(divisor & 0xFFU)' to
get the lower 8 bit of 'divisor'
Direct type conversion is safe and simple per Xiangyang's suggestion.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
-- Change these APIs to void type, add pre-conditions,
and move parameter-check to upper-layer functions.
handle_vpic_irqline
vpic_set_irqstate
vpic_assert_irq
vpic_deassert_irq
vpic_pulse_irq
vpic_get_irq_trigger
handle_vioapic_irqline
vioapic_assert_irq
vioapic_deassert_irq
vioapic_pulse_irq
-- Remove dead code
vpic_set_irq_trigger
v1-->v2:
add cleanup vpic
change some APIs to void type, add pre-conditions,
and move the parameter-check to upper-layer functions.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The wake vector address in SBL ACPI table was changed since ww30,
so change platform acpi info accordingly to support system S3.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
after updated cpu context get/set method, the vcpu_dumreg cmd is not
correct anymore as the registers may read from VMCS but meantime hv
shell may not be running on target vcpu.
this patch take use of smp_call_function for vcpu dumpreg and make the
dump always come from correct vcpu.
v2:
- use str pointer to get vcpu_dumpreg context instead of print out directly
in notify handler.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
