In the gdt.h, it defines unions and parameters which is not used
in hypervisor. Removed them to keep the gdt definition simple.
Signed-off-by: Yang, Yu-chu <yu-chu.yang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- by default, ACRN will not support platform without
below APICv features:
-- Use TPR shadow
-- APIC-register virtualization
- remove mmio emualtion of local APIC for guest
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
In current code, the address translation type for passthrough devices
in SOS is passthrough type, which means the device in SOS can access
the whole physcial memory.
This patch uses SOS EPT to translate address for passthrough
devices. So that the memory of VMM or trusty can be protected from
SOS PTDev.
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
For the instructions other than MOVS, one operand is register
and another one is memory which trigger EPT voilation. In this
case, there is one possibility that EPT voilation happens before
guest fault:
the fault is triggered by related guest PTE access bit
voilation (like write to a gva with R/W bit cleared in PTE).
So we do this kind of check and inject exception to guest
accordingly during instruction decoding phase.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Unlike the other instructions we emulated, MOVS has two operands
both are memory.
So we need to check whether the operand is valid GVA. With VMX
enabled, the src operand is always checked first by VMX. Which
means if src operand is not valid GVA, it will trigger fault
in guest before trigger EPT. So we don't need to check src
operand. Only need to check dst operand here.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Drop the get_gla function and add
- get_gva_di_si_nocheck
get gva from ES:DI and DS(other segment):SI without
check faulure case
- get_gva_di_si_check
get gva from ES:DI and DS(other segment):SI with failure
case checked
TODO:
- Save dst_gpa and src_gpa for instruction emulation phase
use.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
We will do check only during instruction decode phase.
vie_calculate_gla will be called both in instruction emulation
phase, we move the check out of vie_calculate_gla.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
According to SDM vol3 25.1.1
With VMX enabled, following exception will be handled by guest
without trigger VM exit:
- faults based on privilege level
- general protection due to relevent segment being unusable
- general protection due to offset beyond limit of relevent segment
- alignment check exception
ACRN always assume VMX is enabled. So we don't need to these check
in instruction emulation. But we need to do page fault related check.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
If rm show there is no SIB following rm field, we should get
base_register info from rm.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- call these functions directly, no need to register
callbacks.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The virt_vector/phys_vector are only used for debugging.
Rename msix to is_msix.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Then we don't need to check whether phys_pin is valid in others.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Then use the source id to lookup the ptdev remapping entry.
For msi interrupt ptdev: use bdf and vector_index to identify the id;
For intx interrupt ptdev: use pin and pin source to identify the id.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The npk_log is a log destination for the hypervisor, similar to the
console_log and the mem_log. It can be enabled/disabled/configured
by the SOS kernel via the hypercall HC_SETUP_HV_NPK_LOG.
The configuration includes:
1. Set the MMIO base address of the reserved NPK master.
2. Set the log level of the hypervisor NPK log.
After that, the npk_log can be enabled to write the hypervisor logs to
the MMIO address of the reserved NPK master with a simple header.
Signed-off-by: Zhi Jin <zhi.jin@intel.com>
Signed-off-by: Liu, Xiaojing <xiaojing.liu@intel.com>
Reviewed-by: CHEN Gang <gang.c.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
The hypercall HC_SETUP_HV_NPK_LOG is added to enable/disable/configure
the hypervisor NPK log.
Signed-off-by: Zhi Jin <zhi.jin@intel.com>
Signed-off-by: Zhonghua Sun <zhonghua.sun@intel.com>
Reviewed-by: CHEN Gang <gang.c.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Since this interrupt pin is passed through to the guest, we could set
it as we like. There's no need a flag to emulate the masked status.
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
The apicv is one hardware acceleration feature of vlapic. All vlapic
APIs should keep vlapic_ as the prefix.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
From SDM Vol3 10.4.6:
Some processors permit software to modify the APIC ID. However, the
ability of software to modify the APIC ID is processor model specific.
Because of this, operating system software should avoid writing to the
local APIC ID register.
So to permit change APIC ID is not one *must* feature. Keep it simple,
we are also reject to modify it.
This patch does code cleaning up for LAPIC ID related emulation.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Since these APIs always return 0,
change them to void type,
vcpu_set_cr0()
vmx_write_cr0()
vcpu_set_cr4()
vmx_write_cr4()
kick_notification()
tsc_deadline_handler()
dmar_fault_handler()
ptdev_interrupt_handler()
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
We didn't emualte them well, so just disable them.
Here are PMU CPUID.0A, Intel RDT CPUID.0F and CPUID.10, Intel SGX CPUID.12,
Intel Processor Trace CPUID.14
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
- Clean up some code regarding to % and / operations since bit
operations are faster.
x % 64U ---> x & 0x3fU
x % 32U ---> x & 0x1fU
x % 16U ---> x & 0xfU
x % 8U ---> x & 0x7U
x % 4U ---> x & 0x3U
x % 2U ---> x & 0x1U
x / 64U ---> x >> 6U
x / 32U ---> x >> 5U
x / 16U ---> x >> 4U
x / 8U ---> x >> 3U
x / 4U ---> x >> 2U
x / 2U ---> x >> 1U
- Minor changes regarding to coding styles
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit replaces the "used" field of irq_desc with a bitmap to maintain
the irq use status to save memory and LOC, and improve the efficiency as well.
Signed-off-by: Yan, Like <like.yan@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
- update 'apic_page' field in 'struct acrn_vlapic',
from pointer type to 'struct lapic_regs' type.
- delete 'pir' and update 'pir_desc' to 'vlapic_pir_desc'
type.
- fix potential memory leak in 'vlapic_create()'
should free allocated memory in case of registering
mmio handler failure.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
MISRAC requires that the array size should be declared explicitly.
This patch fixes the issues caused by vm0_boot_context.
Fix pattern is like below:
extern char start_of_ROM, end_of_ROM, start_of_FLASH;
memcpy (& start_of_FLASH, & start_of_ROM, & end_of_ROM - &
start_of_ROM);
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Fix the parameter type mismatch between API declaration and definition.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
-- change send_start_ipi/do_copy_earlylog to void type
-- drop the return value for vcpu_queue_execption
when inject GP/PF/UD/AC/SS
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
-- change two timer callbacks to void type
-- ignore the return value for add_timer
-- add (void) before several functions(memset/memcpy/
vcpu_get_xxx)
v1-->v2:
ignore the return value for add_timer
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
for secure and normal world has different EPTP, in secure world,
it could trap to hypervisor and call gpa2hpa function. So it need
check if it is in normal or secure world for EPTP selection.
Detailed explanation from Yadong Qi <yadong.qi@intel.com>:
Currently, trusty OS does not handle interrupt, so when an interrupt
is delivering in trusty, trusty will set it to LAPIC IRR register by
inject self_ipi() and then call world_switch to switch to Android,
So android will receive/handle the interrupt properly.Since the
vLAPIC is enabled in ACRN, so when trusty try to inject self_ipi(),
APIC-ACCESS vmexit will happen. Then ACRN will do instruction
decode/emulation, so the GPA2HPA will fail since page walk is using
nworld_eptp. It is probability an issue.
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit changes the order of functions in arch/x86/irq.c, and internal
function names to make it looks cleaner, with no change within any function.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
There are several similar irq handlers with confusing function names and it's
not friendly to call update_irq_handler() to update a proper handler after
request_irq().
With this commit, a single generic irq handler is being used, in which, no lock
need to be acquired because our design could guarantee there is no concurrent
irq handling and irq handler request/free.
A flags field is added to irq_desc struct to select the proper processing flow
for an irq. Irqflags is defined as follows:
IRQF_NONE (0U)
IRQF_LEVEL (1U << 1U) /* 1: level trigger; 0: edge trigger */
IRQF_PT (1U << 2U) /* 1: for passthrough dev */
Because we have only one irq handler, update_irq_handler() should be replace by
set_irq_trigger_mode(), whichs set trigger mode flag of a certian irq.
Accordingly, the code where called update_irq_handler() need to be updated.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit refactors vector allocation/free codes, two functions are
defined to help alloc/free vectors for an irq:
- uint32_t alloc_irq_vector(uint32_t irq)
- alloc a free vector (0x20 ~ 0xDF), and bind it to irq, for legacy irqs
and static mapped irqs, vector has been allocated and bind, so just
check the mapping correctness;
- return: valid vector on success, VECTOR_INVALID on failure.
- void free_irq_vector(uint32_t irq)
- free vector allocated via alloc_irq_vector(), for legacy irqs and static
mapped irqs, nothing need to do.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit refactors the alloc/free irq num, two functions are defined:
- uint32_t alloc_irq_num(uint32_t irq)
- if irq is valid, mark the irq_desc as used; if it's IRQ_INVALID,
alloc a free irq, or else do nothing;
- return: irq num on success, or IRQ_INVALID on failure.
- void free_irq_num(uint32_t irq)
- free the irq num allocated via alloc_irq_num();
And a global spinlock to protect it from concurrent allocation/free.
Signed-off-by: Yan, Like <like.yan@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This commit cleans up fiels of struct irq_desc:
- remove name, irq_desc_state, irq_cnt and irq_lost_cnt which are not used.
- remove irq_ prefix of irq_lock field of struct irq_desc;
- change enum irq_state to enum irq_use_state;
Signed-off-by: Yan, Like <like.yan@intel.com>
Reviewed-by: Li, Fei <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
removed some unnecessary variables and functions.
v1-->v2:
Replace div-by-zero with an inline ASM code
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1)Fix to take into account the size of proc entries in MPtable.
2)Change APIC ids to virtual APIC IDs
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
V1:
In order to better comply with MISRA C,
add const qualifiers whereeven required.
In the patch, these are being added to pointers
which are normally used in "get" functions.
V2: Corrected the issues in the patch
pointed by Junjie in his review comments.
Moved the const qualifiers to the correct
places. Removed some changes which are not
needed.
V3: Updated patch comment.
This modifies a subset of all the functions
which might need constant qualifiers
for the their parameters.
This is not and exhaustive patch. This only
targets obvious places where we can use
the const qualifier. More changes will be
submitted in future patches, if required.
Signed-off-by: Arindam Roy <arindam.roy@intel.com>
vlapic_vmx_vapic_set_tmr is nobody use now, remove it first to avoid
build warning.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
ACRN currently do not support SMM and SMI. Print one explicit warning
for it.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
From SDM Vol3 Table 10-1 Local APIC Register Address Map. The 0x3F0 is
reserved.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Currently, ACRN hasn't expose x2apic capability through cpuid.
And x2apic related code in vlapic.c has no real functionality. This
patch clear related code.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
In interrupt-window exiting handler, disable it directly even there has
pending interrupts. The later acrn_handle_pending_request will
re-evaluation and re-enable it if needed.
Signed-off-by: Yu Wang <yu1.wang@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
