This patch implement HECI virtualization backend service based on virtio
userspace framework. This service introduce a virtio-heci device model
for DM, and can be enabled by DM parameter '-s [BUS NO],virtio-heci'.
The HECI virtualization need both backend service in device-model and
frontend driver in guest to work. Backend service mainly emulates HECI
device's behaviors to satisfy frontend driver. They are based on virtio
userspace framework. Currently, it is using two virtqueues, one is for
TX and another is for RX.
Signed-off-by: Liu Shuo <shuo.a.liu@intel.com>
Reviewed-by: Li Hao <hao.l.li@intel.com>
Reviewed-by: Wang Yu <yu1.wang@intel.com>
Reviewed-by: Zhao, Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The 'find' command was not installed in our minimal Fedora 26
and 27-based Docker images. This resulted in a non-fatal error
when performing a 'make clean'. This commit adds this utility
(available in the 'findutils' package).
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
The 'find' command was not installed in our minimal Fedora 26
and 27-based Docker images. This resulted in a non-fatal error
when performing a 'make clean'. This commit adds this utility
(available in the 'findutils' package).
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
A couple of problems appeared on Ubuntu 14.04 (gcc 4.8.4) when we
turned on additional compiler flags with commit
519c4285cf. This patch fixes these
problems by adhering to the strict anti-aliasing rules and also
initializing the 'tfd' variable where the compile believed it
_could_ be used uninitialized.
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
APIC-access page which write into VMCS should be hpa
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
virtual-ACPI page which write into VMCS should be hpa
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Guest write tsc: cache the offset into run_context.tsc_offset;
Guest read tsc : use run_context.tsc_offset to calculate guest_tsc.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Now the MACRO SECURE_WORLD_ENABLED (1<<0)
Change it to 64 bit data
SECURE_WORLD_ENABLED (1UL<<0)
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
sync acrn_common.h to device model
set secure world enabled flag
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
malloc: allocate a block of memory, the contents of the block are undefined.
calloc: allocate a block of memory for an array of num elements and initializes all its bits to zero.
Signed-off-by: yechunliang <yechunliangcn@163.com>
Before this patch, guest temporary page tables were generated by hardcode
at compile time, HV will copy this page tables to guest before guest
launch.
This patch creates temporary page tables at runtime for the range of 0~4G,
and create page tables to cover new range(511G~511G+16M) with trusty
requirement.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Since the boot flow had been changed to that sos kernel is lanuched
by cl bootloader directly, replace the payload acrn.efi with bzImage.efi
in the acrn.conf file, and specify ROOTDEV with UUID in the command line.
The UEFI firmware launches the EFI/org.clearlinux/bootloaderx64.efi
as os loader not the EFI/BOOT/BOOTX64.EFI, so fix the issue in the document
ACRN_UEFI.txt which guides user with incorrect steps.
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Reviewed-by: Jack, Ren <jack.ren@intel.com>
Per trusty design, trusty requires a monotonic increasing
secure tick(TSC) at run time. This secure tick will used
to mitigate password/pin force attack, control key expiration,
etc.
Currently, the TSC_OFFSET is enabled. And guest will got
(host_tsc + tsc_offset) when execute rdtsc/rdtscp/rdmsr to
aquire tsc value. The host_tsc is always keeping increasing
during the runtime.
So initialize tsc_offset of trusty to 0 will ensure the
secure tick feature.
Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
eptp should be record as PA.
this patch changed nworld_eptp, sworld_eptp and m2p eptp to PA type,
necessary HPA2HVA/HVA2HPA transition is used for them after the change.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- read/write page table entries should use VA which defined as "void *"
- the address data in page table entries should us PA which defined as
"uint64_t"
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
for (int i = 0; i < ...; i++) is only allowed in C99 mode, so fix this
coding style to:
int i;
for (i = 0; i < ...; i++)
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The cpu model name of "Intel(R) Celeron(R) CPU J3455 @ 1.50GHz" is used for
APL NUC which is in Acrn official suport list.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
Currently acrn partitions cpus between SOS and UOS, so the default
policy is to allow guest managing CPU px state. However we would
not blindly passthrough perf_ctrl MSR to guest. Instead guest access
is always trapped and validated by acrn hypervisor before forwarding
to pcpu. Doing so leaves room for future power budget control in
hypervisor, e.g. limiting turbo percentage that a cpu can enter.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
We can use this interface for VHM to pass per-cpu power state data
to guest per its request.
For now the vcpu power state is per-vm, this could be changed if
per-cpu power state support is required in the future.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The vm px info would be used for guest Pstate control.
Currently it is copied from host boot cpu.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The patch takes Intel ATOM A3960 as example that hard code all Px info
which is needed for Px control into Acrn HV and load it in boot process.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The cpu model name would be used to distinguish which hard coded data
need to be loaded to boot_cpu_data;
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
all callers for fetch_page_table_offset should already make sure
it will not come to an unknown table_leve, so just panic here.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
- walk_paging_struct should return sub_table_addr, if something wrong,
it return NULL
- update_page_table_entry should return adjusted_size, if something wrong
it return 0
the change is valid under release version, as at that time, ASSERT in
walk_paging_struct is empty.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- remove unused map_params in get_table_entry
- add error return for both, which is valid under release version,
as at that time, ASSERT in get_table_entry is empty.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
function break_page_table should return next_level_page_size, if
something wrong, it return 0.
the change is valid for release version, as at that time ASSERT()
in break_page_table is empty.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
function map_mem_region should return mapped_size, if something wrong,
it return 0.
the change is valid for release version, as at that time ASSERT()
in map_mem_region is empty.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
add error return for all, which is valid under release version,
as at that time, ASSERT in modify_paging is empty.
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
With the DSDT which include virtual _PSS/_PCT/_PPC objects, UOS should
have ACPI Px control capability if acpi cpufreq driver is enalbed in
kernel.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
Some ACPI objects is per-vm and per-cpu specific so we need to pass
vmctx as function parameter when we write objects into DSDT table.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
There are 3 ACPI objects for Px: _PCT, _PPC and _PSS need to be writed
to DSDT, and the _PSS data is per-cpu specific so we need to pass the
vm id and vcpu id as parameter.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The px count and data is per-cpu so we should query them for specific
vm and specific vcpu, for px data we need to specify px num also.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
The interface will be used to interact with VHM service via IOCTL.
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
Previously with the help from gcc, __builtin_return_address(0) is
used as the guest entry address, but it can't work well with gcc 7.3
and leads to the guest unable to return to UEFI correctly.
Let's get it explicitly.
Signed-off-by: Jack Ren <jack.ren@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The acrnctl can help user to create, delete, launch and stop UOSs,
To see what it can do, just run:
# acrnctl
or
# acrnctl help
you may see:
support:
list
start
stop
del
add
Use acrnctl [cmd] help for details
There are examples:
(1) add a VM
Each time you can just add one VM. Suppose you have an UOS
launch script, such as launch_UOS.sh
you can run:
# acrnctl add launch_UOS.sh -U 1
vm1-14:59:30 added
Note that, launch script shoud be able to launch ONE UOS. If
it fail, it is better to print some error logs, to tell user
the reason, so that he knows how to solve it.
The vmname is important, the acrnctl searchs VMs by their
names. so duplicated VM names are not allowed. Beside, if the
launch script changes VM name at launch time, acrnctl will
not recgonize it.
(2) delete VMs
# acrnctl del vm1-14:59:30
(3) show VMs
# acrnctl list
vm1-14:59:30 untracked
vm-yocto stop
vm-android stop
(4) start VM
you can start a vm with 'stop' status, each time can start
one VM.
# acrnctl start vm-yocto
(5) stop VM
you can stop VMs, if their status is not 'stop'
# acrnctl stop vm-yocto vm1-14:59:30 vm-android
Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Reviewed-by: Zhao, Yakui <yakui.zhao@intel.com>
Signed-off-by: Tao, Yuhong <yuhong.tao@intel.com>
A monitor component will be added to acrn-dm, which crteats socket,
bind and listening at /run/acrn/vmname. Acrnctl & acrnd could conn
-ect to the socket for communication, using defined message, in
include/monitor_msg.h
For each defined message, a message handler callback could be
registered via monitor_add_msg_handler(). On received of a defined
message, a certain call back will be called. Each callback can only
see the message sender's socket-fd.
When acrn-dm want report something, not triggered by incoming message
it can send broadcast message, use monitor_broadcast().
Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Yin, Fengwei <fengwei.yin@intel.com>
Signed-off-by: Tao, Yuhong <yuhong.tao@intel.com>
Enable Travis CI testing for the following development host OSs:
* Clearlinux
* Ubuntu 16.04
* Fedora 26
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Enable compilation test for Fedora 26 and Ubuntu 16.04. The tests
will run for all combinations of RELEASE={0|1} and PLATFORM={sbl|uefi}
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Enable the Travis CI testing for all combinations of variables
that can be set at compile-time. I.e. RELEASE={0|1} and
PLATFORM={0|1}
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
The patch includes:
1. vrtc_cleanup -> vrtc_deinit to align with other devices
2. delete timer created in vrtc_init
3. make call to vrtc_deinit in cleanup path
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
old code has no deinit functionality for virtual keyboard device.
Which will trigger resource leak when system is reboot.
deinit function is added to:
1. deinit low ps2 based keyboard and mouse
2. release memory/io resource of virtual keyboard device
NOTE: IRQ resource will be handed in pci irq module
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
Add deinit function for ps2kbd and ps2mouse.
To support deinit function for ps2kbd and ps2mouse which
has struct atkbdc_base as parameter, we make struct
atkbdc_base exported as public.
We also add console unregister function for keyboard
and mouse. Which are called in ps2mouse/ps2kbd deinit
function.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
We didn't release mmio/io data structure related with PCI bar
of pci dev. Which could trigger memory leak when reboot UOS.
With the new patch, we release the mmio/io data structure
when pci core tries to deinit pci device.
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
Documentation for parameters must match exactly in spelling and case.
Parameter named "vcpu" was incorrectly documented as "VCPU", and
parameter named "param" was documented as "param's".
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
malloc: allocate a block of memory, the contents of the block are undefined.
calloc: allocate a block of memory for an array of num elements and initializes all its bits to zero.
Signed-off-by: yechunliang <yechunliangcn@163.com>
Add check_continuous_hpa API:
when create secure world,if the physical
address is not continuous, will assert.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch added API destroy_secure_world, which will do:
-- clear trusty memory space
-- restore memory to SOS ept mapping
It will be called when VM is destroyed, furthermore, ept of
Secure world will be destroyed as well.
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
