According to VMXON Instruction Reference, do the following checks in the
virtual hardware environment: vCPU CPL, guest CR0, CR4, revision ID
in VMXON region, etc.
Currently ACRN doesn't support 32-bit L1 hypervisor, and injects an #UD
exception if L1 hypervisor is not running in 64-bit mode.
Tracked-On: #5923
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
This patch emulates VMXON instruction. Basically checks some
prerequisites to enable VMX operation on L1 guest (next patch), and
prepares some virtual hardware environment in L0.
Tracked-On: #5923
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
The commit 2ab70f43e5
HV: cache: Fix page fault by flushing cache for VM trusty RAM in HV
It is wrong in using stac()/clac()
Tracked-On: #6020
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Now guest would use `Destination Shorthand` to broadcast IPIs if there're more
than one destination. However, it is not supported when the guest is in LAPIC
passthru situation, and all active VCPUs are working in X2APIC mode. As a result,
the guest would not work properly since this kind broadcast IPIs was ignored
by ACRN. What's worse, ACRN Hypervisor would inject GP to the guest in this case.
This patch extend vlapic_x2apic_pt_icr_access to support more destination modes
(both `Physical` and `Logical`) and destination shorthand (`No Shorthand`, `Self`,
`All Including Self` and `All Excluding Self`).
Tracked-On: #5923
Signed-off-by: Zide Chen <zide.chen@intel.com>
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
- Change 64-bit MMIO BAR window to 256G-512G
The release is the same as 736a03222f.
This is just to update the changelog.
Tracked-On: #5913
Signed-off-by: Peter Fang <peter.fang@intel.com>
A user can use "--pm_notify_channel uart,allow_trigger_s5" to indicate
the User VM is allowed to trigger system S5.
"--pm_notify_channel uart" means a vuart channel will be created in the
User VM to allow communication with the VM's life_mngr. The Service VM
can then initiate S5 in the guest via its dm's monitor interface. The
additional option, "allow_trigger_s5", will create a socket connection
with the Service VM's life_mngr, allowing this VM to initiate system S5.
v1 -> v2:
- rename pm_notify_channel type to PWR_EVENT_NOTIFY_UART_TRIG_PLAT_S5
Tracked-On: #6034
Signed-off-by: Peter Fang <peter.fang@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The accrss right of HV RAM can be changed to PAGE_USER (eg. trusty RAM
of post-launched VM). So before using clflush(or clflushopt) to flush
HV RAM cache, must allow explicit supervisor-mode data accesses to
user-mode pages. Otherwise, it may trigger page fault.
Tracked-On: #6020
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Hypervisor does not need to care about hugepage settings in SOS kernel, user
could enable these settings in the scenario config file or GRUB menu.
Tracked-On: #5815
Signed-off-by: Victor Sun <victor.sun@intel.com>
changes:
1. The VM load order type condition is not needed, since the function
is called only when create SOS VM or pre-launched VM;
2. Fixed wrong parameter of fill_seed_arg() which introduced by commit
80262f0602.
3. More comments on why multiboot string could override the pre-
configured VM bootargs and why append multiboot cmdline to SOS VM
bootargs;
Tracked-On: #5815
Signed-off-by: Victor Sun <victor.sun@intel.com>
If there is hugepage support from board xml, config tool will
add hugepagesz=1G hugepages=[size] into sos kernel cmdline,
the size is calculated by memory size in G minusing 3.
The reason for reducing 3 is that it is reserved for SOS VM use.
Tracked-On: #5815
Signed-off-by: Kunhui Li <kunhuix.li@intel.com>
Reviewed-By: Junjie Mao <junjie.mao@intel.com>
* Split linux and windows build of lifemngr to be able to build
them independently.
* Install life_mngr.service
* Avoid the following Makefile error output by explicitly checking
Windows cross compiler availability:
make[4]: x86_64-w64-mingw32-gcc: Command not found
make[4]: [Makefile:47: all-win] Error 127 (ignored)
Tracked-On: #5660
Signed-off-by: Helmut Buchsbaum <helmut.buchsbaum@opensource.tttech-industrial.com>
Use BUILD_VERSION an BUILD_TAG variable also for hypervisor,
acrnprobe and crashlog. This eases build from an archive without
git available.
Tracked-On: #6035
Signed-off-by: Helmut Buchsbaum <helmut.buchsbaum@opensource.tttech-industrial.com>
Make builds reproducible by honoring SOURCE_DATE_EPOCH and USER
environment variables in the respective Makefiles. Just follow the
recommendations at https://reproducible-builds.org/
Build tools (e.g. Debian packaging, Yocto) use this to ensure reproducibility
of packages.
Tracked-On: #6035
Signed-off-by: Helmut Buchsbaum <helmut.buchsbaum@opensource.tttech-industrial.com>
Create virtual root port through add_vdev hypercall. add_vdev
identifies the virtual device to add by its vendor id and device id, then
call the corresponding function to create virtual device.
-create_vrp(): Find the right virtual root port to create
by its secondary bus number, then initialize the virtual root port.
And finally initialize PTM related configurations.
-destroy_vrp(): nothing to destroy
Tracked-On: #5915
Signed-off-by: Rong Liu <rong.l.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Jason Chen <jason.cj.chen@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Add virtual root port that supports the most basic pci-e bridge and root port operations.
- init_vroot_port(): init vroot_port's basic registers.
- deinit_vroot_port(): reset vroot_port
- read_vroot_port_cfg(): read from vroot_port's virtual config space.
- write_vroot_port_cfg(): write to vroot_port's virtual config space.
Tracked-On: #5915
Signed-off-by: Rong Liu <rong.l.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Jason Chen <jason.cj.chen@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Add one more sanity check: If the root port has more than
one child, we won't enable PTM on the guest.
This is not necessarily an error. We flag it as
error just because we don't have this type of hw
configuration at development time thus this configuration
is not tested.
Tracked-On: #5915
Signed-off-by: Rong Liu <rong.l.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
If user sets enable_ptm option on passthru device, passthru device
calls ptm_probe() to check and enable ptm on passthru device. If error
is found during sanity check, ptm will not be enabled in the guest
and an error will be reported to user. However, this doesn't
prevent user from launching guest and passing through the device to the guest.
If no error is found, PTM is enabled in the guest and the
passthru device will connect to virtual root port (which acts as PTM
root) instead of virtual host bridge.
Tracked-On: #5915
Signed-off-by: Rong Liu <rong.l.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
If PTM can be enabled on passthru device, a virtual root port
is added to vm to act as ptm root. And the passthru device is
connected to the virtual root port instead of the virtual host bridge.
Tracked-On: #5915
Signed-off-by: Rong Liu <rong.l.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
This patch probes whether hw supports ptm. It is used to check whether ptm
can be enabled on the passthru pci device. It checks whether passthru
device support PTM requestor capability, then check whether its upstream
root port support PTM root role. Errors are reported to user if sanity
check fails.
Tracked-On: #5915
Signed-off-by: Rong Liu <rong.l.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Add functionality to build and cache pci hierarchy, which are mainly
used to retrieve # of children of pci bridge or pci bus.
get_device_count_on_bus(): get # of child devices on a pci bus
get_device_count_on_bridge(): recursively get # of child devices on a pci bridge
scan_pci(): build and cache pci hierarchy
pci_find_root_port(): find root port of a pci device
clean_pci_cache(): free pci cache
scan_pci_test(): test of scan pci hierarchy (disabled)
Tracked-On: #5915
Signed-off-by: Rong Liu <rong.l.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Add a few pci utility functions to help easy access of pci
functionalities.
1. pci_find_capability(): find position of specified pci capability register
2. pci_find_ext_cap(): find extend capability register position from cap_id
3. pci_pcie_type(): find pci-e device type
4. is_root_port(): check whether pdev is a pci root port
5. is_bridge(): check whether pdev is a bridge
Tracked-On: #5915
Signed-off-by: Rong Liu <rong.l.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Unify two functions definitions/declarifications:
Update the parameters from char array to char pointer.
to fix the build issue:
probeutils.c:61:29: error: argument 1 of type 'char *' declared
as a pointer [-Werror=array-parameter=]
Initialize local variable "c" to fix build issue:
core/mevent.c:122:21: error: 'c' may be used uninitialized
[-Werror=maybe-uninitialized]
Tracked-On: #5993
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
This patch applies the latest board inspector on ehl-crb-b and tgl-rvp to
generate additional information to the board XMLs.
Tracked-On: #5922
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
This patch adds support to parse RTCT v2 using the refined board XML
schema. The major changes include:
- Add the RTCT v2 parser in the acpiparser module. The version of an RTCT
is detected automatically to choose the right parser.
- Extract software SRAM capabilities of caches into the board XML.
- Move the logic that determines the software SRAM base address for the
pre-launched VM to the static allocator of GPAs.
- Generate software SRAM related macros into misc_cfg.h when necessary.
Tracked-On: #6020
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
1. do not allow external modules to touch internal field of a timer.
2. make timer mode internal, period_in_ticks will decide the mode.
API wise:
1. the "mode" parameter was taken out of initialize_timer().
2. a new function update_timer() was added to update the timeout and
period fields.
3. the timer_expired() function was extended with an output parameter
to return the remaining cycles before expiration.
Also, the "fire_tsc" field name of hv_timer was renamed to "timeout".
With the new API, however, this change should not concern user code.
Tracked-On: #5920
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
x86/timer.[ch] was moved to the common directory largely unchanged.
x86 specific code now resides in x86/tsc_deadline_timer.c and its
interface was defined in hw/hw_timer.h. The interface defines two
functions: init_hw_timer() and set_hw_timeout() that provides HW
specific initialization and timer interrupt source.
Other than these two functions, the timer module is largely arch
agnostic.
Tracked-On: #5920
Signed-off-by: Rong Liu <rong2.liu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Modules that use udelay() should include "delay.h" explicitly.
Tracked-On: #5920
Signed-off-by: Rong Liu <rong2.liu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Generalize and split basic cpu cycle/tick routines from x86/timer:
- Instead of rdstc(), use cpu_ticks() in generic code.
- Instead of get_tsc_khz(), use cpu_tickrate() in generic code.
- Include "common/ticks.h" instead of "x86/timer.h" in generic code.
- CYCLES_PER_MS is renamed to TICKS_PER_MS.
The x86 specific API rdstc() and get_tsc_khz(), as well as TSC_PER_MS
are still available in arch/x86/tsc.h but only for x86 specific usage.
Tracked-On: #5920
Signed-off-by: Rong Liu <rong2.liu@intel.com>
Signed-off-by: Yi Liang <yi.liang@intel.com>
mmio_devs[0] is hard code for acpidev_pt, and mmio_devs[1] for
mmiodev_pt. Use mmio_dev_idx as index of mmio_devs[], to remove hard
code.
Remove hpa, gpa, size information from mmio_dev_ops, add acrn_mmiodev into
mmio_dev, to record hpa, gpa and size information for each passthough
mmio device.
Tracked-On: #5913
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The mmio devices use hard code GPA base, allocating GPA base resource
for them instead.
Tracked-On: #5913
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The TPM information in ACPI table is for both VPTM and passthough TPM,
so only one TPM device is allowed.
Tracked-On: #5913
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The GPA of TPM device has fixed value TPM_CRB_MMIO_ADDR, remove
TPM_CRB_MMIO_ADDR and allocate GPA base for TPM device
Tracked-On: #5913
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The ACPI MMIO devices, like TPM, has a fixed base GPA. Sould support
GPA resource allocating for MMIO devices. GPA region
0xF0000000~0xFE000000 is not used, can allocate GPA from it.
Tracked-On: #5913
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
There is "void deinit_mmio_devs()" in ./devicemodel/hw/mmio/core.c,
but "int deinit_mmio_devs()" in ./devicemodel/include/mmio_dev.h
Tracked-On: #5913
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
commit 873ed752d ("misc: sanity check VM config for nested virtualization")
requires that the guest_flag tag can't be empty, or it will fail to build.
This patch changes all instances of "<guest_flag></guest_flag>"
to "<guest_flag>0</guest_flag>".
Tracked-On: #5923
Signed-off-by: Zide Chen <zide.chen@intel.com>
RTCT has been updated to version 2,
this patch updates hypervisor RTCT parser to support
both version 1 and version 2 of RTCT.
Tracked-On: #6020
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Jason CJ Chen <jason.cj.chen@intel.com>
'psram' and 'PSRAM' are legacy names and replaced
with 'ssram' and 'SSRAM' respectively.
Tracked-On: #6012
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Shuang Zheng <shuang.zheng@intel.com>
Define LIST_OF_VMX_MSRS which includes a list of MSRs that are visible to
L1 guests if nested virtualization is enabled.
- If CONFIG_NVMX_ENABLED is set, these MSRs are included in
emulated_guest_msrs[].
- otherwise, they are included in unsupported_msrs[].
In this way we can take advantage of the existing infrastructure to
emulate these MSRs.
Tracked-On: #5923
Spick igned-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In order to support nested virtualization, need to expose the "Enable VMX
outside SMX operation" bit to L1 hypervisor.
Tracked-On: #5923
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This patch introduces the XML schema `datachecks.xsd` which is the central
place to specify and check assumptions on board characteristics and
scenario settings. Each assumption is expressed as an XSD assertion with
annotation of error severity (e.g. info, warning or error) and detailed
descriptions.
At compile time, the board and scenario XMLs are combined (by putting the
children of the root node together) can checked against the
schema. Assertion failures are categorized according to the defined
severity. Currently only errors will block compilation by outputing the
descriptions of the violated assertions.
The objective of this patch is the introduce the framework to document,
manage and check assumptions. A better way to present assumption violations
to end users (either on the command line or in the configuration editor) is
out of the scope of this series and will be considered in the future.
Tracked-On: #5922
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
