OrgACRN
/
acrn-hypervisor
mirror of https://github.com/projectacrn/acrn-hypervisor.git
1
0
Fork 0
Code Issues Releases Wiki Activity

doc: terminology cleanup in trusty doc 

- Replace SOS or Service OS with Service VM
- Replace UOS or User OS with User VM
- Clean up some of the grammar

Signed-off-by: Amy Reyes <amy.reyes@intel.com>
This commit is contained in:
Amy Reyes 2021-11-09 15:40:00 -08:00 committed by David Kinder
parent e66d65152c
commit 33a205c913
3 changed files with 34 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
doc/developer-guides/images/trusty-arch.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 18 KiB

After

Width:  |  Height:  |  Size: 16 KiB

7
doc/developer-guides/images/trusty-boot-flow.dot
View File

@ -2,9 +2,10 @@ digraph G {
rankdir=LR; rankdir=LR;
rank=same; rank=same;
bgcolor="transparent"; bgcolor="transparent";
uosl1 [label="UOS_Loader"] uservml1 [label="User VM OS\nBootloader"]
acrn_init [shape=box style="rounded,filled" label="ACRN"] acrn_init [shape=box style="rounded,filled" label="ACRN"]
acrn_switch [shape=box style="rounded,filled" label="ACRN"] acrn_switch [shape=box style="rounded,filled" label="ACRN"]
uosl2 [label="UOS_Loader"] uservml2 [label="User VM OS\nBootloader"]
uosl1 -> acrn_init -> "Trusty" -> acrn_switch -> uosl2; uservml1 -> acrn_init -> "Trusty" -> acrn_switch -> uservml2;
} }

54
doc/developer-guides/trusty.rst
View File

@ -32,10 +32,13 @@ Trusty Architecture
.. figure:: images/trusty-arch.png .. figure:: images/trusty-arch.png
:align: center :align: center
:width: 800px :width: 800px
:name: Trusty Architectural diagram :name: trusty-architectural-diagram
Trusty Architectural Diagram
.. note:: .. note::
Trusty OS is running in Secure World in the architecture drawing above. The Trusty OS is running in the Secure World in the architecture drawing
above.
.. _trusty-hypercalls: .. _trusty-hypercalls:
@ -51,7 +54,7 @@ There are a few :ref:`hypercall_apis` that are related to Trusty.
Trusty Boot Flow Trusty Boot Flow
**************** ****************
By design, the User OS bootloader (``UOS_Loader``) will trigger the Trusty By design, the User VM OS bootloader will trigger the Trusty
boot process. The complete boot flow is illustrated below. boot process. The complete boot flow is illustrated below.
.. graphviz:: images/trusty-boot-flow.dot .. graphviz:: images/trusty-boot-flow.dot
@ -62,12 +65,12 @@ boot process. The complete boot flow is illustrated below.
As shown in the above figure, here are some details about the Trusty As shown in the above figure, here are some details about the Trusty
boot flow processing: boot flow processing:
1. UOS_Loader 1. User VM OS bootloader
a. Load and verify Trusty image from virtual disk a. Load and verify Trusty image from virtual disk
#. Allocate runtime memory for trusty #. Allocate runtime memory for Trusty
#. Do ELF relocation of trusty image and get entry address #. Do ELF relocation of Trusty image and get entry address
#. Call ``hcall_initialize_trusty`` with trusty memory base and #. Call ``hcall_initialize_trusty`` with Trusty memory base and
entry address entry address
#. ACRN (``hcall_initialize_trusty``) #. ACRN (``hcall_initialize_trusty``)
@ -83,41 +86,44 @@ boot flow processing:
a. Save World context for the World that caused this ``vmexit`` a. Save World context for the World that caused this ``vmexit``
(Secure World) (Secure World)
#. Restore World context for next World (Normal World (UOS_Loader)) #. Restore World context for next World (Normal World: User VM OS bootloader)
#. Resume to next World (UOS_Loader) #. Resume to next World (User VM OS bootloader)
#. UOS_Loader #. User VM OS bootloader
a. Continue to boot a. Continue to boot
EPT Hierarchy EPT Hierarchy
************* *************
As per the Trusty design, Trusty can access Normal World's memory, but Normal As per the Trusty design, Trusty can access the Normal World's memory, but the
World cannot access Secure World's memory. Hence it means Secure World EPTP Normal World cannot access the Secure World's memory. Hence it means the Secure
page table hierarchy must contain normal world GPA address space, while Trusty World EPTP page table hierarchy must contain the Normal World GPA address space,
world's GPA address space must be removed from the Normal world EPTP page while the Trusty world's GPA address space must be removed from the Normal World
table hierarchy. EPTP page table hierarchy.
Design Design
====== ======
Put Secure World's GPA to very high position: 511 GB - 512 GB. The PML4/PDPT Put the Secure World's GPA to a very high position: 511 GB - 512 GB. The
for Trusty World are separated from Normal World. PD/PT for low memory PML4/PDPT for the Trusty World are separated from the Normal World. PD and PT
(< 511 GB) are shared in both Trusty World's EPT and Normal World's EPT. for low memory
PD/PT for high memory (>= 511 GB) are valid for Trusty World's EPT only. (< 511 GB) are shared in both the Trusty World's EPT and the Normal World's EPT.
PD and PT for high memory (>= 511 GB) are valid for the Trusty World's EPT only.
Benefit Benefit
======= =======
This design will benefit the EPT changes of Normal World. There are This design will benefit the EPT changes of the Normal World. There are
requirements to modify Normal World's EPT during runtime such as increasing requirements to modify the Normal World's EPT during runtime such as increasing
memory, changing attributes, etc. If such behavior happened, only PD and PT memory and changing attributes. If such behavior happens, only PD and PT
for Normal World need to be updated. for the Normal World need to be updated.
.. figure:: images/ept-hierarchy.png .. figure:: images/ept-hierarchy.png
:align: center :align: center
:width: 800px :width: 800px
:name: EPT hierarchy pic :name: ept-hierarchy
EPT Hierarchy
API API
=== ===