OrgACRN
/
acrn-hypervisor
mirror of https://github.com/projectacrn/acrn-hypervisor.git
1
0
Fork 0
Code Issues Releases Wiki Activity

config-tools: add SECURITY_VM_FIXUP config 

Add SECURITY_VM_FIXUP config for Security VM whether it needs to do fixup
for TPM2 and SMBIOS

Tracked-On: #6320
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Signed-off-by: Fei Li <fei1.li@intel.com>
This commit is contained in:
Fei Li 2021-08-11 11:10:07 +08:00 committed by wenlingz
parent d997f4bbc1
commit 3df703a64e
37 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
misc/config_tools/data/cfl-k700-i7/hybrid_rt.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/cfl-k700-i7/industry.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/ehl-crb-b/fusa_partition.xml
View File

@ -16,6 +16,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/ehl-crb-b/hybrid.xml
View File

@ -16,6 +16,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/ehl-crb-b/hybrid_rt.xml
View File

@ -16,6 +16,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>y</CDP_ENABLED>

1
misc/config_tools/data/ehl-crb-b/hybrid_rt_fusa.xml
View File

@ -16,6 +16,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>y</CDP_ENABLED>

1
misc/config_tools/data/ehl-crb-b/industry.xml
View File

@ -16,6 +16,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>y</RDT_ENABLED>
<CDP_ENABLED>y</CDP_ENABLED>

1
misc/config_tools/data/ehl-crb-b/logical_partition.xml
View File

@ -16,6 +16,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/ehl-crb-b/sdc.xml
View File

@ -16,6 +16,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/generic_board/hybrid.xml
View File

@ -15,6 +15,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/generic_board/industry.xml
View File

@ -15,6 +15,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>y</CDP_ENABLED>

1
misc/config_tools/data/generic_board/logical_partition.xml
View File

@ -15,6 +15,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/nuc11tnbi5/hybrid.xml
View File

@ -15,6 +15,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/nuc11tnbi5/industry.xml
View File

@ -15,6 +15,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>y</CDP_ENABLED>

1
misc/config_tools/data/nuc11tnbi5/logical_partition.xml
View File

@ -15,6 +15,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/nuc7i7dnb/hybrid.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/nuc7i7dnb/industry.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/nuc7i7dnb/logical_partition.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/nuc7i7dnb/sdc.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/qemu/sdc.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

3
misc/config_tools/data/tgl-rvp/hybrid.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>y</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>
@ -69,7 +70,7 @@
<vm_type>SAFETY_VM</vm_type>
<name>ACRN PRE-LAUNCHED VM0</name>
<guest_flags>
<guest_flag>0</guest_flag>
<guest_flag>GUEST_FLAG_TPM2_FIXUP</guest_flag>
</guest_flags>
<cpu_affinity>
<pcpu_id>3</pcpu_id>

1
misc/config_tools/data/tgl-rvp/hybrid_rt.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>y</CDP_ENABLED>

1
misc/config_tools/data/tgl-rvp/industry.xml
View File

@ -15,6 +15,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>y</CDP_ENABLED>

1
misc/config_tools/data/tgl-rvp/logical_partition.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/tgl-rvp/sdc.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i5/hybrid.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i5/hybrid_rt.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i5/industry.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i5/logical_partition.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i5/sdc.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i7/hybrid.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i7/hybrid_rt.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i7/industry.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i7/logical_partition.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

1
misc/config_tools/data/whl-ipc-i7/sdc.xml
View File

@ -17,6 +17,7 @@
<MULTIBOOT2>y</MULTIBOOT2>
<ENFORCE_TURNOFF_AC>y</ENFORCE_TURNOFF_AC>
<ENFORCE_TURNOFF_GP>n</ENFORCE_TURNOFF_GP>
<SECURITY_VM_FIXUP>n</SECURITY_VM_FIXUP>
<RDT>
<RDT_ENABLED>n</RDT_ENABLED>
<CDP_ENABLED>n</CDP_ENABLED>

6
misc/config_tools/schema/config.xsd
View File

@ -118,6 +118,12 @@ UC lock, HV enable it and VMs can't disable. Set this to enforce turn off that #
developer only.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="SECURITY_VM_FIXUP" type="Boolean" default="n">
<xs:annotation>
<xs:documentation>Enable to do fixup for TPM2 and SMBIOS for Security VM. If no
Security VM, setting this option to ``n``</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="RDT" type="RDTType">
<xs:annotation>
<xs:documentation>Enable the Intel Resource Director Technology (RDT)

4
misc/config_tools/xforms/config_common.xsl
View File

@ -84,6 +84,10 @@
<xsl:with-param name="key" select="'ENFORCE_TURNOFF_GP'" />
</xsl:call-template>
<xsl:call-template name="boolean-by-key">
<xsl:with-param name="key" select="'SECURITY_VM_FIXUP'" />
</xsl:call-template>
<xsl:call-template name="boolean-by-key-value">
<xsl:with-param name="key" select="'RDT_ENABLED'" />
<xsl:with-param name="value" select="RDT/RDT_ENABLED" />