In grub 2.02, the flag of MULTIBOOT_INFO_HAS_CMDLINE is set even there is
no cmdline was configured. So we need to validate the content of cmdline
in multiboot info. If there is no cmdline exist, we should not do merge
cmdline for SOS VM.
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
As all pstore files may include the kernel panic information, this patch
tries to find the clue from all messages under /sys/fs/pstore instead of
console-ramoops-0.
To avoid the constant growing of logs, it has to remove the pstore
files after panic being detected.
Tracked-On: #3390
Signed-off-by: Liu, Xinwu <xinwu.liu@intel.com>
Reviewed-by: Zhi Jin <zhi.jin@intel.com>
Acked-by: Chen, Gang <gang.c.chen@intel.com>
And use vhostbridge for both SOS and pre-launched VM.
Tracked-On: #3241
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
And use the ops based operations instead of direct access vdev
specific API.
Tracked-On: #3241
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
It will be used to define pci vdev own ops. And high level API
will call this ops intead of invoking device specific functions
directly.
Tracked-On: #3241
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
The old logic identify the short packet complete status (CS) by
comparing the transfered bytes (TB) and the expected transfered
bytes (ETB), it is right only when no error happend. If error
appears, the TB may be less than the ETB, but DM should report
error CS instead of short packet CS.
Tracked-On: #3401
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Add resume state for the Port Link Status (PLS) bits.
Tracked-On: #3401
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
When the Stop Endpoint command is trapped, should not clear all
the data structure. Instead, only reset the ring buffer.
The reason is the xHCI may continue queue TRB without doing whole
initializing process again.
Tracked-On: #3401
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Not change code logic, just modify some logging code.
Tracked-On: #3401
Signed-off-by: Xiaoguang Wu <xiaoguang.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
The ioc-cbc-tools package depends on "acrn_mgr.h". This header was
updated with new includes since b2f2d95246 ("tools: acrnctl restrict
length of vmname to 32 bytes") and in 517707dee4 ("DM/HV: Increase VM
name len") was updated to include dm.h
This commit add all "acrn_mngr.h" dependencies and install them to
"$(DESTDIR)/usr/include/acrn".
Also modify install mode to 0644 to headers and libacrn-mngr.a file.
This closesprojectacrn/acrn-hypervisor#3368
Tracked-On: #3368
Signed-off-by: Miguel Bernal Marin <miguel.bernal.marin@linux.intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
In current design, devicemodel passes VM UUID to create VMs and hypervisor
would check the UUID whether it is matched with the one in VM configurations.
Kata container would maintain few UUIDs to let ACRN launch the VM, so
hypervisor need to add these UUIDs in VM configurations for Kata running.
In the hypercall of hcall_get_platform_info(), hypervisor will report the
maximum Kata container number it will support. The patch will add a Kconfig
to indicate the maximum Kata container number that SOS could support.
In current stage, only one Kata container is supported by SOS on SDC scenario
so add one UUID for Kata container in SDC VM configuration. If we want to
support Kata on other scenarios in the future, we could follow the example
of this patch;
Tracked-On: #3402
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
'pcpu_id' should be less than CONFIG_MAX_PCPU_NUM,
else 'per_cpu_data' will overflow. This commit fixes
this potential overflow issue.
Tracked-On: #3397
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
sprintf/vsnprintf are not safe, so use snprintf
instead of sprintf, use vasprintf instead of vsnprintf.
Tracked-On: #3394
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Minggui Cao <minggui.cao@intel.com>
va_end() was not getting called under certain condition
after the va_start() function call taking the va_list.
Tracked-On: #3396
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
va_end() was not getting called under certain condition
after the va_start() function call taking the va_list
Tracked-On: #3396
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Gang Chen <gang.c.chen@intel.com>
- To support grub multiboot for nuc6cayh, we should put hv ram start
at a suitable address;
- Enable HSUART controller at PCI 0:18.0 as HV serail port;
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add ve820 table for apl nuc board to enable prelaunched VM on it;
Tracked-On: #3214
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN Coding guidelines requires two different types pointer can't
convert to each other, except void *.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN Coding guidelines requires two different types pointer can't
convert to each other, except void *.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
ACRN Coding guidelines requires two different types pointer can't
convert to each other, except void *.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
ACRN Coding guidelines requires type conversion shall be explicity.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In almost case, vLAPIC will only be accessed by the related vCPU. There's no
synchronization issue in this case. However, other vCPUs could deliver interrupts
to the current vCPU, in this case, the IRR (for APICv base situation) or PIR
(for APICv advanced situation) and TMR for both cases could be accessed by more
than one vCPUS simultaneously. So operations on IRR or PIR should be atomical
and visible to other vCPUs immediately. In another case, vLAPIC could be accessed
by another vCPU when create vCPU or reset vCPU which could be supposed to be
consequently.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
1) add a write memory barrier after setting pcpu_sync to one to let this change
visible to AP immediately.
2) there's only BSP will set pcpu_sync, so there's no memory order issue between CPUs.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In spite of vhm_req status could be updated in HV and DM on different CPUs, they
only change vhm_req status when they detect vhm_req status has been updated by
each other. So vhm_req status will not been misconfigured. However, before HV
sets vhm_req status to REQ_STATE_PENDING, vhm_req buffer filling should be visible
to DM. Add a write memory barrier to guarantee this.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Hypervisor exposes mitigation technique for Speculative
Store Bypass(SSB) to guests and allows a guest to determine
whether to enable SSBD mitigation by providing direct guest
access to IA32_SPEC_CTRL.
Before that, hypervisor should check the SSB mitigation support
on underlying processor, this patch is to add this capability check.
Tracked-On: #3385
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Set virtio-console BE to stdio for LaaG. Remove 'com1' but still keep
'console=ttyS0' in Laag kernel cmdline.
'console=ttyS0' means LaaG will use ttyS0 (0x3F8) as a console port, and
during bringup, it will access port ttyS0. When the same port is added
to hypervisor configuration file as a console port, the output will be
captured by hypervisor console, and can switch by "vm_console <vm_id>".
Tracked-On: #3370
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Current hugetlbfs code has a limitation on file path length.
The path string comprises of mount path + vm name.
Something like /run/hugepage/acrn/huge_lv1/vm1.
To this UUID (32 bytes) is added and the total path length
should be less than 128.
This works fine but in cases where the VM name is large as
in case kata, this check fails. Kata passes a sandbox-id
as VM name and so path + 32 for UUID easily exceed 128 bytes.
“/run/hugepage/acrn/huge_lv1/
sandbox-6d455fa48788eae82dee42410fc3d38849c2a5196f930b3d6944805aed8d24c7"
To address this, increase the size of MAX_PATH_LEN from
128 to 256 bytes.
Tracked-On: #3379
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Fix the violations list below:
1.Function should have one return entry.
2.Do not use -- or ++ operation.
3.For loop should be simple, shall not use comma operations.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
ACRN Coding guidelines requires parameters need to add const prefix when the
parameter is not modified in its function or recursion function call.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
cancel_event_injection is not need any more if we do 'scheudle' prior to
acrn_handle_pending_request. Commit "921288a6672: hv: fix interrupt
lost when do acrn_handle_pending_request twice" bring 'schedule'
forward, so remove cancel_event_injection related stuff.
Tracked-On: #3374
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
One cycle of vmexit/vmentry might lost interrupts.
This is the scenario,
1) vmexit, vmexit_handlers
2) softirq & disable interrupt
3) acrn_handle_pending_request
4) schedule if needed, then back to 1) and loop again.
5) vmentry
The step 3) might be executed twice. The problem is at the second
execution of acrn_handle_pending_request, we might overwrite
VMX_ENTRY_INT_INFO_FIELD of current vmcs, which cause guest lost
interrupts.
The fix is moving 4) prior to 3), then we will handle the pending
requests and vmentry directly.
Tracked-On: #3374
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
ACRN Coding guidelines requires no dead code.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Since 9c81f4c32c ("hv:build library to lib_mod.a"), the parallel build
system was broken. You cannot use "make -j #" to build ACRN.
To fix this we need to declare explicit rules for the files to be built.
Also remove "$(LIB_FLAGS): lib " and " MOD_DEPS " since they are
redundancy after this change.
This closes#3351
Tracked-On: projectacrn#3351
Signed-off-by: Miguel Bernal Marin <miguel.bernal.marin@linux.intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Microarchitectural Data Sampling (MDS) is a hardware vulnerability
which allows unprivileged speculative access to data which is available
in various CPU internal buffers.
1. Mitigation on ACRN:
1) Microcode update is required.
2) Clear CPU internal buffers (store buffer, load buffer and
load port) if current CPU is affected by MDS, when VM entry
to avoid any information leakage to guest thru above buffers.
3) Mitigation is not needed if ARCH_CAP_MDS_NO bit (bit5)
is set in IA32_ARCH_CAPABILITIES MSR (10AH), in this case,
current processor is no affected by MDS vulnerability, in other
cases mitigation for MDS is required.
2. Methods to clear CPU buffers (microcode update is required):
1) L1D cache flush
2) VERW instruction
Either of above operations will trigger clearing all
CPU internal buffers if this CPU is affected by MDS.
Above mechnism is enumerated by:
CPUID.(EAX=7H, ECX=0):EDX[MD_CLEAR=10].
3. Mitigation details on ACRN:
if (processor is affected by MDS)
if (processor is not affected by L1TF OR
L1D flush is not launched on VM Entry)
execute VERW instruction when VM entry.
endif
endif
4. Referrence:
Deep Dive: Intel Analysis of Microarchitectural Data Sampling
https://software.intel.com/security-software-guidance/insights/
deep-dive-intel-analysis-microarchitectural-data-sampling
Deep Dive: CPUID Enumeration and Architectural MSRs
https://software.intel.com/security-software-guidance/insights/
deep-dive-cpuid-enumeration-and-architectural-msrs
Tracked-On: #3317
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Reviewed-by: Jason CJ Chen <jason.cj.chen@intel.com>
ACRN hypervisor always print CPU microcode update
warning message on KBL NUC platform, even after
BIOS was updated to the latest.
'check_cpu_security_cap()' returns false if
no ARCH_CAPABILITIES MSR support on current platform,
but this MSR may not be available on some platforms.
This patch is to remove this pre-condition.
Tracked-On: #3317
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Jason CJ Chen <jason.cj.chen@intel.com>
1. reset polarity of ptirq_remapping_info to zero.
this help to set correct initial pin state, and fix the interrupt lost issue
when assign a ptirq to uos.
2. since vioapic_generate_intr relys on rte, we should build rte before
generating an interrput, this fix the redundant interrupt.
Tracked-On: #3362
Signed-off-by: Cai Yulong <yulongc@hwtc.com.cn>
Add dsdt information for i2c adapter and i2c slave devices. Currently,
only support 'cam1', 'cam2' and 'hdac' for MRB board. To add other
specific i2c device, please extend acpi_node_table[].
Usage:
virtio-i2c,<bus>[:<slave_addr>[@<node>]][:<slave_addr>[@<node>]]
[,<bus>[:<slave_addr>[@<node>]][:<slave_addr>][@<node>]]
e.g.
virtio-i2c,0:70@cam1:2F
This will add slave devices 0x70, 0x74 to virtio i2c adapter.
And for 0x70, it has '@cam1', so, will also add acpi info for
it. For 0x74, it has no '@<node>', will not add any acpi info
for it.
Note, there is slave address in acpi node info, please use '@<node>'
according to real hardware.
Tracked-On: #3357
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang Yu <yu1.wang@intel.com>
Create a new thread for virtio-i2c to process i2c msg from FE. After
receive the msg, BE will dispatch it to corresponding native adapter,
after the process done, it will kick the FE.
Tracked-On: #3357
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang Yu <yu1.wang@intel.com>
Add backend interface for virtio-i2c, it will parse the parameters,
maintain the info for native i2c device, remap the slave address and
dispatch the requirement from FE. When there is only one native adapter,
will not remap the slave address.
Usage for virtio-i2c:
virtio-i2c,<bus>[:<slave_addr>][:<slave_addr>]
[,<bus>[:<slave_addr>][:<slave_addr>]]
e.g.
1. virtio-i2c,4:1C
SOS:
mount /dev/i2c-4, slave addr is 0x1C.
Guest OS:
/dev/i2c-x
|- 0x1C
2. virtio-i2c,4:1C:2F,6:70
SOS:
/dev/i2c-4, slave addr 0x1C and 0x2F
/dev/i2c-6, slave addr 0x70
Guest OS:
/dev/i2c-x
|- 0x1C
|- 0x2F
|- 0x70
Tracked-On: #3357
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang Yu <yu1.wang@intel.com>
Add virtio i2c adapter BE driver.
Tracked-On: #3357
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang Yu <yu1.wang@intel.com>