The MSR reading and writing routines today has the following issues:
1. The missing of /dev/cpu/*/msr is not properly captured as it is
reported via FileNotFoundError rather than IOError.
2. The wrmsr logic is not updated to use the tmpdevfs msr file.
This patch fixes the issues above which is a prerequisite of adding
additional MSR parsing classes.
Tracked-On: #7948
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
In v3.0 the msrfield class has its initializer changed in a way that is
incompatible with the parameter names or the getter/setter. When introduced
from the BITS project, that class allows specifying an MSR field of
arbitrary length by being given the index of the most and least significant
bits.
This patch restores the original behavior of that msrfield class and moves
the use-case specific methods, namely is_vmx_cap_supported and
is_ctrl_setting_allowed, to a helper class.
Parsing of the VMX capability reporting MSRs in msr.py are updated
accordingly, and brief documentation of the MSR fields are added as well.
Tracked-On: #7948
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
As the last step to simplify the steps to enable software SRAM passthrough
to a pre-launched RT VM, this patch generates a virtual RTCT which only
contains a compatibility entry (to indicate that the format of the RTCT is
v2) and a couple of SSRAM or SSRAM waymask entries to report the software
SRAM blocks that pre-launched VM has access. That follows the practice how
ACRN device model generates virtual RTCT for post-launched VMs today.
In case RTCT v1 is used physically, this patch still generates a v2 RTCT
for the pre-launched VM but does not add an SSRAM waymask entry there
due to lack of information.
Tracked-On: #7947
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
While functionally correct, the ACPI table (mostly DSDT) generation logic
in asl_gen.py contains multiple occurrences that share the same code
structure as follows:
cls = <class of the table>
length = ctypes.sizeof(cls)
data = bytearray(length)
res = cls.from_buffer(data)
<setting multiple fields in res>
To minimize code duplication, this patch refactors the logic by abstracting
the creation of an ACPI table into a method which returns a newly created
object of the given class after setting the specified fields.
Tracked-On: #7947
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
Today users still need to manually copy the RTCT binary file when they want
to passthrough software SRAM to a pre-launched RTVM, which is far from
being user friendly.
To get rid of that step, this patch extracts all information from the RTCT
table and format them in the board XML which is the only file users need to
copy from their target platform to build the hypervisor. The patch that
immediately follows will then use such information to generate vRTCT for
the pre-launched VM.
A side effect of this change is that more ranges, which represents those
reported by RTCT such as the CRL binary or the error log area, will be
added to the `memory` section of the board XML. The `id` attributes of
those range will be used to identify what that range is for. As a result,
getting RAM of the physical platform from the board XML requires additional
conditions on the `id` attributes to avoid counting non-RAM regions
unintendedly.
Tracked-On: #7947
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
This patch refactors and fixes the following in the ACPI RTCT parser of the
board inspector.
1. Refactor to expose the RTCTSubtableSoftwareSRAM_v2 class directly as
it is a fixed-size entry. There is no need to create a dynamic class
which is mostly for variable-length entries.
2. Rename the "format" field in RTCT entry header to "format_or_version",
as that field actually means "version" in RTCT v2.
3. Properly parse the RTCT compatibility entry which is currently parsed
as an unknown entry with raw data.
Tracked-On: #7947
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
BVT schedule rule:
When a new thread is wakeup and added to runqueue, it will get the
smallest avt (svt) from runqueue to initiate its avt. If the svt is
smaller than it's avt, it will keep the original avt. With the svt, it
can prevent a thread from claiming an excessive share of CPU after
sleepting for a long time.
For the reboot issue, when the VM is reboot, it means a new vcpu thread
is wakeup, but at this time, the Service VM's vcpu thread is blocked,
and removed from the runqueue, and the runqueue is empty, so the svt is
0. The new vcpu thread will get avt=0. avt=0 means very high priority,
and can run for a very long time until it catch up with other thread's
avt in runqueue.
At this time, when Service VM's vcpu thread wakeup, it will check the
svt, but the svt is very small, so will not update it's avt according to
the rule, thus has a very low priority and cannot be scheduled.
To fix it, update svt in pick_next handler to make sure svt is align
with the avt of the first obj in runqueue.
Tracked-On: #7944
Signed-off-by: Conghui <conghui.chen@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Wang, Yu1 <yu1.wang@intel.com>
Add the Makefile in the SampleApplication root directory. User
don't need to separate build the userapp and rtapp, just need make
once at the SampleApplication root directory.
Tracked-On #7820
Signed-off-by: Liu Long <long.liu@linux.intel.com>
The current ACRN-Configurator allow user add duplicate PCI devices to
passthrough which it is not correct.
This patch add an assert to check the duplicate of PCI devices.
Tracked-On: #6690
Signed-off-by: Chenli Wei <chenli.wei@linux.intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
There was some secure coding style violations of virtio net and tmp,
this patch add some NULL check to fix these violations.
Tracked-On: #6690
Signed-off-by: Chenli Wei <chenli.wei@linux.intel.com>
disable NOTIFY during getting requests from virtqueue. This will improve
the IO performance.
Tracked-On: #7940
Signed-off-by: Conghui <conghui.chen@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Add ioeventfd and iothread to virtio framework. When a virtio device
claim to support iothread, virtio framework will register a ioeventfd
and add it to iothread's epoll. After that, the new notify will come
through the iothread instead of the vcpu thread. The notify handler will
be called to process the request.
Tracked-On: #7940
Signed-off-by: Conghui <conghui.chen@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Supply a decidate thread, which can moniter a set of fds with epoll,
when the data is ready, call the corresponding callback.
This iothread will be created automatically with the first successful
call to iothread_add, and will be destroyed in iothread_deinit if it
was created.
Note, currenlty only support one iothread.
Tracked-On: #7940
Signed-off-by: Conghui <conghui.chen@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
In the cache widget, there are instructions: "Drag the ends of the boxes to cover the cache chunks you want to allocate to specific VMs. If you have a real-time VM,ensure its cache chunks do not overlap with any other VM's cache chunks."
Tracked-On: #7921
Signed-off-by: Chuang-Ke <chuangx.ke@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Currently, on the whl-ipc-i5 platform, we found a warning message when
building ACRN with the shared scenario XML file from github.
However, this doesn't affect any feature of ACRN according to the QA's
test result.
So this patch removes this check in order not to confuse users at the first.
If necessary, we will add back the check after getting more detail.
v1-->v2
degrade the log level to debug.
Tracked-On: #7926
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
The current launch script allocate bdf for ivshmem by itself and have
not get bdf from scenario.
This patch refine the above logic and generate slot by user settings.
Tracked-On: #6690
Signed-off-by: Chenli Wei <chenli.wei@linux.intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
This function is registered as PCI MMIO configuration
access handler, which processes PCI configuration access
request from ACRN guest hence the inputs shall be validated
to avoid potential hypervisor crash when handling inputs
from malicious guests.
Tracked-On: #7902
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. make memcpy_erms as a public API; add a new one
memcpy_erms_backwards, which supports to copy data from tail to head.
2. improve to use right/left/home/end key to move cursor, and support
delete/backspace key to modify current input command.
Tracked-On: #7931
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. buffer history commands.
2. support up/down key to select history buffered commands
Tracked-On: #7931
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Update security advisory for release_3.0.1
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
let minus icons in front of plus icons in those views below: Virtio input device, Virtio network device, Virtio console device, CPU affinity.
Tracked-On: projectacrn#7917
Signed-off-by: Chuang-Ke <chuangx.ke@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
fix warning message when users attempt to create a new scenario, or import an existing scenario, for an existing configuration
Tracked-On: #7898
Signed-off-by: Chuang-Ke chuangx.ke@intel.com
Reviewed-by: Junjie Mao junjie.mao@intel.com
fix CAT data can not be load back issue
Tracked-On: #6691
Signed-off-by: Weiyi Feng <fwy1998@gmail.com>
Signed-off-by: Weiyi Feng <weiyix.feng@intel.com>
Use the VHOST_NET_F_VIRTIO_NET_HDR in linux system header file,
and set the correct feature bit for Virtio net header.
Tracked-On: #7790
Signed-off-by: Liu Long <long.liu@linux.intel.com>
Free the virtio_vsock struct resource in virtio vsock deinit function
in case memory leak.
Tracked-On: #7759
Signed-off-by: Liu Long <long.liu@linux.intel.com>
Replace the exclamation mark with period mark in debug info and fix
the Guest CID max value macro.
Tracked-On: #7456
Signed-off-by: Liu Long <long.liu@linux.intel.com>
We aluready updated the GSG to discuss how to find and address errors
when using the configurator (specifically doing a save scenario to check
for errors or to verify all errors were resolved). Add a description of
this error interaction model to the configurator tool documentation.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
When LAPIC timer is working in oneshot or periodic mode, OS uses
initial counter register/current counter register to program
a timer. Both initial counter and current counter depend on the
LAPIC frequency. ACRN emulated vLAPIC timer based on the TSC.
vLAPIC freq is the same as TSC freq.
Tracked-On: #7876
Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Fixed the problem of exception handling of the
incoming type error in reading GSI number method
in 40-acpi-tables.py line 37 when dmesg command
line is too long.
Tracked-On: #7906
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Signed-off-by: Ziheng Li <ziheng.li@intel.com>
For platform that supports RRSBA (Restricted Return Stack Buffer
Alternate), using retpoline may not be sufficient to guard against branch
history injection or intra-mode branch target injection. RRSBA must
be disabled to prevent CPUs from using alternate predictors for RETs.
Quoting Intel CVE-2022-0001/CVE-2022-0002:
Where software is using retpoline as a mitigation for BHI or intra-mode BTI,
and the processor both enumerates RRSBA and enumerates RRSBA_DIS controls,
it should disable this behavior.
...
Software using retpoline as a mitigation for BHI or intra-mode BTI should use
these new indirect predictor controls to disable alternate predictors for RETs.
See: https://www.intel.com/content/www/us/en/developer/articles/technical/
software-security-guidance/technical-documentation/branch-history-injection.html
Tracked-On: #7907
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
left-align the plus icon in the virtio devices so that they
match the alignment in the IVSHMEM widget.
Tracked-On: #7897
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Reviewed-by: Junjie Mao <junjie.mao@intel.com>
Board files with multiple dots in their name may be splitted
incorrectly, and os.path.basename assumes os.name == posix in pyodide
environment. This workaround partially fixes this problem whenever the
the board filename does not contain '\' character.
Tracked-On: #7582
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
this patch removes VMX and VT-d invalid BIOS setting check in
acrn-board-inspector because the board inspector tool also adds
these checks (please refer to PR #7216) and may it's possible for user
to get the wrong information by these two check in acrn-board-inspector.
so we remove the repeated check in acrn-board-inspector.
Tracked-On: #6689
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Documentation for the sample app isn't ready for the public, so let's
not add it to the toctree yet (use the :orphan: role to stop Sphinx from
complaining about an unreferenced .rst file)
Tracked-On: #7820
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Add the ACRN Sample App document (README.rst) to the toctree
Convert the README.rst from Dos to Unix text file format
Tracked-On: #7820
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
This sample application allows the user to get the hypervisor and a simple Virtual Machine Scenario to run
This sample application assumes the user is following the sample app guide in the acrn hypervisor documentation
Tracked-On: #7820
Signed-off-by: Matthew Leon <matthew.leon@intel.com>
Explain that consistency and validation checks of the schema are done
when a schema is imported/created or when it's saved, and after you
resolve any errors, you need to save the scenario to force another
schema validation.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
The current code assign COM2 to S5 feature as a commutation vUART, so
the COM2's IO port which value is 0x2F8 could not assign to another
vUART connection.
This patch add a note and modify the legacy vUART sample, change the
default IO port to 0x3E8 which was known as COM3.
Tracked-On: #6690
Signed-off-by: Chenli Wei <chenli.wei@linux.intel.com>
Junjie Mao