struct hc_platform_info -> struct acrn_platform_info
MAX_PLATFORM_LAPIC_IDS -> ACRN_PLATFORM_LAPIC_IDS_MAX
A layout change to the struct hc_platform_info is that move
max_kata_containers to back of vm_config_size,
uint16_t max_vcpus_per_vm;
uint16_t max_vms;
uint32_t vm_config_size;
uint64_t max_kata_containers;
Then, they are nature 64-bits aligned.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Negative return value of vm_create_ioreq_client is invalid. 0 is valid.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
vmm.h has some unused definitions.
Keep the useful definitions and delete vmm.h
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
The hypervisor creates vCPUs for a User VM in VM creation interface. The
vm_create_vcpu() interface is not needed anymore.
Remove vm_create_vcpu() from acrn-dm.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
Interface version is not recommended in Linux kernel community. Please
check Documentation/driver-api/ioctl.rst for reasons.
Remove the unused API version check from acrn-dm.
Tracked-On: #6282
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Wang, Yu1 <yu1.wang@intel.com>
We no longer need to generate API documentation for the upstreamed
gvt-g kernel additions so we can remove the doc generation dependency on
the acrn-kernel repo (and all use of the kerneldoc extension). We also
remove GVT-g API documentation and porting guide that are obsolete with
ACRN v2.6 and referenced this API documentation.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
The TPM driver will access some mmio registers using absolute address,
That means TPM base GPA must use same HPA value, when passthough it to VM
Tracked-On: #6126
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
CRB_REGS_CTRL_REQ is offset of control register to TPM mmio base,
need use the address to generate TPM2 acpi table
Tracked-On: #6126
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
In launch script, update cpu offline method to fix the issue
that it isn't offline cpu on ADL-S board.
Tracked-On: #6266
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
Guest may not use INVEPT instruction after enabling any of bits 2:0 from
0 to 1 of a present EPT entry, then the shadow EPT entry has no chance
to sync guest EPT entry. According to the SDM,
"""
Software may use the INVEPT instruction after modifying a present EPT
paging-structure entry (see Section 28.2.2) to change any of the
privilege bits 2:0 from 0 to 1.1 Failure to do so may cause an EPT
violation that would not otherwise occur. Because an EPT violation
invalidates any mappings that would be used by the access that caused
the EPT violation (see Section 28.3.3.1), an EPT violation will not
recur if the original access is performed again, even if the INVEPT
instruction is not executed.
"""
Sync the afterthought of privilege bits from guest EPT entry to shadow
EPT entry to cover above case.
Tracked-On: #5923
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MSR_IA32_VMX_EPT_VPID_CAP is 64 bits. Using 32 bits MACROs with it may
cause the bit expression wrong.
Unify the MSR_IA32_VMX_EPT_VPID_CAP operation with 64 bits definition.
Tracked-On: #5923
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
With virtio polling mode enabled, a timer is running in the virtio
backend service. And the timer will also be triggered if its frondend
driver didn't do the device reset in shutdown. A freed virtio device
will be accessed in the polling timer handler.
Do the virtio reset() callback specifically to clear the polling timer
before the free.
Tracked-On: #6147
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
enable_s5.rst has a couple of literalinclude directives referencing
sample scripts that were moved and now go through a symbolic link to the
new folder. Symbolic links don't work on Windows, so change the
references in enable_s5.rst to not go through the symbolic link.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
This patch sets the MemoryOverwriteRequestControl (MORCtrl for short)
EFI variable before jumping to hypervisor.
Setting variable MemoryOverwriteRequestControlLock (MORCtrlLock for
short) can also be enabled by manually adding -DMORCTRL_LOCK_ENABLED to
CFLAGS.
Setting MORCtrl indicates to the platform firmware that memory be
cleared upon system reset. Setting MORCtrlLock for the first time will
render both MORCtrl and MORCtrlLock to read-only, until next reset.
Tracked-On: #6241
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
This patch implements the container_load_modules function.
This function loads multiboot modules following multiboot protocol.
Tracked-On: #6241
Signed-off-by: Toshiki Nishioka <toshiki.nishioka@intel.com>
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
This patch implements the container_load_boot_image function.
This function loads boot image following multiboot protocol.
Tracked-On: #6241
Signed-off-by: Toshiki Nishioka <toshiki.nishioka@intel.com>
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Previous patches introduces an abstract struct HV_LOADER to do two
things: load boot image and load boot modules. This patch provides an
implementation barebone of container. The implementation of critical
functions container_load_boot_image and container_load_modules will come
in coming patches.
Tracked-On: #6241
Signed-off-by: Toshiki Nishioka <toshiki.nishioka@intel.com>
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
This patch adds a file containing some helper functions to load
or validate ELF32 images.
Tracked-On: #6241
Signed-off-by: Toshiki Nishioka <toshiki.nishioka@intel.com>
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
This patch adds a file containing some helper functions to search or parse
multiboot headers.
Tracked-On: #6241
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Signed-off-by: Toshiki Nishioka <toshiki.nishioka@intel.com>
This patch adds code to prepare multiboot1 info passed to hypervisor.
Tracked-On: #6241
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Signed-off-by: Toshiki Nishioka <toshiki.nishioka@intel.com>
This patch adds code to prepare multiboot2 info passed to hypervisor.
Currently we prepare only the following information to hypervisor:
Boot command line
Boot loader name
Modules
Memory Map
ACPI table
EFI64 system table
EFI memory map
Tracked-On: #6241
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Signed-off-by: Toshiki Nishioka <toshiki.nishioka@intel.com>
ACRN EFI application based on the legacy efi-stub code provides booting method
of HV on UEFI-BIOS without using the GRUB Bootloader. It is supposed to be used
for secure booting on certain platform. By means of that users can boot HV,
Service VM kernel, pre-launched VM kernel and its ACPI table binary packed in
the Slim Bootloader container boot image file format. ACRN EFI application has
additional dependencies to compile which are not listed in the existing ACRN GSG
doc. Since this is an optional feature but not all users need, it does not get
compiled by default to avoid causing any confusion for existing users. README
for how to use the feature will come later in a separated commit.
This patch adds barebone implementation of this efi-stub. The following
files are reused from a previous version of efi-stub without changes:
efilinux.h, pe.c, stdlib.h
Other files contains stubbed functions, whose implementation will come
in coming patches.
Tracked-On: #6241
Signed-off-by: Toshiki Nishioka <toshiki.nishioka@intel.com>
Signed-off-by: Yifan Liu <yifan1.liu@intel.com>
Co-developed-by: Yifan Liu <yifan1.liu@intel.com>
1. Update the necessary libraries to consistent with the "Build ACRN From Source"
document in the "Getting Started Guide" document.
2. Delete the related introduction with acrngt.conf and launch_uos_id1.sh files in
"Getting Started Guide" document.
3. Update WHL-IPC-I7 board's processor in Supported HW document.
4. Add cpu_affinity element's description in ACRN Configuration Data.
5. Update the description for shm_region in Launch XML format.
6. Update configurable/readonly attributes values.
7. Update the description for hv.CAPACITIES.MAX_MSIX_TABLE_NUM in schema/config.xsd.
Tracked-On: #5692
Signed-off-by: Kunhui-Li <kunhuix.li@intel.com>
This patch updates recommendations to upgrade from a prior ACRN version for
v2.5.
v2:
* Apply suggestions from review.
* Remove descriptions on the scenario XML upgrade tool.
Signed-off-by: Junjie Mao <junjie.mao@intel.com>
update fixed security vulnerabilities for 2.5 release.
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Tweak references to account for renaming the getting started guide in
PR #6226 and create a redirect link from the previous filename.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Updates to the Getting Started Guide:
* Update title to simply be "Getting Started Guide"
* Simplify and remove instructions that are redundant
* Add a note explaining the difference between 'nuc11tnbi5' and
'nuc11tnhi5'
Tracked-On: #6225
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Update the ACRN documentation with regards to the supported HW:
* Remove outdated reference to Apollo Lake and Kaby Lake
* Re-order HW platforms in "Supported HW" to be consistent throughout
the document
* Use the '|copy|' and '|trade|' replacements
* Update the recommendation for creating nnon-existant $(BOARD).xml
Tracked-On: #6227
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Shuo A Liu