Commit Graph

426 Commits

Author SHA1 Message Date
Mingqiang Chi 4f6c451278 dm: sync common header file to DM
sync acrn_common.h to device model
set secure world enabled flag

Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:26 +08:00
yechunliang 2e2f02edeb replace malloc with calloc
malloc: allocate a block of memory, the contents of the block are undefined.
calloc: allocate a block of memory for an array of num elements and initializes all its bits to zero.

Signed-off-by: yechunliang <yechunliangcn@163.com>
2018-05-15 17:25:26 +08:00
Mingqiang Chi 9aa9a77457 mmu:create temporary page tables for guest at run time
Before this patch, guest temporary page tables were generated by hardcode
at compile time, HV will copy this page tables to guest before guest
launch.

This patch creates temporary page tables at runtime for the range of 0~4G,
and create page tables to cover new range(511G~511G+16M) with trusty
requirement.

Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:26 +08:00
Zheng, Gen 4d0f26d0e1 UEFI: update acrn.conf and Document
Since the boot flow had been changed to that sos kernel is lanuched
by cl bootloader directly, replace the payload acrn.efi with bzImage.efi
in the acrn.conf file, and specify ROOTDEV with UUID in the command line.

The UEFI firmware launches the EFI/org.clearlinux/bootloaderx64.efi
as os loader not the EFI/BOOT/BOOTX64.EFI, so fix the issue in the document
ACRN_UEFI.txt which guides user with incorrect steps.

Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Reviewed-by: Jack, Ren <jack.ren@intel.com>
2018-05-15 17:25:26 +08:00
Qi Yadong 7430074a12 trusty: initialize tsc_offset to zero
Per trusty design, trusty requires a monotonic increasing
secure tick(TSC) at run time. This secure tick will used
to mitigate password/pin force attack, control key expiration,
etc.

Currently, the TSC_OFFSET is enabled. And guest will got
(host_tsc + tsc_offset) when execute rdtsc/rdtscp/rdmsr to
aquire tsc value. The host_tsc is always keeping increasing
during the runtime.

So initialize tsc_offset of trusty to 0 will ensure the
secure tick feature.

Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ bf36022ce9 ept: change eptp to PA
eptp should be record as PA.

this patch changed nworld_eptp, sworld_eptp and m2p eptp to PA type,
necessary HPA2HVA/HVA2HPA transition is used for them after the change.

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ 8682552273 mmu: identify VA and PA in mmu.c
- read/write page table entries should use VA which defined as "void *"
- the address data in page table entries should us PA which defined as
  "uint64_t"

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun e078ce7aae DM: hotfix for loop initial declaration in acpi_pm
for (int i = 0; i < ...; i++) is only allowed in C99 mode, so fix this
coding style to:

int i;
for (i = 0; i < ...; i++)

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun 24ea869e25 HV: add px data of bxt j3455 SOC
The cpu model name of "Intel(R) Celeron(R) CPU J3455 @ 1.50GHz" is used for
APL NUC which is in Acrn official suport list.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun 7647517a15 HV: trap and validate px request
Currently acrn partitions cpus between SOS and UOS, so the default
policy is to allow guest managing CPU px state. However we would
not blindly passthrough perf_ctrl MSR to guest. Instead guest access
is always trapped and validated by acrn hypervisor before forwarding
to pcpu. Doing so leaves room for future power budget control in
hypervisor, e.g. limiting turbo percentage that a cpu can enter.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun 1d0d4d3185 HV: add hypercall interface of get vcpu state data
We can use this interface for VHM to pass per-cpu power state data
to guest per its request.

For now the vcpu power state is per-vm, this could be changed if
per-cpu power state support is required in the future.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun 0e2b9fc7fa HV: setup px info when create vm
The vm px info would be used for guest Pstate control.
Currently it is copied from host boot cpu.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun a28fbd15b5 HV: load cpu px data in boot
The patch takes Intel ATOM A3960 as example that hard code all Px info
which is needed for Px control into Acrn HV and load it in boot process.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun 4cd2717038 HV: add cpu model name
The cpu model name would be used to distinguish which hard coded data
need to be loaded to boot_cpu_data;

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ 878b5a0466 mmu: refine functions for invept
- rename mmu_invept to invept
- panic if HW doesn't support invept

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ a68850e00f mmu: replace ASSERT with panic in fetch_page_table_offset
all callers for fetch_page_table_offset should already make sure
it will not come to an unknown table_leve, so just panic here.

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ c2f86f23c3 mmu: refine functions walk_paging_struct & update_page_table_entry
- walk_paging_struct should return sub_table_addr, if something wrong,
  it return NULL
- update_page_table_entry should return adjusted_size, if something wrong
  it return 0

the change is valid under release version, as at that time, ASSERT in
walk_paging_struct is empty.

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ bb82504f05 mmu: refine functions get_table_entry & obtain_last_page_table_entry
- remove unused map_params in get_table_entry
- add error return for both, which is valid under release version,
  as at that time, ASSERT in get_table_entry is empty.

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ cbcc7c0db3 mmu: refine function break_page_table
function break_page_table should return next_level_page_size, if
something wrong, it return 0.

the change is valid for release version, as at that time ASSERT()
in break_page_table is empty.

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ 6454c7be6b mmu: refine function map_mem_region
function map_mem_region should return mapped_size, if something wrong,
it return 0.

the change is valid for release version, as at that time ASSERT()
in map_mem_region is empty.

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Jason Chen CJ fa3e424fcf mmu: refine functions modify_paging & map/unmap/modify mem
add error return for all, which is valid under release version,
as at that time, ASSERT in modify_paging is empty.

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun a91118e3e8 DM: build UOS DSDT with vcpu px state data
With the DSDT which include virtual _PSS/_PCT/_PPC objects, UOS should
have ACPI Px control capability if acpi cpufreq driver is enalbed in
kernel.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun e96fe060bc DM: add vmctx as write dsdt func ptr parameter
Some ACPI objects is per-vm and per-cpu specific so we need to pass
vmctx as function parameter when we write objects into DSDT table.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun b50fcc022f DM: add function to write Px objects to UOS DSDT
There are 3 ACPI objects for Px: _PCT, _PPC and _PSS need to be writed
to DSDT, and the _PSS data is per-cpu specific so we need to pass the
vm id and vcpu id as parameter.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun ea662e6d49 DM: add function of get px count and data
The px count and data is per-cpu so we should query them for specific
vm and specific vcpu, for px data we need to specify px num also.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Victor Sun 263bdf6cf2 DM: add vmm interface to get px data
The interface will be used to interact with VHM service via IOCTL.

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
2018-05-15 17:25:25 +08:00
Jack Ren ec1cbbb660 UEFI: get the guest entry address explicitly
Previously with the help from gcc, __builtin_return_address(0) is
used as the guest entry address, but it can't work well with gcc 7.3
and leads to the guest unable to return to UEFI correctly.
Let's get it explicitly.

Signed-off-by: Jack Ren <jack.ren@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:25 +08:00
Tao, Yuhong 4e5029383d DM:tools: add acrnctl tool
The acrnctl can help user to create, delete, launch and stop UOSs,
To see what it can do, just run:
	# acrnctl
or
	# acrnctl help
you may see:
	support:
        	list
        	start
        	stop
        	del
		add
	Use acrnctl [cmd] help for details
There are examples:
(1) add a VM
    Each time you can just add one VM. Suppose you have an UOS
    launch script, such as launch_UOS.sh
    you can run:
	# acrnctl add launch_UOS.sh -U 1
	vm1-14:59:30 added
    Note that, launch script shoud be able to launch ONE UOS. If
    it fail, it is better to print some error logs, to tell user
    the reason, so that he knows how to solve it.
    The vmname is important, the acrnctl searchs VMs by their
    names. so duplicated VM names are not allowed. Beside, if the
    launch script changes VM name at launch time, acrnctl will
    not recgonize it.
(2) delete VMs
	# acrnctl del vm1-14:59:30
(3) show VMs
	# acrnctl list
	vm1-14:59:30            untracked
	vm-yocto            	stop
	vm-android		stop
(4) start VM
    you can start a vm with 'stop' status, each time can start
    one VM.
	# acrnctl start vm-yocto
(5) stop VM
    you can stop VMs, if their status is not 'stop'
	# acrnctl stop vm-yocto vm1-14:59:30 vm-android

Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Reviewed-by: Zhao, Yakui <yakui.zhao@intel.com>
Signed-off-by: Tao, Yuhong <yuhong.tao@intel.com>
2018-05-15 17:25:25 +08:00
Tao, Yuhong 498e8c0543 monitor: an interface of acrn-dm
A monitor component will be added to acrn-dm, which crteats socket,
bind and listening at /run/acrn/vmname. Acrnctl & acrnd could conn
-ect to the socket for communication, using defined message, in
include/monitor_msg.h
For each defined message, a message handler callback could be
registered via monitor_add_msg_handler(). On received of a defined
message, a certain call back will be called. Each callback can only
see the message sender's socket-fd.
When acrn-dm want report something, not triggered by incoming message
it can send broadcast message, use monitor_broadcast().

Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Reviewed-by: Yin, Fengwei <fengwei.yin@intel.com>
Signed-off-by: Tao, Yuhong <yuhong.tao@intel.com>
2018-05-15 17:25:25 +08:00
Geoffroy Van Cutsem 1ef6bba51e Enable Travis CI testing
Enable Travis CI testing for the following development host OSs:
* Clearlinux
* Ubuntu 16.04
* Fedora 26

Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
2018-05-15 17:25:25 +08:00
Geoffroy Van Cutsem c5c4b63150 Travis CI: enable Ubuntu 16.04 and Fedora 26 testing
Enable compilation test for Fedora 26 and Ubuntu 16.04. The tests
will run for all combinations of RELEASE={0|1} and PLATFORM={sbl|uefi}

Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
2018-05-15 17:25:24 +08:00
Geoffroy Van Cutsem 1ac5a2aebd Enable Travis CI for all combinations
Enable the Travis CI testing for all combinations of variables
that can be set at compile-time. I.e. RELEASE={0|1} and
PLATFORM={0|1}

Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
2018-05-15 17:25:24 +08:00
Yin Fengwei eadc921bf0 DM: refine cleanup functionality of virtual RTC
The patch includes:
1. vrtc_cleanup -> vrtc_deinit to align with other devices
2. delete timer created in vrtc_init
3. make call to vrtc_deinit in cleanup path

Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Yin Fengwei 80a9fe5b37 DM: add deinit function to virtual keyboard device
old code has no deinit functionality for virtual keyboard device.
Which will trigger resource leak when system is reboot.

deinit function is added to:
1. deinit low ps2 based keyboard and mouse
2. release memory/io resource of virtual keyboard device
NOTE: IRQ resource will be handed in pci irq module

Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Yin Fengwei f6db755c7f DM: add deinit function for ps2kbd and ps2mouse
Add deinit function for ps2kbd and ps2mouse.

To support deinit function for ps2kbd and ps2mouse which
has struct atkbdc_base as parameter, we make struct
atkbdc_base exported as public.

We also add console unregister function for keyboard
and mouse. Which are called in ps2mouse/ps2kbd deinit
function.

Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Yin Fengwei f0b74016d1 DM: release mmio data structure for pci bar
We didn't release mmio/io data structure related with PCI bar
of pci dev. Which could trigger memory leak when reboot UOS.

With the new patch, we release the mmio/io data structure
when pci core tries to deinit pci device.

Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Eddie Dong <Eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
David B. Kinder 3726a0f7a5 doc: fix hypercall API doxygen errors
Documentation for parameters must match exactly in spelling and case.
Parameter named "vcpu" was incorrectly documented as "VCPU", and
parameter named "param" was documented as "param's".

Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
2018-05-15 17:25:24 +08:00
yechunliang b11460f7f6 replace malloc and memset with calloc
malloc: allocate a block of memory, the contents of the block are undefined.
calloc: allocate a block of memory for an array of num elements and initializes all its bits to zero.

Signed-off-by: yechunliang <yechunliangcn@163.com>
2018-05-15 17:25:24 +08:00
Mingqiang Chi 92d86383be hv:check continuous hpa when create secure world
Add check_continuous_hpa API:
when create secure world,if the physical
address is not continuous, will assert.

Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Mingqiang Chi e5be957945 hv:add destroy Secure world API
This patch added API destroy_secure_world, which will do:
-- clear trusty memory space
-- restore memory to SOS ept mapping
It will be called when VM is destroyed, furthermore, ept of
Secure world will be destroyed as well.

Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Reviewed-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Li, Fei1 ace23b5088 hv: shell: add cpuid command
Add cpuid shell command for test

Signed-off-by: Li, Fei1 <fei1.li@intel.com>
2018-05-15 17:25:24 +08:00
Qi Yadong c83bcded99 trusty: fix typo of comments
Remove TODO comments since it has been done below the comments.
Typo fix: startup_info --> startup_param.

Signed-off-by: Qi Yadong <yadong.qi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Geoffroy Van Cutsem 46bb2dbd51 Add initial .travis.yml and Dockerfile (Clearlinux)
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Signed-off-by: T <shrmrf@users.noreply.github.com>
2018-05-15 17:25:24 +08:00
Minggui Cao 2db1324837 add vmx msr ops protection from guest OS
1.it doesn't support VMX for guest OS
2.for MSR out of control, inject GP to guest OS.

Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Jian Jun Chen 86f394851b dm/VBS-U: increase generation when configuration changed
Virtio 1.0 introdues a generation number for the device-specific
configuration. It should be increased every time the configuration
noticeably changes.

Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Hao Li <hao.l.li@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Jian Jun Chen 0398498846 dm/VBS-U: implement virtio_dev_error
When the device has experienced an error from which it cannot
re-cover, DEVICE_NEEDS_RESET is set to the device status register
and a config change intr is sent to the guest driver.

Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Hao Li <hao.l.li@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Jian Jun Chen ce098260de dm/VBS-U: implement virtio_vq_enable
Virtio modern changed the virtqueue cofiguration precedures. GPA
of descriptor table, available ring and used ring are written to
common configuration registers separately. A final write to
Q_ENABLE register triggered initialization of the virtqueue on
the backend device.

Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Hao Li <hao.l.li@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Jian Jun Chen 76422fd5f1 dm/VBS-U: implement write callback of notify cfg
virtio_notify_cfg_write is called when guest driver performs virtqueue
kick by writing the notificaiton register of the virtqueue.

Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Hao Li <hao.l.li@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Jian Jun Chen cfa591aedf dm/VBS-U: implement read callback of isr cfg
Registers in the isr configuration region are read-only.

Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Hao Li <hao.l.li@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00
Jian Jun Chen 1fa2f27dd3 dm/VBS-U: implement read/write callbacks of device-specific cfg
This patch implements the read/write callbacks for the registers in the
device-specific region. This region is implemented in the modern MMIO
bar.

Signed-off-by: Jian Jun Chen <jian.jun.chen@intel.com>
Reviewed-by: Hao Li <hao.l.li@intel.com>
Reviewed-by: Zhao Yakui <yakui.zhao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2018-05-15 17:25:24 +08:00