Commit Graph

5104 Commits

Author SHA1 Message Date
Tw 0f9e9ee0c4 Doc: add instructions for using Xenomai as UOS
Signed-off-by: Tw <wei.tan@intel.com>
2020-03-27 16:39:39 -04:00
Yonghua Huang 3de67830f6 doc: update security advisory for v1.6 release
Update mitigations for security vulnerabilities
  for ACRN v.16 release.

Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
2020-03-27 16:35:51 -04:00
Tonny Tzeng 052889c022 acrn-config: create temporary scenario file folder if it doesn't exist
This commit creates the folder for hosting the temporary scenario .xml files if the folder doesn't exist to avoid the FileNotFound python exception.

Tracked-On: #4522
Signed-off-by: Tonny Tzeng <tonny.tzeng@intel.com>
2020-03-26 09:31:57 +08:00
Deb Taylor d5461410b3 Doc: Add Glossary to Nav Bar and Home Page
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-25 14:15:37 -04:00
Deb Taylor 47b1a936ad Doc: Remove Construction Progress label from site
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-25 13:39:51 -04:00
David B. Kinder 268df234a3 doc: fix docs with windows line endings
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
2020-03-25 13:14:43 -04:00
Yin Fengwei c9e3d36ef1 efi-stub: fix wrong bootloader name issue
UEFI pass option as unicode string to efi-stub. That string has
no end charactor ('\0'). Insteadly, the option has string size
and we should use the string size to decide the end of the option
string.

Tracked-On: #4520
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Zide Chen <zide.chen@intel.com>
2020-03-25 14:37:00 +08:00
Li Fei1 4512ef7ec9 hv: cpuid: remove cpuid()
The cupid() can be replaced with cupid_subleaf, which is more clear.
Having both APIs makes reading difficult.

Tracked-On: #4526
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2020-03-25 13:26:58 +08:00
Sainath Grandhi 6b517c58f1 hv: Server platforms can have more than 8 IO-APICs
To support server platforms with more than 8 IO-APICs

Tracked-On: #4151
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
2020-03-25 09:36:18 +08:00
Sainath Grandhi fe5a108c7b hv: vioapic init for SOS VM on platforms with multiple IO-APICs
For SOS VM, when the target platform has multiple IO-APICs, there
should be equal number of virtual IO-APICs.

This patch adds support for emulating multiple vIOAPICs per VM.

Tracked-On: #4151
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
2020-03-25 09:36:18 +08:00
Sainath Grandhi f67ac09141 hv: Handle holes in GSI i.e. Global System Interrupt for multiple IO-APICs
MADT is used to specify the GSI base for each IO-APIC and the number of
interrupt pins per IO-APIC is programmed into Max. Redir. Entry register of
that IO-APIC.

On platforms with multiple IO-APICs, there can be holes in the GSI space.
For example, on a platform with 2 IO-APICs, the following configuration has
a hole (from 24 to 31) in the GSI space.

IO-APIC 1: GSI base - 0, number of pins - 24
IO-APIC 2: GSI base - 32, number of pins - 8

This patch also adjusts the size for variables used to represent the total
number of IO-APICs on the system from uint16_t to uint8_t as the ACPI MADT
uses only 8-bits to indicate the unique IO-APIC IDs.

Tracked-On: #4151
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
2020-03-25 09:36:18 +08:00
Sainath Grandhi 85217e362f hv: Introduce Global System Interrupt (GSI) into INTx Remapping
As ACRN prepares to support platforms with multiple IO-APICs,
GSI is a better way to represent physical and virtual INTx interrupt
source.
1) This patch replaces usage of "pin" with "gsi" whereever applicable
across the modules.
2) PIC pin to gsi is trickier and needs to consider the usage of
"Interrupt Source Override" structure in ACPI for the corresponding VM.

Tracked-On: #4151
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
2020-03-25 09:36:18 +08:00
Sainath Grandhi 2fe3004202 hv: Pass address of vioapic struct to register_mmio_emulation_handler
Changes the mmio handler data from that of the acrn_vm struct to
the acrn_vioapic.

Add nr_pins and base_addr to the acrn_vioapic data structure.

Tracked-On: #4151
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
2020-03-25 09:36:18 +08:00
Sainath Grandhi dd6c80c305 hv: Move error checking for hypercall parameters out of assign module
Moving checks on validity of IOAPIC interrupt remapping hypercall parameters
to hypercall module

Tracked-On: #4151
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
2020-03-25 09:36:18 +08:00
Sainath Grandhi 06b59e0bc1 hv: Use ptirq_lookup_entry_by_sid to lookup virtual source id in IOAPIC irq entries
Reverts 538ba08c: hv:Add vpin to ptdev entry mapping for vpic/vioapic

ACRN uses an array of size  per VM to store ptirq entries against the vIOAPIC pin
and an array of size per VM to store ptirq entries against the vPIC pin.
This is done to speed up "ptirq entry" lookup at runtime for Level triggered
interrupts in API ptirq_intx_ack used on EOI.

This patch switches the lookup API for INTx interrupts to the API,
ptirq_lookup_entry_by_sid

This could add delay to processing EOI for Level triggered interrupts.
Trade-off here is space saved for array/s of size CONFIG_MAX_IOAPIC_LINES with 8 bytes
per data. On a server platform, ACRN needs to emulate multiple vIOAPICs for
SOS VM, same as the number of physical IO-APICs. Thereby ACRN would need around
10 such arrays per VM.

Removes the need of "pic_pin" except for the APIs facing the hypercalls
hcall_set_ptdev_intr_info, hcall_reset_ptdev_intr_info

Tracked-On: #4151
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@Intel.com>
2020-03-25 09:36:18 +08:00
Deb Taylor c3582dcd04 Doc: Edits to workaround note for EFI command line option string issue.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-24 21:11:52 -04:00
fuzhongl 4ea3676f26 Doc: add space at the end of efibootmgr bootloader
This is a workaround for the issue in efi-stub: If the EFI option is loaded to a memory range which is not all zero filled,
it's possible the garbage string appended to bootloader name string.
Which could make system can't boot.

Add an extra space to the EFI option to make sure space could be used to detect the end of bootloader name string.

Once the fixing patch is merged, we don't need this extra space.
But to make old ACRN work, we'd like to keep the space here.

Signed-off-by: fuzhongl <fuzhong.liu@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
2020-03-24 19:34:44 -04:00
Victor Sun 52f26cba8a hv: a few fixes for multiboot2 boot
- need to specify the load_addr in the multiboot2 address tag. GRUB needs
  it to correctly calculate the ACRN binary's load size if load_end_addr is
  a non-zero value.

- multiboot2 can be enabled if hypervisor relocation is disabled.

- print the name of the boot loader. This might be helpful if the boot
  loader, e.g. GRUB, inludes its version in the name string.

Tracked-On: #4441
Signed-off-by: Victor Sun <victor.sun@intel.com>
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
2020-03-24 08:44:20 +08:00
Deb Taylor e928ca4b3a Doc: Update mem-mapping image in hv-memmgt.html
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-23 16:25:49 -04:00
Deb Taylor ec20413a88 Doc: Update mem-mapping image in hv-memmgt.html
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-23 16:25:49 -04:00
Deb Taylor ddb18283a2 Doc: Grammatical edits to using_windows_as_uos.rst
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-22 20:57:45 -04:00
ffshen b9bf38e8a0 doc: update waag GSG according to the latest method
Delete Redhad virtio drive, only keep Oracle as reference.
Delete "inject driver into ISO" part, and update to the latest workable
method.
In a word, QA just need maintain one latest workable method in GSG for creating WaaG image.

Signed-off-by: ffshen <fangfang.shen@intel.com>
2020-03-22 11:37:32 -04:00
David B. Kinder a086d72974 doc: fix docs with broken links
Fix links in documentation that have moved (e.g.,
clearlinux.org/documentation moved to docs.01.org/clearlinux/latest).

Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
2020-03-22 11:35:17 -04:00
Li Fei1 e99ddf28c3 hv: vpci: handle the quirk part for pass through pci device cfg access in dm
There're some PCI devices need special handler for vendor-specical feature or
capability CFG access. The Intel GPU is one of them. In order to keep the ACRN-HV
clean, we want to throw the qurik part of PCI CFG asccess to DM to handle.

To achieve this, we implement per-device policy base on whether it needs quirk handler
for a VM: each device could configure as "quirk pass through device" or not. For a
"quirk pass through device", we will handle the general part in HV and the quirk part
in DM. For a non "quirk pass through device",  we will handle all the part in HV.

Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2020-03-20 10:08:43 +08:00
Li Fei1 e5c7a96513 hv: vpci: sos could access low severity guest pci cfg space
There're some cases the SOS (higher severity guest) needs to access the
post-launched VM (lower severity guest) PCI CFG space:
1. The SR-IOV PF needs to reset the VF
2. Some pass through device still need DM to handle some quirk.
In the case a device is assigned to a UOS and is not in a zombie state, the SOS
is able to access, if and only if the SOS has higher severity than the UOS.

Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2020-03-20 10:08:43 +08:00
Deb Taylor 537f59f751 doc: Grammatical updates to SR-IOV virt doc
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-18 21:02:27 -04:00
Yuan Liu 7b3c3c6bcf doc: introduce SR-IOV virtualization
The SR-IOV virtualization document

Tracked-On: #4433
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
2020-03-18 12:15:49 -04:00
Yuan Liu 9375c634dc hv: unmap SR-IOV VF MMIO when the VF physical device is disabled
To avoid information leakage, we need to ensure that the device is
inaccessble when it does not exist.

For SR-IOV disabled VF device, we have the following operations.
    1. The configuration space accessing will get 0xFFFFFFFF as a
       return value after set the device state to zombie.
    2. The BAR MMIO EPT mapping are removed, the accesssing causes
       EPT violation.
    3. The device will be detached from IOMMU.
    4. The IRQ pin and vector are released.

Tracked-On: #4433

Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-03-18 21:46:54 +08:00
Deb Taylor b09f07e200 doc: More re-org updates
Add ACRN Open Source Roadmap 2020 link to Intro/What is ACRN page
Add ACRN blog link to ACRN Intro page (under Roadmap)
Move ACRN Shell Commands to 'Tools' under Advanced Guides page

Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-17 11:28:26 -04:00
lirui34 bf7766fc6d doc: Update build celadon instruction link
Signed-off-by: lirui34 <ruix.li@intel.com>
2020-03-17 11:02:14 -04:00
Wei Liu b10b309b21 acrn-config: fix missing passthru parameter for launch config
If the bus number is not 0, then malloc a virtual slot for the device,
meanwhile, it should be added to PT_SLOT for the next query, otherwise
the passthru parameter would be lost in the launch script.

Tracked-On: #4494
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
2020-03-17 16:37:43 +08:00
Wei Liu ae5f0f1c9b acrn-config: add missed include in pci_dev.c for logical partition
commit a68f655a11 added two extra header
include in pci_dev.c for logical_partition scenario but acrn-config did
not handle that.
This patch fix the issue.

Tracked-On: #4492
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
2020-03-17 15:04:57 +08:00
Deb Taylor 1f50b07405 Doc: Update re-org'd ACRN index page and What is ACRN.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-16 17:16:00 -04:00
Peter Fang 05dc6c5336 OVMF release v1.6
- Enable fstack-protector-strong for OVMF x64 and gcc5

Tracked-On: #4490
Signed-off-by: Peter Fang <peter.fang@intel.com>
2020-03-16 08:37:22 +08:00
Deb Taylor fd2330c924 Doc: Changed lines in RN 1.0 and 0.1 to correct ref issue.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-12 22:55:03 -04:00
Mingqiang Chi 14692ef60c hv:Rename two VM states
Rename:
  VM_STARTED --> VM_RUNNING
  VM_POWERING_OFF --> VM_READY_TO_POWEROFF

Tracked-On: #4320
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-03-13 10:34:29 +08:00
Deb Taylor a5f9ef402e Doc: Fix tool ref tag on develop.rst page
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-12 22:26:14 -04:00
Deb Taylor 9a85e27430 Doc: Re-org documentation to improve user experience; see Nav Bar
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-03-12 21:54:36 -04:00
Wei Liu b62d439bf1 acrn-config: remove a function that generates ve820 file
1. To keep align with acrn-hypervisor source code, remove a function
that generates ve820 file.

Tracked-On: #3854
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
2020-03-12 14:56:34 +08:00
Wei Liu 27b6c82c0f acrn-config: keep HV_RAM_START 2M memory align
Refine HV_RAM_START to keep 2M memory align for new board config.

Tracked-On: #3854
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
2020-03-12 14:56:34 +08:00
Wei Liu 91b06a35ee acrn-config: remap PCI vbar address to high memory
1. If the device configure space is not fixed by ACPI and its pbar address
is above 4G or lower than 2G, then remap the vbar address to high memory.
2. Due to GPU might have huge MMIO space which would result in
HV_RAM_SIZE overflow, skip its vBAR remapping for now when the size high
than 1GB.

Tracked-On: #4458
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
2020-03-12 14:56:34 +08:00
Wei Liu 830df76f1e acrn-config: refine VM number macro from scenario config
1. refine vm number macro from scenario config.
2. add sanity check for load order.

Tracked-On: #4458
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
2020-03-12 14:56:34 +08:00
Victor Sun a8c2ba03fc HV: add pci_devices.h for nuc6cayh and apl-up2
As pci_devices.h is included by <page.h>, need to prepare pci_devices.h
for nuc6cayh and apl-up2 board.

Also the #error info in generic/pci_devices.h should be removed, otherwise
the build will be failed in sdc/sdc2/industry scenarios.

Tracked-On: #4458

Signed-off-by: Victor Sun <victor.sun@intel.com>
2020-03-12 14:56:34 +08:00
Victor Sun a68f655a11 HV: update ept address range for pre-launched VM
For a pre-launched VM, a region from PTDEV_HI_MMIO_START is used to store
64bit vBARs of PT devices which address is high than 4G. The region should
be located after all user memory space and be coverd by guest EPT address.

Tracked-On: #4458

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-03-12 14:56:34 +08:00
Victor Sun e74553492a HV: move create_sos_vm_e820 to ve820.c
ve820.c is a common file in arch/x86/guest/ now, so move function of
create_sos_vm_e820() to this file to make code structure clear;

Tracked-On: #4458

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-03-12 14:56:34 +08:00
Victor Sun a7b61d2511 HV: remove board specific ve820
Remove useless per board ve820.c as arch/x86/guest/ve820.c is common for
all boards now;

Tracked-On: #4458

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-03-12 14:56:34 +08:00
Victor Sun d7eac3fe6a HV: decouple prelaunch VM ve820 from board configs
hypervisor/arch/x86/configs/$(BOARD)/ve820.c is used to store pre-launched
VM specific e820 entries according to memory configuration of customer.
It should be a scenario based configurations but we had to put it in per
board foler because of different board memory settings. This brings concerns
to customer on configuration orgnization.

Currently the file provides same e820 layout for all pre-launched VMs, but
they should have different e820 when their memory are configured differently.
Although we have acrn-config tool to generate ve802.c automatically, it
is not friendly to modify hardcoded ve820 layout manually, so the patch
changes the entries initialization method by calculating each entry item
in C code.

Tracked-On: #4458

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-03-12 14:56:34 +08:00
Victor Sun 4c0965d89e HV: correct ept page array usage
Currently ept_pages_info[] is initialized with first element only that force
VM of id 0 using SOS EPT pages. This is incorrect for logical partition and
hybrid scenario. Considering SOS_RAM_SIZE and UOS_RAM_SIZE are configured
separately, we should use different ept pages accordingly.

So, the PRE_VM_NUM/SOS_VM_NUM and MAX_POST_VM_NUM macros are introduced to
resolve this issue. The macros would be generated by acrn-config tool when
user configure ACRN for their specific scenario.

One more thing, that when UOS_RAM_SIZE is less then 2GB, the EPT address
range should be (4G + PLATFORM_HI_MMIO_SIZE).

Tracked-On: #4458

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-03-12 14:56:34 +08:00
Yuan Liu e9a99845f6 hv: refine read/write configuration APIs for vmsi/vmsix
change vmsi_read_cfg to read_vmsi_cfg, same applies to writing
change vmsix_read_cfg to read_vmsix_cfg, same applies to writing

Tracked-On: #4433

Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-03-12 10:40:02 +08:00
Li Fei1 4b6dd19ad1 hv: pci: rename CFG read/write function for PCI-compatible Configuration Mechanism
Move CFG read/write function for PCI-compatible Configuration Mechanism from
debug/uartuart16550.c to hw/pci.c and rename CFG read/write function for
PCI-compatible Configuration Mechanism to pci_pio_read/write_cfg to align with
CFG read/write function pci_mmcfg_read/write_cfg for PCI Express Enhanced
Configuration Access Mechanism.

Tracked-On: #4371
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2020-03-12 09:17:02 +08:00