Add mmio device pass through support for pre-launched VM.
When we pass through a MMIO device to pre-launched VM, we would remove its
resource from the SOS. Now these resources only include the MMIO regions.
Tracked-On: #5053
Acked-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Li Fei1 <fei1.li@intel.com>
We could add MMIO device pass through by two ways:
a) If the MMIO device only has MMIO regions and no ACPI Table touched, using
"--mmiodev_pt MMIO_regions",
b) If the MMIO device touches ACPI Table, using "--acpidev_pt HID"
Now only support TPM2 MSFT0101 MMIO device pass through through launch script
using "--acpidev_pt MSFT0101". When we want to pass through the TPM2 deivce,
we would not allow to emulate the vTPM2 at the same time. This is becuase
the ACRN-DM emulate the TPM2 as MSFT0101 too. Otherwise, the VM can't boot.
Besides, we could only support one TPM2 device PT and one MMIO device PT.
For TPM2 device PT, the MMIO resources are hard-coded. For the MMIO device PT,
we could pass through the MMIO resources on the cmdline.
ToDo:
1. We may use HID to discover the MMIO regions and ACPI Table instaed of
hard-coded.
2. To identify a MMIO device only by MMIO regions.
3. To allocate virtual MMIO regions in a reserved guest MMIO regions.
Tracked-On: #5053
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Add two hypercalls to support MMIO device pass through.
Tracked-On: #5053
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Add two hypercalls to support MMIO device pass through for post-launched VM.
And when we support MMIO pass through for pre-launched VM, we could re-use
the code in mmio_dev.c
Tracked-On: #5053
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Some passthrough devices have no reset mechanisms which cause the device stay
in unknown status during boot/reboot flow. And such unknown status cause
unexpected behaviors in the guest. Except the ordinary reset mechanisms
like FLR, we can utilize enter/exit D3cold as the reset that D3cold will
power gate the entire hardware. But the D3cold is implemented as ACPI
method which has no user interface in the SOS side. But the D3cold is
implemented as ACPI method which has no user interface in the SOS side.
But base on our experience, some devices can utilize D3hot instead of
D3cold. But it is not useful for all PCI devices as the power status
of D3hot is implementation defined.
Provide one new API to program PowerState(D0/D1/D2/D3hot) in PMCSR
register.
Add "d3hot_reset" sub-parameter for passthrough device to enable utilize
enter/exit D3hot flow to implement reset mechanisms.
Tracked-On: #5067
Signed-off-by: Long Liu <long.liu@intel.com>
Reviewed-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
During context switch in hypervisor, xsave/xrstore are used to
save/resotre the XSAVE area according to the XCR0 and XSS. The legacy
region in XSAVE area include FPU and SSE, we should make sure the
legacy region be saved during contex switch. FPU in XCR0 is always
enabled according to SDM.
For SSE, we enable it in XCR0 during context switch.
Tracked-On: #5062
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
kick_thread function is only used by kick_vcpu to kick vcpu out of
non-root mode, the implementation in it is sending IPI to target CPU if
target obj is running and target PCPU is not current one; while for
runnable obj, it will just make reschedule request. So the kick_thread
is not actually belong to scheduler module, we can drop it and just do
the cpu notification in kick_vcpu.
Tracked-On: #5057
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
vcpu->running is duplicated with THREAD_STS_RUNNING status of thread
object. Introduce an API sleep_thread_sync(), which can utilize the
inner status of thread object, to do the sync sleep for zombie_vcpu().
Tracked-On: #5057
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1. Update thread status after switch_in/switch_out.
2. Add 'be_blocking' to represent the intermediate state during
sleep_thread and switch_out. After switch_out, the thread status
update to THREAD_STS_BLOCKED.
Tracked-On: #5057
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Reviewed-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
There has one bug that the pci_xhci_dev_emu objects recorded in
xdev->devices haven't destroy when OVMF transfer to guest OS.
This will cause the the fds of usbfs can't be freed in libusb.
The OVMF xHCI driver needs to disable all enabled slots during
graceful existing flow, but it doesn't.
The USBCMD.HCRST bit is used for xHC reset that will be triggered
in xHCI driver initialization. We can use this chance to clear
all pci_xhci_dev_emu objects
Tracked-On: #4897
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
-- replace global hypercall lock with per-vm lock
-- add spinlock protection for vm & vcpu state change
v1-->v2:
change get_vm_lock/put_vm_lock parameter from vm_id to vm
move lock obtain before vm state check
move all lock from vmcall.c to hypercall.c
Tracked-On: #4958
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Hide sriov capability of passthrough devices for VMs at init_vdev_pt().
And for post-launched VM, allow assign PF.
Tracked-On: #5041
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Support hide SRIOV extend capability for passthough device
Tracked-On: #5041
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Fei Li <fei1.li@intel.com>
add tsn devices and the NVME device in the board xml
Tracked-On: #4831
Signed-off-by: Shuang Zheng <shuang.zheng@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
OpRegion: 8KB(0x2000)
[ OpRegion Header ] Offset: 0x0
[ Mailbox #1: ACPI ] Offset: 0x100
[ Mailbox #2: SWSCI ] Offset: 0x200
[ Mailbox #3: ASLE ] Offset: 0x300
[ Mailbox #4: VBT ] Offset: 0x400
[ Mailbox #5: ASLE EXT ] Offset: 0x1C00
Extended OpRegion: 8KB(0x2000)
[ Raw VBT ] Offset: 0x0
Generally VBT stores in MailBox4 in OpRegion which max size is 6KB.
If VBT larger than 6KB, it will be stored in extended OpRegion which
is neighborhood with legacy OpRegion. In this case, we need to
passthrough extended OpRegion also to support GVT-d feature. The
OpRegion size that we passthrough should be (OpRegion+Extended)=16KB
ASLE.rvda stores the location of VBT.
For OpRegion 2.1+: ASLE.rvda = offset to OpRegion base address
For OpRegion 2.0: ASLE.rvda = physical address
To-do: Add support for OpRegion on some platforms(eg. APL)
Tracked-On: #5029
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Fix XHCI_GET_SLOT macro check slot valid function, when the
slot value is bigger than XHCI_MAX_SLOT set the slot value
to zero.
Tracked-On: #4711
Signed-off-by: Long Liu <long.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
This patch does the following,
1. Fix an explicit interface name check for tapX preventing
any other interface name like kata_tap to be setup.
2. Add support for macvtap interface.
3. Identify macvtap vs tap interface and
if it is macvtap, identify character device (/dev/tapXX)
to be used.
Tracked-On: #4945
Signed-off-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
Instead of linking to a specific doc on projectacrn.org, update to just
link to the area on projectacrn.org/#resources where the roadmap doc can
be found. Also remove mention of 2020 to keep it generic so it won't
need updating in 2021.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Propagated fix from other doxygen/breathe project to keep the
description found in the doxygen comments for the group being displayed
(in case there actually is a nice description given).
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
ACRN 2.0 introduced Inter-VM communication feature by enabling the ivshmem v1.0 protocol/channel to communication
between VMs. To support the community's application Security Development Lifecycle (SDL), we provide a security hardening
guideline with some pointers to consider when using this channel by userspace application in case of additional security
requirments for Confidentiality, Integrity, or Authenticity.
Signed-off-by: Mostafa Naeem <mostafa.elsaid@intel.com>
There are some devices (like Samsung NVMe SSD SM981/PM981 which has 33 MSIX tables)
which have more than 16 MSIX tables. Extend the default value to 64 to handle them.
Tracked-On: #4994
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Config tool should keep aligning with Kconfig default value for
MAX_MSIX_TABLE_NUM.
Note: Remain the same configuration for the board which does not have
PCIe slot or NVME slot.
Tracked-On: #4994
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
1.add max MSI-X table number in board xmls.
2.leave MAX_MSIX_TABLE_NUM item to blank.
Tracked-On: #4994
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
Detect and get MSI-X table number in board xmls.
Parse and generate the number for board config while 'MAX_MSIX_TABLE_NUM'
item is blank.
Tracked-On: #4994
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
Some OSes assume the platform must have the IOAPIC. For example:
Linux Kernel allocates IRQ force from GSI (0 if there's no PIC and IOAPIC) on x86.
And it thinks IRQ 0 is an architecture special IRQ, not for device driver. As a
result, the device driver may goes wrong if the allocated IRQ is 0 for RTVM.
This patch expose vIOAPIC to RTVM with LAPIC passthru even though the RTVM can't
use IOAPIC, it servers as a place holder to fullfil the guest assumption.
After vIOAPIC has exposed to guest unconditionally, the 'ready' field could be
removed since we do vIOAPIC initialization for each guest.
Tracked-On: #4691
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
1.Update passtrough device config for ehl-crb-b launch xmls.
Tracked-On: #5016
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
Add support 6 VMs for ehl-crb-b industry xml.
Tracked-On: #5015
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
While changes to documentation can be submitted directly as PRs, changes
to code must be first submitted for approval to the developer mailing
list. Update the contribution guidelines to talk about this.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
hugetlb_lv_max will get wrong value if the HUGETLB_LV2 mount failed.
Once hugetlb_lv_max is wrong, the following code logic messes up.
Tracked-On: #4937
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
The way of passing DSM address on TGL is the same with on EHL.
Adding these code to support GVT-d on TGL.
Tracked-On: #5020
Signed-off-by: Sun Peng <peng.p.sun@intel.com>
Acked-by: Yu Wang yu1.wang@intel.com
MBA_DELAY/CLOS_MASK show be exposed only if "MBA"/"L2" or "L3" existed
in rdt resource supoorted in board xml;
The default value of MBA_DELAY is 0;
The numbers of MAB_DELAY/CLOS_MASK entries is determined by:
If CDP is not enabled, the number of entries for CLOS_MASK and MBA_DELAY
is the min of CLOS_MAX of all RDT resources;
If CDP is enabled, divide the CLOS_MAX values for L3 and L2 resources
by 2 and then find the min of all RDT resources to get common_clos_max,
the number of entries for CLOS_MASK is common_clos_max*2,
the number of entries for MBA_DELAY is comm_clos_max.
Tracked-On: #4943
Signed-off-by: Shuang Zheng <shuang.zheng@intel.com>
Reviewed-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Refine sanity check for RDT CLOS and MBA Delay.
Tracked-On: #4943
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Reviewed-by: Vijay Dhanraj <vijay.dhanraj@intel.com>
Update the LICENSE year for hv files which generate by config tool.
Tracked-On: #5004
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
The pci.ids database should be already prepared while tools of 'lspci'
were correctly installed and this check for pci.ids should be removed.
Tracked-On: #4989
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
For the base of vuart 1 is not an invalid com base, the tools will check
the target vuart id and it's VM id if matches the other VM's. If they do
not match the error message will report to re-configuration.
Tracked-On: #4991
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
replace spinlock_obtain/spinlock_release with spinlock_irqsave_obtain
and spinlock_irqrestore_release to avoid dead lock for uart module.
this uart lock may be accessed in ISR context like this path:
dispatch_interrupt->pr_err/pr_xxx or printf
->console_write->uart16550_puts
Tracked-On: #4958
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
1. add life-mngr as a target in misc/Makefile, so it is
convenient to build and used in Yocto system.
2. add install target in life-mngr/Makefile to be packaged
into device file-system.
Tracked-On: #4870
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>