When run 'acrnctl add', acrnctl dryruns launch script to get
vmname. Acrnctl assumes there are no more than 64 words in each
line of the script, and creates a buffer to hold 64 pointers to these
words. But we didn't check if the number of words exceed 64 limitation,
which can lead to buffer overflow. This commit fixed this potential
overflow problem.
And also refine some confusing error messages in 'acrnctl add'
Tracked-On: #2734
Acked-by: Yan Like <like.yan@intel.com>
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
detect_apicv_cap should used to detect all the APICv capabilities. Besides,
"Virtualize x2APIC mode" doesn't depend on "APIC-register virtualization".
We shouldn't check "Virtualize x2APIC mode" support only when physical platform
supports "APIC-register virtualization"
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Add two functions to combine constraint for APICv:
is_apicv_basic_feature_supported: check the physical platform whether support
"Use TPR shadow", "Virtualize APIC accesses" and "Virtualize x2APIC mode"
is_apicv_advanced_feature_supported: check the physical platform whether support
"APIC-register virtualization", "Virtual-interrupt delivery" and
"Process posted interrupts".
If the physical platform only support APICv basic feature, enable "Use TPR shadow"
and "Virtualize APIC accesses" for xAPIC mode; enable "Use TPR shadow" and
"Virtualize x2APIC mode" for x2APIC. Otherwise, if the physical platform support
APICv advanced feature, enable APICv feature for xAPIC mode and x2APIC mode.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Without memory barrier, the change of used ring index could not
immediately detected by FE, this would bring some problems.
For virtio-blk FE driver, when it receives an interrupt, and confirms the
used ring index has changed, it will first set ring flags with
VRING_AVAIL_F_NO_INTERRUPT, then get buffer from virtqueue, after
process this request, it will mask VRING_AVAIL_F_NO_INTERRUPT, and get
used ring index again before return. If used ring changes, it will
process it. At the same time, BE will read this flags before each notify,
if VRING_AVAIL_F_NO_INTERRUPT was set, BE will not inject interrupt.
Without memory barrier, before FE mask VRING_AVAIL_F_NO_INTERRUPT, BE
has finished notify without interrupt, then FE mask
VRING_AVAIL_F_NO_INTERRUPT, and get used ring index but failed (index
has changed from BE side). FE will return from interrupt handler
function, and wait for next interrupt which was not injected by BE. Thus,
this will cause kernel hung.
Tracked-On: #2732
Signed-off-by: Conghui Chen <conghui.chen@intel.com>
Signed-off-by: Yin Fengwei <fengwei.yin@intel.com>
Acked-by: Wang Yu <yu1.wang@intel.com>
This patch add one sample script to launch zephyr as guest.
Tracked-On: #2713
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Yan, Like <like.yan@intel.com>
When acrnd_vm_timer_func() launch UOS, it need fork() and run, so
that do not block the main process.
Tracked-On: #2716
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Yan, Like <like.yan@intel.com>
For a running or suspended VM, its state is updated in 2 steps.
It is first set to VM_CREATED, then set to VM_STARTED/VM_PAUSED. IF
one thread check a running/suspend VM, it may get wrong state VM_CREATED,
while another thread is updating the VMs state.
Tracked-On: #2716
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Yan, Like <like.yan@intel.com>
pdebug just provide information about function name and source code line number.
From debug point of view, it is better to give developer more detailed err msg.
Tracked-On: #2716
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Yan, Like <like.yan@intel.com>
Print more information at acrnd_add_work(), query_state()
try_do_works() and handle_acrnd_resume()
Tracked-On: #2716
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
Acked-by: Yan, Like <like.yan@intel.com>
Accessing memory of guest will cause page fault when SMAP is enabled.
This patch stac()/clac() correspondingly to get rid of this situation.
Tracked-On: #2713
Signed-off-by: Kaige Fu <kaige.fu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Dynamic memory stored in 'net' allocated through function 'calloc'
should be freed correspondingly when return fail.
Tracked-On: #2704
Signed-off-by: Jie Deng <jie.deng@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>
Update the "ACRN Shell Commands" user guide in the following aspects:
* Improve the text (help) for some commands to improve readability
* Remove commands that are no longer available
* Add the 'vioapic' command that was missing
Note: this patch does not add a description for both the "[rd|wr]msr"
commands.
Tracked-On: #2684
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Co-Authored-By: David B. Kinder <david.b.kinder@intel.com>
Assert that PCI devices discovered while booting the hypervisor do not
have more table entries than allowed by the compile-time configuration
(CONFIG_MAX_MSIX_TABLE_NUM).
The case were `msix.table_count` > `CONFIG_MAX_MSIX_TABLE_NUM` is fatal
since the init function in the handler for MSI-X (vmsix_init) only looks
at `table_count` when populating the table. Since
`CONFIG_MAX_MSIX_TABLE_NUM` is the max size of the table array entry in
the pci_msix struct. This will cause the msix handler to write outside of
the table array.
Tracked-On: #2624
Signed-off-by: Viktor Sjölind <vsjolind@luxoft.com>
Except for few translation structures in x86 IOMMU, all translation
structures are 128-bit. All the translation structures used by ACRN
are 128 bit. So removed multiple definitions and defined a struct
that accomodates 128 bit entries.
Tracked-On: #2668
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
The board name for building images for UP2 has been changed from 'up2' to 'apl-up2' by the commit #f9b5e21.
Signed-off-by: Tonny Tzeng <tonny.tzeng@intel.com>
In partition mode, unassign_iommu_device() is called from vpci_cleanup(),
so when shutdown_vm() is called, unassign_iommu_device() could fail because
of "domain id mismatch" and DMAR is not cleared.
Also move destroy_ept() after the call to destroy_iommu_domain().
Tracked-On: #2700
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Previous change 'HV: modularization vm config code', commit id
1bb15c64a6, lost CAT code when move
sanitize_vm_config() from vm.c to vm_config.c
Tracked-On: #2291
Signed-off-by: Tao Yuhong <yuhong.tao@intel.com>
platform_acpi_info.h should be BOARD specific so move the header file
to configs/$(CONFIG_BOARD)/ folder.
So the target acpi info file detect process is:
Compiler search for $(CONFIG_BOARD)_acpi_info.h under
hypervisor/arch/x86/$(CONFIG_BOARD)/ first (the file is supposed to be
generated by offline tool so it is not included in original source), if
found, then the file is the target acpi info file. If not and at the
same time the ENFORCE_VALIDATED_ACPI_INFO Kconfig was set, the compiler
will stop and hint user to add target acpi info file by offline tool.
If ENFORCE_VALIDATED_ACPI_INFO was unset, then compiler will continue to
search for platform_acpi_info.h as target acpi info file under
hypervisor/arch/x86/$(CONFIG_BOARD) folder (with this file we could bypass
ENFORCE_VALIDATED_ACPI_INFO check and benifit for development). If this
file is not exist, then hypervisor/arch/x86/configs/platform_acpi_info.h
will be included as final target acpi info.
The process should work for UEFI path also, with a valid platform acpi
info file, S3/S5 should work on UEFI platform.
Tracked-On: #2291
Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
check the power button acpi driver firstly, then find input event
corresponding to the power button.
Tracked-On: #2695
Signed-off-by: Yuan Liu <yuan1.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
-- change 'tsc_khz' to static
-- move these APIs from rtl.h to timer.c
us_to_ticks()
ticks_to_us()
ticks_to_ms()
rdtsc()
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
to validate the ID and state of vCPU in below functions:
- hcall_set_vcpu_regs()
- hcall_notify_ioreq_finish()
- shell_vcpu_dumpreq()
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
change the config type of COM_IRQ from "hex" to "int"; make
it consistent with its default value.
Tracked-On: #2689
Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Reviewed-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
This commit extracts the common logic of vlapic_calc_dest() and vlapic_calc_dest_lapic_pt()
to static inline functions, in order to make vlapic_calc_dest() clean and easy to read.
Tracked-On: #1842
Signed-off-by: Yan, Like <like.yan@intel.com>
There was a workaround in DM that allocates PCI 64bit mem bar in 32bit mem space
if the bar size is within 32MB.
After the workaround being removed, there is an issue to enter fastboot
mode for inappropriate handling of 64bit mem bar in guest driver.
The patch bring the workaround back, and skip the workaround when the guest
is booted by OVMF.
Revert the patch after the guest fixs the issue of handling 64bit mem bar in
fastboot mode.
Tracked-On: #2677
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
We could simple the vector check for LVT IRQ by move this check to
vlapic_fire_lvt when the IRQ is fixed mode.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Set when the local APIC detects an illegal vector (one in the range 0 to 15)
in the message that it is sending. This occurs as the result of a write to the
ICR (in both xAPIC and x2APIC modes) or to SELF IPI register (x2APIC mode only)
with an illegal vector.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
LVT ERROR is an edge and fixed mode interrupt. We could call vlapic_accept_intr
to fire it directly. Otherwise, if LVT ERR vector is invalid, an invalid
interrupt will be accepted in IRR.
Tracked-On: #1842
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
Currently for pre-launched VMs, HV intends to do EPT mapping for all GPA
space, which implies that it wastes HPA to back PCI hole and other vE820
entries that are not backed by physical memory.
This patch solves this issue and fixes ve820 entries whose length is not
aligned to 4K, and changes the lowmem entry's start GPA from 1MB to 2MB.
Tracked-On: #2587
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
This patch simplifies `get_primary_vcpu` and `vcpu_from_vid`.
The target_vcpu could be get from the index directly.
Tracked-On: #1842
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Correct wrong use of vector where lvt_index should be used.
Tracked-On: #1842
Signed-off-by: Min He <min.he@intel.com>
Signed-off-by: Li, Fei1 <fei1.li@intel.com>
ECS.bit31 is not used and always return 0 in SDM Vol.2A 3-195. It's a
standard way to indicate whether there is a hypervisor.
Tracked-On: #2490
Ref: https://lwn.net/Articles/301888/
Signed-off-by: Xinyun Liu <xinyun.liu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
vcpu returned by get_primary_vcpu API is BSP vcpu of the VM. So
checking is_vcpu_bsp on vcpu is redundant.
Tracked-On: #2668
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
get_dmar_info API is called from multiple functions in vtd.c. This patch
calls get_dmar_info once during init and uses the cached info during
runtime.
Tracked-On: #2657
Signed-off-by: Sainath Grandhi <sainath.grandhi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
move 'init_iommu()' & 'ptdev_init()' before starting
all secondary cores to avoid access uninitialized resource
in partition mode.
Tracked-On: #1842
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Both sharing mode and parittioin mode code can use the pci_find_vdev_by_pbdf
and pci_find_vdev_by_vbdf functions defined in vdev.c instead,
and remove the corresponding functions in other files.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Add vdev functions so they can be reused by both partition mode
and sharing mode code:
pci_find_vdev_by_vbdf: search for vdev by virtual bdf
pci_find_vdev_by_pbdf: search for vdev by physical bdf
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
core.c contains functions all related to pci vdev management, so it makes sense
to give it a more meaningful file name.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Sharing mode has its own static global variables to store
number of vdevs and vdev list, we already have the per vpci pci_vdev[]
in struct acrn_vpci, so use the vpci_vdev in acrn_vpci instead to unify
the vdev list management for both sharing mode and partition mode.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
pci_vdevs is vpci stuff so it would be better to make it managed by vpci rather than by vm.h,
both sharing mode and partition mode can use pci_vdevs[] to maintain its own
per vm vdev list.
Tracked-On: #2534
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
yuhong.tao@intel.com