Commit Graph

4705 Commits

Author SHA1 Message Date
Deb Taylor 7cef407da0 Doc: Fixed spelling error in the acrn_config_tool file.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-01-09 13:19:53 -05:00
Deb Taylor 02ce44ce52 Doc: Style and grammar edits to GSG for ACRN Industry Scenario.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-01-09 11:51:40 -05:00
Deb Taylor e8512bf766 Doc: Grammar updates to ACRN Config Tool doc.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-01-09 10:39:19 -05:00
Victor Sun 545117731a doc: update some xml elements description
Signed-off-by: Victor Sun <victor.sun@intel.com>
2020-01-09 07:43:41 -05:00
Shuang Zheng 9e244b1bb2 doc: update getting start guide about clear linux version and ootb commands
Signed-off-by: Shuang Zheng <shuang.zheng@intel.com>
2020-01-09 07:29:19 -05:00
fangfang.shen 5f1fa3cf1b doc: change version info
Signed-off-by: fangfang.shen <fangfang.shen@intel.com>
2020-01-09 07:07:13 -05:00
Yonghua Huang 82b89fd04c hv: check the validity of 'pdev' in 'set_ptdev_intr_info'
This patch checks the validity of 'vdev->pdev' to
 ensure physical device is linked to 'vdev'.
 this check is to avoid some potential hypervisor
 crash when destroying VM with crafted input.

Tracked-On: #4336
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Fei Li <fei1.li@intel.com>
2020-01-09 16:04:47 +08:00
fuzhongl fe03d8700d Doc: releasenotes_1.5 update
adding this information to releasenotes:
Update to use ACRNGT GOP to install Windows

Signed-off-by: fuzhongl <fuzhong.liu@intel.com>
2020-01-08 20:33:53 -05:00
Deb Taylor e91ecaa7e0 Doc: Grammar update to arcn_ootd.rst.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-01-08 20:30:41 -05:00
fuzhongl 88644ab708 Doc: document update base on release_v1.5
Signed-off-by: fuzhongl <fuzhong.liu@intel.com>
2020-01-08 18:39:23 -05:00
Mingqiang Chi 5267a9775c dm:replace perror with pr_err
use acrn-dm logger function instread of perror,
this helps the stability testing log capture.

Tracked-On: #4098
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
2020-01-08 13:37:57 +08:00
Yonghua Huang 0e47f0a8f9 hv: fix potential NULL pointer reference in hc_assgin_ptdev
this patch validates input 'vdev->pdev' before
 reference to avoid potenial hypervisor crash.

[v2] update:
 Combine condition check for 'vdev' and 'vdev->pdev'

Tracked-On: #4334
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Fei Li <fei1.li@intel.com>
2020-01-08 11:54:49 +08:00
Yonghua Huang ddebefb9b4 hv: remove depreciated code for hc_assign/deassign_ptdev
'param' is BDF value instead of GPA when VHM driver
  issues below 2 hypercalls:
   - HC_ASSIGN_PTEDEV
   - HC_DEASSIGN_PTDEV
 This patch is to remove related code in hc_assign/deassign()
 functions.

Tracked-On: #4334
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Reviewed-by: Fei Li <fei1.li@intel.com>
2020-01-08 11:54:49 +08:00
Deb Taylor 96aba9bd45 Doc: Grammatical edits to RN 1.5.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2020-01-07 22:12:38 -05:00
fuzhongl 9b454dc406 Doc: releasenotes_1.5
Signed-off-by: fuzhongl <fuzhong.liu@intel.com>
2020-01-07 20:36:21 -05:00
Li Fei1 65ed6c3529 hv: vpci: trap PCIe ECAM access for SOS
SOS will use PCIe ECAM access PCIe external configuration space. HV should trap this
access for security(Now pre-launched VM doesn't want to support PCI ECAM; post-launched
VM trap PCIe ECAM access in DM).
Besides, update PCIe MMCONFIG region to be owned by hypervisor and expose and pass through
platform hide PCI devices by BIOS to SOS.

Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2020-01-07 16:05:30 +08:00
Li Fei1 1e50ec8899 hv: pci: use ECAM to access PCIe Configuration Space
Use Enhanced Configuration Access Mechanism (MMIO) instead of PCI-compatible
Configuration Mechanism (IO port) to access  PCIe Configuration Space
PCI-compatible Configuration Mechanism (IO port) access is used for UART in
debug version.

Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2020-01-07 16:05:30 +08:00
Wei Liu 57a362061f acrn-config: set up whitelist for board containing hide pci device
Currently, config tool will maintain a whitelist for the board which
need to hide some pci devices. For the board out of whitelist, we set
MAX_HIDE_PDEVS_NUM to 0.

Tracked-On: #3475
Signed-off-by: Wei Liu <weix.w.liu@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
2020-01-07 16:05:30 +08:00
Li Fei1 65f3751ea3 hv: pci: add hide pci devices configuration for apl-up2
Other Platforms are not added for now.

Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2020-01-07 16:05:30 +08:00
Shuo A Liu 3239cb0e1c hv: Use HLT as the default idle action of service OS
This patch overwrites the idle driver of service OS for industry, sdc,
sdc2 scenarios. HLT will be used as the default idle action.

Tracked-On: #4329
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-07 11:23:32 +08:00
Shuo A Liu 4303ccb1a0 hv: HLT emulation in hypervisor
HLT emulation is import to CPU resource maximum utilization. vcpu
doing HLT means it is idle and can give up CPU proactively. Thus, we
pause the vcpu thread in HLT emulation and resume it while event happens.

When vcpu enter HLT, its vcpu thread will sleep, but the vcpu state is
still 'Running'.

VM ID    PCPU ID    VCPU ID    VCPU ROLE    VCPU STATE
=====    =======    =======    =========    ==========
  0         0          0       PRIMARY      Running
  0         1          1       SECONDARY    Running

Tracked-On: #4329
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-07 11:23:32 +08:00
Shuo A Liu a8f6bdd479 hv: Add vlapic_has_pending_intr of apicv to check pending interrupts
Sometimes HV wants to know if there are pending interrupts of one vcpu.
Add .has_pending_intr interface in acrn_apicv_ops and return the pending
interrupts status by check IRRs of apicv.

Tracked-On: #4329
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-07 11:23:32 +08:00
Shuo A Liu e3c303363b hv: vcpu: wait and signal vcpu event support
Introduce two kinds of events for each vcpu,
  VCPU_EVENT_IOREQ: for vcpu waiting for IO request completion
  VCPU_EVENT_VIRTUAL_INTERRUPT: for vcpu waiting for virtual interrupts events
vcpu can wait for such events, and resume to run when the
event get signalled.

This patch also change IO request waiting/notifying to this way.

Tracked-On: #4329
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-07 11:23:32 +08:00
Shuo A Liu 1f23fe3fd8 hv: sched: simple event implemention
This simple event implemention can only support exclusive waiting
at same time. It mainly used by thread who want to wait for special event
happens.
  Thread A who want to wait for some events calls
	wait_event(struct sched_event *);

  Thread B who can give the event signal calls
	signal_event(struct sched_event *);

Tracked-On: #4329
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-07 11:23:32 +08:00
Shuo A Liu 4115dd6241 hv: PAUSE-loop exiting support in hypervisor
As we enabled cpu sharing, PAUSE-loop exiting can help vcpu
to release its pcpu proactively. It's good for performance.

VMX_PLE_GAP: upper bound on the amount of time between two successive
executions of PAUSE in a loop.
VMX_PLE_WINDOW: upper bound on the amount of time a guest is allowed to
execute in a PAUSE loop

Tracked-On: #4329
Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-07 11:23:32 +08:00
Victor Sun bfecf30f32 HV: do not offline pcpu when lapic pt disabled
In current code, wait_pcpus_offline() and make_pcpu_offline() are called by
both shutdown_vm() and reset_vm(), but this is not needed when lapic_pt is
not enabled for the vcpus of the VM.

The patch merged offline pcpus part code into a common
offline_lapic_pt_enabled_pcpus() api for shutdown_vm() and reset_vm() use and
called only when lapic_pt is enabled.

Tracked-On: #4325

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-06 15:35:08 +08:00
Geoffroy Van Cutsem c59f12da91 doc: fix wrong Docker container image in tutorial
Fix the name of the Docker Container image that is used to build the kernel
for an RTVM (Preempt-RT kernel) when that image was built by the user
him/herself.

Tracked-On: #4322
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
2020-01-05 06:08:42 -05:00
Binbin Wu 41a998fca3 hv: cr: handle control registers related to PCID
1. This patch passes-through CR4.PCIDE to guest VM.

2. This patch handles the invlidation of TLB and the paging-structure caches.
   According to SDM Vol.3 4.10.4.1, the following instructions invalidate
   entries in the TLBs and the paging-structure caches:
   - INVLPG: this instruction is passed-through to guest, no extra handling needed.
   - INVPCID: this instruction is passed-trhough to guest, no extra handling needed.
   - CR0.PG from 1 to 0: already handled by current code, change of CR0.PG will do
     EPT flush.
   - MOV to CR3: hypervisor doesn't trap this instrcution, no extra handling needed.
   - CR4.PGE changed: already handled by current code, change of CR4.PGE will no EPT
     flush.
   - CR4.PCIDE from 1 to 0: this patch handles this case, will do EPT flush.
   - CR4.PAE changed: already handled by current code, change of CR4.PAE will do EPT
     flush.
   - CR4.SEMP from 1 to 0, already handled by current code, change of CR4.SEMP will
     do EPT flush.
   - Task switch: Task switch is not supported in VMX non-root mode.
   - VMX transitions: already handled by current code with the support of VPID.

3. This patch checks the validatiy of CR0, CR4 related to PCID feature.
   According to SDM Vol.3 4.10.1, CR.PCIDE can be 1 only in IA-32e mode.
   - MOV to CR4 causes a general-protection exception (#GP) if it would change CR4.PCIDE
     from 0 to 1 and either IA32_EFER.LMA = 0 or CR3[11:0] ≠ 000H
   - MOV to CR0 causes a general-protection exception if it would clear CR0.PG to 0
     while CR4.PCIDE = 1

Tracked-On: #4296
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-02 10:47:34 +08:00
Binbin Wu 4ae350a091 hv: vmcs: pass-through instruction INVPCID to VM
According to SDM Vol.3 Section 25.3, behavior of the INVPCID
instruction is determined first by the setting of the “enable
INVPCID” VM-execution control:
- If the “enable INVPCID” VM-execution control is 0, INVPCID
  causes an invalid-opcode   exception (#UD).
- If the “enable INVPCID” VM-execution control is 1, treatment
  is based on the setting of the “INVLPG exiting” VM-execution
  control:
  * If the “INVLPG exiting” VM-execution control is 0, INVPCID
    operates normally.
  * If the “INVLPG exiting” VM-execution control is 1, INVPCID
    causes a VM exit.

In current implementation, hypervisor doesn't set “INVLPG exiting”
VM-execution control, this patch sets “enable INVPCID” VM-execution
control to 1 when the instruction is supported by physical cpu.
If INVPCID is supported by physical cpu, INVPCID will not cause VM
exit in VM.
If INVPCID is not supported by physical cpu, INVPCID causes an #UD
in VM.
When INVPCID is passed-through to VM, According to SDM Vol.3 28.3.3.1,
INVPCID instruction invalidates linear mappings and combined mappings.
They are required to do so only for the current VPID.
HV assigned a unique vpid for each vCPU, if guest uses wrong PCID,
it would not affect other vCPUs.

Tracked-On: #4296
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-02 10:47:34 +08:00
Binbin Wu d330879ce5 hv: cpuid: expose PCID related capabilities to VMs
Pass-through PCID related capabilities to VMs:
- The support of PCID (CPUID.01H.ECX[17])
- The support of instruction INVPCID (CPUID.07H.EBX[10])

Tracked-On: #4296
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-02 10:47:34 +08:00
Binbin Wu 96331462b7 hv: vmcs: remove redundant check on vpid
ACRN relies on the capability of VPID to avoid EPT flushes during VMX transitions.
This capability is checked as a must have hardware capability, otherwise, ACRN will
refuse to boot.
Also, the current code has already made sure each vpid for a virtual cpu is valid.

So, no need to check the validity of vpid for vcpu and enable VPID for vCPU by default.

Tracked-On: #4296
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2020-01-02 10:47:34 +08:00
Zide Chen 5f2c303a7e acrn-config: dump CPU info from /sys/devices/system/cpu/possible
/proc/cpuinfo represents online CPUs only, and the number of CPUs is
limited by the 'maxcpus' option.

/sys/devices/system/cpu/possible is a better option for our purpose
since it represents the possible CPUs that can ever be available in the
system, including the offline CPUs. And it's not limited by 'maxcpus'.

Though the Linux command line parameter nr_cpus and possible_cpus still
have impact on /sys/devices/system/cpu/possible.

Tracked-On: #3854
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Victor Sun <victor.sun@intel.com>
2019-12-31 08:47:08 +08:00
Deb Taylor 5d1a08fc88 Doc: Added missing period in run_kata_containers file.
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2019-12-30 15:14:59 -05:00
lirui34 9071349a19 doc: Update some of the wrong path in acrn configuration tool doc.
Signed-off-by: lirui34 <ruix.li@intel.com>
2019-12-30 14:35:46 -05:00
Geoffroy Van Cutsem e25a2bf80c doc: add more details to the Kata Containers with ACRN tutorial
* Add more details about Kata Containers and ACRN in the introduction
* Adjust and correct some of the instructions

Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
2019-12-30 14:33:45 -05:00
Li Fei1 933e2178d0 dm: pci: reset passthrough device by default
Do reset for passthrough PCI device by default when assigning it to post-launched
VM:
1. modify opt "reset" to "no_reset" -- could enable no_reset for debug only
2. remove "ptdev_no_reset" opt. It could be replaced by setting "no_reset" for
each passthrough device.

Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
2019-12-30 13:43:07 +08:00
Li Fei1 21b405d109 hv: vpci: an assign PT device should support FLR or PM reset
Before we assign a PT device to post-launched VM, we should reset the PCI device
first. However, ACRN hypervisor doesn't plan to support PCIe hot-plug and doesn't
support PCIe bridge Secondary Bus Reset. So the PT device must support FLR or PM
reset. This patch do this check when assigning a PT device to post-launched VM.

Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2019-12-30 13:43:07 +08:00
Li Fei1 e74a9f397d hv: pci: add PCIe PM reset check
Add PCIe PM reset capability check.

Tracked-On: #3465
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2019-12-30 13:43:07 +08:00
Li Fei1 26670d7ab3 hv: vpci: revert do FLR and BAR restore
Since we restore BAR values when writing Command Register if necessary. We don't
need to trap FLR and do the BAR restore then.

Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2019-12-30 13:43:07 +08:00
Li Fei1 6c549d48a8 hv: vpci: restore physical BARs when writing Command Register if necessary
When PCIe does Conventinal Reset or FLR, almost PCIe configurations and states will
lost. So we should save the configurations and states before do the reset and restore
them after the reset. This was done well by BIOS or Guest now. However, ACRN will trap
these access and handle them properly for security. Almost of these configurations and
states will be written to physical configuration space at last except for BAR values
for now. So we should do the restore for BAR values. One way is to do restore after
one type reset is detected. This will be too complex. Another way is to do the restore
when BIOS or guest tries to write the Command Register. This could work because:
1. The I/O Space Enable bit and Memory Space Enable bits in Command Register will reset
to zero.
2. Before BIOS or guest wants to enable these bits, the BAR couldn't be accessed.
3. So we could restore the BAR values before enable these bits if reset is detected.

Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
2019-12-30 13:43:07 +08:00
Zide Chen 742abaf2e6 hv: add sanity check for vuart configuration
- target vm_id of vuart can't be un-defined VM, nor the VM itself.
- fix potential NULL pointer dereference in find_active_target_vuart()

Tracked-On: #3854
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2019-12-30 09:24:59 +08:00
Victor Sun c6f7803f06 HV: restore lapic state and apic id upon INIT
Per SDM 10.12.5.1 vol.3, local APIC should keep LAPIC state after receiving
INIT. The local APIC ID register should also be preserved.

Tracked-On: #4267

Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2019-12-27 12:27:08 +08:00
Victor Sun ab13228591 HV: ensure valid vcpu state transition
The vcpu state machine transition should follow below rule:

old vcpu state                              new vcpu state
==============                              ==============
VCPU_OFFLINE         --- create_vcpu -->    VCPU_INIT
VCPU_INIT            --- launch_vcpu -->    VCPU_RUNNING
VCPU_RUNNING         ---  pause_vcpu -->    VCPU_PAUSED
VCPU_PAUSED          --- resume_vcpu -->    VCPU_RUNNING
VCPU_RUNNING/PAUSED  ---  pause_vcpu -->    VCPU_ZOMBIE
VCPU_INIT            ---  pause_vcpu -->    VCPU_ZOMBIE
VCPU_ZOMBIE          ---  reset_vcpu -->    VCPU_INIT
VCPU_ZOMBIE          --- offline_vcpu-->    VCPU_OFFLINE

Tracked-On: #4267

Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2019-12-27 12:27:08 +08:00
Victor Sun a5158e2c16 HV: refine reset_vcpu api
The patch abstract a vcpu_reset_internal() api for internal usage, the
function would not touch any vcpu state transition and just do vcpu reset
processing. It will be called by create_vcpu() and reset_vcpu().

The reset_vcpu() will act as a public api and should be called
only when vcpu receive INIT or vm reset/resume from S3. It should not be
called when do shutdown_vm() or hcall_sos_offline_cpu(), so the patch remove
reset_vcpu() in shutdown_vm() and hcall_sos_offline_cpu().

The patch also introduced reset_mode enum so that vcpu and vlapic could do
different context operation according to different reset mode;

Tracked-On: #4267

Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2019-12-27 12:27:08 +08:00
Victor Sun d1a46b8289 HV: rename function of vlapic_xxx_write_handler
Rename vlapic_xxx_write_handler() to vlapic_write_xxx() to make code more
readable;

Tracked-On: #4268

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2019-12-27 12:27:08 +08:00
Victor Sun 9ecac8629a HV: clean up redundant macro in lapic.h
Some MACROs in lapic.h are duplicated with apicreg.h, and some MACROs are
never referenced, remove them.

Tracked-On: #4268

Signed-off-by: Victor Sun <victor.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2019-12-27 12:27:08 +08:00
Victor Sun 46ed0b1582 HV: correct apic lvt reset value
Per SDM 10.4.7.1 vol3, the LVT register should be reset to 0s except for the
mask bits are set to 1s.

In current code, the lvt_last[] has been set to correct value(i.e. 0x10000) in
vlapic_reset() before enforce setting vlapic->lvt_last[i] to 0U, add the loop
that set vlapic->lvt_last[i] to 0 would lead to get zero when read LVT regs
after reset, which is incompiant with SDM;

Tracked-On: #4266
Signed-off-by: Victor Sun <victor.sun@intel.com>
Reviewed-by: Fei Li <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2019-12-27 12:27:08 +08:00
Deb Taylor d4bf019ddd Doc: Added Whiskey Lake specs to hardware ref page
Signed-off-by: Deb Taylor <deb.taylor@intel.com>
2019-12-26 09:22:09 -05:00
wenlingz 8a8438dffa remove no support OS parts and add whl build
Signed-off-by: wenlingz <wenling.zhang@intel.com>
2019-12-26 09:21:04 -05:00
Li Fei1 58b3a05863 hv: vpci: rename pci_bar to pci_vbar
Structure pci_vbar is used to define the virtual BAR rather than physical BAR.
It's better to name as pci_vbar.

Tracked-On: #3475
Signed-off-by: Li Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
2019-12-26 08:54:23 +08:00