The anchors are called #interface-*, not #module-*. Not sure which one
changed from the generated version, but since we are maintaining the
result manually, apply the fix to the links directly.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
strncpy was generating unaligned writes if the str length was not
alligned. Because the source memory passed into the function's length
isn't known, we copy via an alligned stack buffer to avoid an unaligned
write to uncached memory.
Signed-off-by: Kent McLeod <kent@kry10.com>
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
PAGE_SIZE_4K is a constant declared by one of our libraries, while
PAGE_SIZE was previously provided by an older fork of the C library.
Signed-off-by: Kent McLeod <kent@kry10.com>
Currently, if the map_iterator function fails to find a frame for a
given address, then it breaks from the loop, but it does not return an
error and marks the reservation as mapped. Since it skipped some number
of reservations, that is not true and an error should be returned
instead.
Signed-off-by: Robbie VanVossen <robert.vanvossen@dornerworks.com>
seL4_ARM_VCPU objects now allow single core configurations to access the
VMPIDR register, thus this config guard is no longer needed.
Signed-off-by: Kent McLeod <kent@kry10.com>
Real-time Linux kernels often don't work when using the PIT. This commit
adds support for emulating the HPET by adding an HPET entry to the ACPI
tables.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
This commit fixes the page table walk when using 4-level mappings. Linux
can use 64-bit memory to store tables, and masking off the upper 32-bits
prevents the walk from functioning properly. Additionally, the physical
instruction calculation was using the incorrect logical address bits for
each level. Finally, the last PTE doesn't have the 7th bit flag a valid
page, we just check the first bit to ensure the entry is present, and
calculate the PTE address.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
This commit removes the newlines, as ZF_LOG adds a newline. It also
fixes a DPRINTF level holdover, which causes a data fault when logging
is enabled.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
The previous behavior would only attempt to map the vesa framebuffer and
set the screen info struct if the vbe protection mode interface was
successfully mapped in. This removes the dependency on the vbe protected
mode interface. It is not clear that it is needed as vesa framebuffer
passthrough works without it.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
This commit removes an e820 entry for 64-bit guests. This was a
reserved memory region from the end of guest memory to the beginning of
high memory. When 64-bit guests have access to 64-bit memory, this
subtraction would place a bogus region in the e820 map that could
confuse the guest.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
The compare function is used with qsort to sort the guest ram regions.
However, the compare function was returning an int, when the region
checked is a uintptr_t. Subtracting these values and returning an int
can cause undefined behavior. This commit fixes the compare function
such that the return is compatible with qsort.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
64-bit x86 VMs can have RAM in 64-bit memory, which cannot be used to
store the kernel and initrd images, as those must be in 32-bit memory.
This commit adds a check when 64-bit guests are enabled to ensure the
returned region is in 32-bit space.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
The offset is applied twice, which can prevent PCI passthrough from
functioning properly when the offset is not zero. This commit removes
the second offset addition.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
This required a new callback to be added to the vm_arch struct for
ARM. The old handle_smc function gets registered as the smc handler by
default. The callback allows a user to register a custom smc handler
instead.
This is especially useful to allow SMC forwarding in the user's custom
handler.
Signed-off-by: Robbie VanVossen <robert.vanvossen@dornerworks.com>
switch from CONFIG_ARCH_X86_64 to CONFIG_X86_64_VTX_64BIT_GUESTS to
allow 32 bit guests on 64 bit hosts.
Signed-off-by: Jingyao Zhou <jingyao.zhou@unsw.edu.au>
The convenience function is moved to util_libs/libfdt, with
naming and argument order changed to conform the style used
in libfdt.
Signed-off-by: Hannu Lyytinen <hannux@ssrc.tii.ae>
switch from CONFIG_ARCH_X86_64 to CONFIG_X86_64_VTX_64BIT_GUESTS to
allow 32 bit guests on 64 bit hosts; fix print format for seL4_Word;
misc improvement.
Signed-off-by: Jingyao Zhou <jingyao.zhou@unsw.edu.au>
Previously, the physical address of the ACPI tables were being
tracked. This caused a Linux error while parsing the ACPI tables. Since
Linux does not have access to those memory regions, they would appear
empty, causing an Invalid Table Length bug print. By tracking the
virtual address that Linux expects and placing the vaddr into the ACPI
tables, Linux can parse the tables properly.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
As the comment in the file explains, optimisation level -O3 on gcc 8.4
is too aggressive and causes issues for the guest VM. The problem isn't
limited to a single function or group of functions but rather the entire
file for some reason that requires extra investigation (but is not worth
the time to do so).
Signed-off-by: Damon Lee <Damon.Lee@data61.csiro.au>
This large commit combines a number of smaller commits in order to add
64-bit VM support to the VMM. The commits do the following:
* Load elfs of the same architecture size
* Support reading 64-bit vaddrs from elf files
* Create initial address space based on guest architecture
* Allow instruction decoding of 4-level paging scheme
* Do not exit VMX state based on CR3 load/store in 64-bit mode
* Use seL4_Word for vmcs and user context fields
* Handle additional general purpose registers
* Handle 64-bit MSRs
* Configure 64-bit guests to boot in long mode
* Let guest know about 64-bit hardware features in 64-bit mode
* Add FADT and DSDT tables
* Track guest state for additional 64-bit registers
* Add new function to print 64-bit guest context
* Properly emulate 64-bit trampoline code
* Define access rights macros for vmcs initialization
* Hardcode FADT table information
* Set an initial stack pointer before running guest
* Handle fetching cross-page instructions
* Add additional x86 instruction prefixes
CCDC-GVSC DISTRIBUTION A. Approved for public release; distribution
unlimited. OPSEC#4481.
Co-authored-by: Chris Guikema <chris.guikema@dornerworks.com>
Signed-off-by: Damon Lee <Damon.Lee@data61.csiro.au>
static_assert was standardized in C11 as a macro prior C23. While
_Static_assert was introduced to C11 standard too, it's been part of
GNU extensions and it is available for gnu99. Use compile_time_assert()
which handles this for us.
Fixes compilation errors when standard is set to versions prior C11.
Signed-off-by: Markku Ahvenjärvi <markkux@ssrc.tii.ae>
CAmkES selects the biggest possible page size supported by MMU and
generates frames with the same size. For example, on aarch64 dataports
equal to or larger than 2 MB were broken, as only the first 4 kB were
mapped to guest's vspace.
Also use vm_map_reservation_frames() to unclutter code here.
Signed-off-by: Hannu Lyytinen <hannux@ssrc.tii.ae>
- This is no pointer that can be dereferenced.
- uintptr_t is used in other places already, so casting can be avoided.
Signed-off-by: Axel Heider <axel.heider@hensoldt.net>
This commit adds three entries to the vm structure. The first is the
entry address of the loaded kernel. The second is a flag to determine
whether the cache should be cleaned when loading images to the guest's
address space. The third flag is whether the VM should map memory 1:1.
These flags are necessary to differentiate VMs in a multiple VM setup.
For example, if two VMs have kernels with different entry points, only
one VM would run, and the other would fault.
Signed-off-by: Chris Guikema <chris.guikema@dornerworks.com>
make emul_con_rx_complete deal with ring buffers to avoid an extra
copy of the buffer from the virtio console backend to the virtio console
emul layer.
Signed-off-by: Jingyao Zhou <jingyao.zhou@unsw.edu.au>
June Andronick