hv: mmu: replace dynamic memory allocation in memory

Replace dynamic memory allocation in memory management with static memory allocation.
Since the static memory allocation can guarantee the allocation never failed, so
split_large_page and construct_pgentry don't need to return a errno any more.
Besides, the destroy_ept don't need to free page any more. Instead, it would memset
the eptp to 0 to make sure we can't walk this paging table again.

Tracked-On: #861
Signed-off-by: Li, Fei1 <fei1.li@intel.com>

Author: lifeix

hypervisor/arch/x86/Kconfig

@@ -222,7 +222,7 @@ config HV_RAM_START
 
 config HV_RAM_SIZE
 	hex "Size of the RAM region used by the hypervisor"
-	default 0x04000000
+	default 0x06000000
 	help
 	  A 64-bit integer indicating the size of RAM used by the hypervisor.
 	  It is ensured at link time that the footprint of the hypervisor

hypervisor/arch/x86/ept.c

@@ -10,55 +10,18 @@
 
 #define ACRN_DBG_EPT	6U
 
-/**
- * @pre pml4_addr != NULL
- */
-void free_ept_mem(uint64_t *pml4_page)
+void destroy_ept(struct vm *vm)
 {
-	uint64_t *pdpt_page, *pd_page, *pt_page;
-	uint64_t *pml4e, *pdpte, *pde;
-	uint64_t pml4e_idx, pdpte_idx, pde_idx;
-
-	for (pml4e_idx = 0U; pml4e_idx < PTRS_PER_PML4E; pml4e_idx++) {
-		pml4e = pml4_page + pml4e_idx;
-		if (pgentry_present(PTT_EPT, *pml4e) == 0UL) {
-			continue;
-		}
-		pdpt_page = pml4e_page_vaddr(*pml4e);
-
-		for (pdpte_idx = 0U; pdpte_idx < PTRS_PER_PDPTE; pdpte_idx++) {
-			pdpte = pdpt_page + pdpte_idx;
-			if ((pgentry_present(PTT_EPT, *pdpte) == 0UL) ||
-					pdpte_large(*pdpte) != 0UL) {
-				continue;
-			}
-			pd_page = pdpte_page_vaddr(*pdpte);
-
-			for (pde_idx = 0U; pde_idx < PTRS_PER_PDE; pde_idx++) {
-				pde = pd_page + pde_idx;
-				if ((pgentry_present(PTT_EPT, *pde) == 0UL) ||
-						pde_large(*pde) != 0UL) {
-					continue;
-				}
-				pt_page = pde_page_vaddr(*pde);
-
-				/* Free page table entry table */
-				free_paging_struct((void *)pt_page);
-			}
-			/* Free page directory entry table */
-			free_paging_struct((void *)pd_page);
-		}
-		free_paging_struct((void *)pdpt_page);
+	/* Destroy secure world */
+	if (vm->sworld_control.flag.active != 0UL) {
+		destroy_secure_world(vm, true);
 	}
-	free_paging_struct((void *)pml4_page);
-}
 
-void destroy_ept(struct vm *vm)
-{
 	if (vm->arch_vm.nworld_eptp != NULL) {
-		free_ept_mem((uint64_t *)vm->arch_vm.nworld_eptp);
+		(void)memset(vm->arch_vm.nworld_eptp, 0U, CPU_PAGE_SIZE);
 	}
 }
+
 /* using return value INVALID_HPA as error code */
 uint64_t local_gpa2hpa(struct vm *vm, uint64_t gpa, uint32_t *size)
 {
@@ -73,7 +36,7 @@ uint64_t local_gpa2hpa(struct vm *vm, uint64_t gpa, uint32_t *size)
 		eptp = vm->arch_vm.nworld_eptp;
 	}
 
-	pgentry = lookup_address((uint64_t *)eptp, gpa, &pg_size, PTT_EPT);
+	pgentry = lookup_address((uint64_t *)eptp, gpa, &pg_size, &vm->arch_vm.ept_mem_ops);
 	if (pgentry != NULL) {
 		hpa = ((*pgentry & (~(pg_size - 1UL)))
 				| (gpa & (pg_size - 1UL)));
@@ -222,9 +185,8 @@ void ept_mr_add(struct vm *vm, uint64_t *pml4_page,
 	struct vcpu *vcpu;
 	uint64_t prot = prot_orig;
 
-	dev_dbg(ACRN_DBG_EPT, "%s, vm[%d] hpa: 0x%016llx gpa: 0x%016llx ",
-			__func__, vm->vm_id, hpa, gpa);
-	dev_dbg(ACRN_DBG_EPT, "size: 0x%016llx prot: 0x%016x\n", size, prot);
+	dev_dbg(ACRN_DBG_EPT, "%s, vm[%d] hpa: 0x%016llx gpa: 0x%016llx size: 0x%016llx prot: 0x%016x\n",
+			__func__, vm->vm_id, hpa, gpa, size, prot);
 
 	/* EPT & VT-d share the same page tables, set SNP bit
 	 * to force snooping of PCIe devices if the page
@@ -234,7 +196,7 @@ void ept_mr_add(struct vm *vm, uint64_t *pml4_page,
 		prot |= EPT_SNOOP_CTRL;
 	}
 
-	mmu_add(pml4_page, hpa, gpa, size, prot, PTT_EPT);
+	mmu_add(pml4_page, hpa, gpa, size, prot, &vm->arch_vm.ept_mem_ops);
 
 	foreach_vcpu(i, vm, vcpu) {
 		vcpu_make_request(vcpu, ACRN_REQUEST_EPT_FLUSH);
@@ -248,8 +210,9 @@ void ept_mr_modify(struct vm *vm, uint64_t *pml4_page,
 	struct vcpu *vcpu;
 	uint16_t i;
 
-	mmu_modify_or_del(pml4_page, gpa, size,
-			prot_set, prot_clr, PTT_EPT, MR_MODIFY);
+	dev_dbg(ACRN_DBG_EPT, "%s,vm[%d] gpa 0x%llx size 0x%llx\n", __func__, vm->vm_id, gpa, size);
+
+	mmu_modify_or_del(pml4_page, gpa, size, prot_set, prot_clr, &vm->arch_vm.ept_mem_ops, MR_MODIFY);
 
 	foreach_vcpu(i, vm, vcpu) {
 		vcpu_make_request(vcpu, ACRN_REQUEST_EPT_FLUSH);
@@ -258,17 +221,14 @@ void ept_mr_modify(struct vm *vm, uint64_t *pml4_page,
 /**
  * @pre [gpa,gpa+size) has been mapped into host physical memory region
  */
-void ept_mr_del(struct vm *vm, uint64_t *pml4_page,
-		uint64_t gpa, uint64_t size)
+void ept_mr_del(struct vm *vm, uint64_t *pml4_page, uint64_t gpa, uint64_t size)
 {
 	struct vcpu *vcpu;
 	uint16_t i;
 
-	dev_dbg(ACRN_DBG_EPT, "%s,vm[%d] gpa 0x%llx size 0x%llx\n",
-			__func__, vm->vm_id, gpa, size);
+	dev_dbg(ACRN_DBG_EPT, "%s,vm[%d] gpa 0x%llx size 0x%llx\n", __func__, vm->vm_id, gpa, size);
 
-	mmu_modify_or_del(pml4_page, gpa, size,
-			0UL, 0UL, PTT_EPT, MR_DEL);
+	mmu_modify_or_del(pml4_page, gpa, size, 0UL, 0UL, &vm->arch_vm.ept_mem_ops, MR_DEL);
 
 	foreach_vcpu(i, vm, vcpu) {
 		vcpu_make_request(vcpu, ACRN_REQUEST_EPT_FLUSH);

hypervisor/arch/x86/guest/guest.c

@@ -619,6 +619,10 @@ int prepare_vm0_memmap_and_e820(struct vm *vm)
 		"vm0: bottom memory - 0x%llx, top memory - 0x%llx\n",
 		e820_mem.mem_bottom, e820_mem.mem_top);
 
+	if (e820_mem.mem_top > EPT_ADDRESS_SPACE(CONFIG_SOS_RAM_SIZE)) {
+		panic("Please configure VM0_ADDRESS_SPACE correctly!\n");
+	}
+
 	/* create real ept map for all ranges with UC */
 	ept_mr_add(vm, pml4_page,
 			e820_mem.mem_bottom, e820_mem.mem_bottom,

hypervisor/arch/x86/guest/vm.c

@@ -87,12 +87,8 @@ int create_vm(struct vm_description *vm_desc, struct vm **rtn_vm)
 	/* gpa_lowtop are used for system start up */
 	vm->hw.gpa_lowtop = 0UL;
 
-	vm->arch_vm.nworld_eptp = alloc_paging_struct();
-	if (vm->arch_vm.nworld_eptp == NULL) {
-		pr_fatal("%s, alloc memory for EPTP failed\n", __func__);
-		status = -ENOMEM;
-		goto err;
-	}
+	init_ept_mem_ops(vm);
+	vm->arch_vm.nworld_eptp = vm->arch_vm.ept_mem_ops.get_pml4_page(vm->arch_vm.ept_mem_ops.info, 0UL);
 	sanitize_pte((uint64_t *)vm->arch_vm.nworld_eptp);
 
 	/* Only for SOS: Configure VM software information */
@@ -180,7 +176,7 @@ int create_vm(struct vm_description *vm_desc, struct vm **rtn_vm)
 	vioapic_cleanup(vm_ioapic(vm));
 
 	if (vm->arch_vm.nworld_eptp != NULL) {
-		free(vm->arch_vm.nworld_eptp);
+		(void)memset(vm->arch_vm.nworld_eptp, 0U, CPU_PAGE_SIZE);
 	}
 
 	return status;
@@ -212,10 +208,6 @@ int shutdown_vm(struct vm *vm)
 	/* cleanup vioapic */
 	vioapic_cleanup(vm_ioapic(vm));
 
-	/* Destroy secure world */
-	if (vm->sworld_control.flag.active != 0UL) {
-		destroy_secure_world(vm, true);
-	}
 	/* Free EPT allocated resources assigned to VM */
 	destroy_ept(vm);
 

hypervisor/arch/x86/mmu.c

@@ -238,39 +238,57 @@ void init_paging(void)
 	struct e820_entry *entry;
 	uint64_t hv_hpa;
 	uint32_t i;
+	uint64_t low32_max_ram = 0UL;
+	uint64_t high64_max_ram;
 	uint64_t attr_uc = (PAGE_TABLE | PAGE_CACHE_UC);
 
 	pr_dbg("HV MMU Initialization");
 
 	/* Allocate memory for Hypervisor PML4 table */
-	mmu_pml4_addr = alloc_paging_struct();
+	mmu_pml4_addr = ppt_mem_ops.get_pml4_page(ppt_mem_ops.info, 0UL);
 
 	init_e820();
 	obtain_e820_mem_info();
 
+	/* align to 2MB */
+	high64_max_ram = (e820_mem.mem_top + PDE_SIZE - 1UL) & PDE_MASK;
+
+	if (high64_max_ram > (CONFIG_PLATFORM_RAM_SIZE + PLATFORM_LO_MMIO_SIZE) ||
+			high64_max_ram < (1UL << 32U)) {
+		panic("Please configure HV_ADDRESS_SPACE correctly!\n");
+	}
+
 	/* Map all memory regions to UC attribute */
-	mmu_add((uint64_t *)mmu_pml4_addr, e820_mem.mem_bottom,
-		e820_mem.mem_bottom, e820_mem.mem_top - e820_mem.mem_bottom,
-		attr_uc, PTT_PRIMARY);
+	mmu_add((uint64_t *)mmu_pml4_addr, e820_mem.mem_bottom, e820_mem.mem_bottom,
+		high64_max_ram - e820_mem.mem_bottom, attr_uc, &ppt_mem_ops);
 
 	/* Modify WB attribute for E820_TYPE_RAM */
 	for (i = 0U; i < e820_entries; i++) {
 		entry = &e820[i];
 		if (entry->type == E820_TYPE_RAM) {
-			mmu_modify_or_del((uint64_t *)mmu_pml4_addr,
-					entry->baseaddr, entry->length,
-					PAGE_CACHE_WB, PAGE_CACHE_MASK,
-					PTT_PRIMARY, MR_MODIFY);
+			if (entry->baseaddr < (1UL << 32U)) {
+				uint64_t end = entry->baseaddr + entry->length;
+				if (end < (1UL << 32U) && (end > low32_max_ram)) {
+					low32_max_ram = end;
+				}
+			}
 		}
 	}
 
+	mmu_modify_or_del((uint64_t *)mmu_pml4_addr, 0UL, (low32_max_ram + PDE_SIZE - 1UL) & PDE_MASK,
+			PAGE_CACHE_WB, PAGE_CACHE_MASK, &ppt_mem_ops, MR_MODIFY);
+
+	mmu_modify_or_del((uint64_t *)mmu_pml4_addr, (1UL << 32U), high64_max_ram - (1UL << 32U),
+			PAGE_CACHE_WB, PAGE_CACHE_MASK, &ppt_mem_ops, MR_MODIFY);
+
 	/* set the paging-structure entries' U/S flag
 	 * to supervisor-mode for hypervisor owned memroy.
 	 */
 	hv_hpa = get_hv_image_base();
-	mmu_modify_or_del((uint64_t *)mmu_pml4_addr, hv_hpa, CONFIG_HV_RAM_SIZE,
+	mmu_modify_or_del((uint64_t *)mmu_pml4_addr, hv_hpa & PDE_MASK,
+		CONFIG_HV_RAM_SIZE + ((hv_hpa & (PDE_SIZE - 1UL)) != 0UL) ? PDE_SIZE : 0UL,
 			PAGE_CACHE_WB, PAGE_CACHE_MASK | PAGE_USER,
-			PTT_PRIMARY, MR_MODIFY);
+			&ppt_mem_ops, MR_MODIFY);
 
 	/* Enable paging */
 	enable_paging(hva2hpa(mmu_pml4_addr));

hypervisor/arch/x86/page.c

@@ -5,11 +5,6 @@
  */
 #include <hypervisor.h>
 
-#define PML4_PAGE_NUM(size)	1UL
-#define PDPT_PAGE_NUM(size)	(((size) + PML4E_SIZE - 1UL) >> PML4E_SHIFT)
-#define PD_PAGE_NUM(size)	(((size) + PDPTE_SIZE - 1UL) >> PDPTE_SHIFT)
-#define PT_PAGE_NUM(size)	(((size) + PDE_SIZE - 1UL) >> PDE_SHIFT)
-
 #define DEFINE_PGTABLE_PAGE(prefix, lvl, LVL, size)	\
 		static struct page prefix ## lvl ## _pages[LVL ## _PAGE_NUM(size)]
 
@@ -66,8 +61,6 @@ const struct memory_ops ppt_mem_ops = {
 	.get_pd_page = ppt_get_pd_page,
 };
 
-/* The size of the guest physical address space, covered by the EPT page table of a VM */
-#define EPT_ADDRESS_SPACE(size)	((size != 0UL) ? (size + PLATFORM_LO_MMIO_SIZE) : 0UL)
 DEFINE_PGTABLE_PAGE(vm0_, pml4, PML4, EPT_ADDRESS_SPACE(CONFIG_SOS_RAM_SIZE));
 DEFINE_PGTABLE_PAGE(vm0_, pdpt, PDPT, EPT_ADDRESS_SPACE(CONFIG_SOS_RAM_SIZE));
 DEFINE_PGTABLE_PAGE(vm0_, pd, PD, EPT_ADDRESS_SPACE(CONFIG_SOS_RAM_SIZE));
@@ -79,13 +72,6 @@ static struct page uos_nworld_pdpt_pages[CONFIG_MAX_VM_NUM - 1U][PDPT_PAGE_NUM(E
 static struct page uos_nworld_pd_pages[CONFIG_MAX_VM_NUM - 1U][PD_PAGE_NUM(EPT_ADDRESS_SPACE(CONFIG_UOS_RAM_SIZE))];
 static struct page uos_nworld_pt_pages[CONFIG_MAX_VM_NUM - 1U][PT_PAGE_NUM(EPT_ADDRESS_SPACE(CONFIG_UOS_RAM_SIZE))];
 
-#define TRUSTY_PML4_PAGE_NUM(size)	(1UL)
-#define TRUSTY_PDPT_PAGE_NUM(size)	(1UL)
-#define TRUSTY_PD_PAGE_NUM(size)	(PD_PAGE_NUM(size))
-#define TRUSTY_PT_PAGE_NUM(size)	(PT_PAGE_NUM(size))
-#define TRUSTY_PGTABLE_PAGE_NUM(size)	\
-(TRUSTY_PML4_PAGE_NUM(size) + TRUSTY_PDPT_PAGE_NUM(size) + TRUSTY_PD_PAGE_NUM(size) + TRUSTY_PT_PAGE_NUM(size))
-
 static struct page uos_sworld_pgtable_pages[CONFIG_MAX_VM_NUM - 1U][TRUSTY_PGTABLE_PAGE_NUM(TRUSTY_RAM_SIZE)];
 
 /* ept: extended page table*/