Lines Matching +full:ipa +full:- +full:clock +full:- +full:enabled +full:- +full:valid
1 .. SPDX-License-Identifier: GPL-2.0
4 The Definitive KVM (Kernel-based Virtual Machine) API Documentation
13 - System ioctls: These query and set global attributes which affect the
17 - VM ioctls: These query and set attributes that affect an entire virtual
24 - vcpu ioctls: These query and set attributes that control the operation
32 - device ioctls: These query and set attributes that control the operation
80 facility that allows backward-compatible extensions to the API to be
104 the ioctl returns -ENOTTY.
122 -----------------------
139 -----------------
160 On arm64, the physical address size for a VM (IPA Size limit) is limited
165 address used by the VM. The IPA_Bits is encoded in bits[7-0] of the
183 ioctl() at run-time.
185 Please note that configuring the IPA size does not affect the capability
192 ----------------------------------------------------------
198 :Returns: 0 on success; -1 on error
234 -----------------------
253 --------------------------
267 -------------------------
273 :Returns: 0 on success, -1 on error
279 -------------------
285 :Returns: vcpu fd on success, -1 on error
291 the KVM_CHECK_EXTENSION ioctl() at run-time.
293 KVM_CAP_MAX_VCPUS of the KVM_CHECK_EXTENSION ioctl() at run-time.
301 KVM_CAP_MAX_VCPU_ID of the KVM_CHECK_EXTENSION ioctl() at run-time.
316 single-threaded guest vcpus, it should make all vcpu ids be a multiple
326 --------------------------------
332 :Returns: 0 on success, -1 on error
351 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 specifies
357 KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2 is enabled. For more information,
361 ------------------------
367 :Returns: 0 (success), -1 (error)
373 ------------
379 :Returns: 0 on success, -1 on error
395 -----------------
401 :Returns: 0 on success, -1 on error
428 -----------------
434 :Returns: 0 on success, -1 on error
442 ------------------
448 :Returns: 0 on success, -1 on error
465 /* ppc -- see arch/powerpc/include/uapi/asm/kvm.h */
473 ------------------
479 :Returns: 0 on success, -1 on error
486 ------------------
492 :Returns: 0 on success, -1 on error
505 __u8 valid;
513 ------------------
538 -EEXIST if an interrupt is already enqueued
539 -EINVAL the irq number is invalid
540 -ENXIO if the PIC is in the kernel
541 -EFAULT if the pointer is invalid
545 ioctl is useful if the in-kernel PIC is not used.
587 --------------------
593 :Returns: -1 on error
599 -----------------
606 -1 on error
609 Reads the values of MSR-based features that are available for the VM. This
611 The list of msr-based features can be obtained using KVM_GET_MSR_FEATURE_INDEX_LIST
615 Reads model-specific registers from the vcpu. Supported msr indices can
639 -----------------
645 :Returns: number of msrs successfully set (see below), -1 on error
647 Writes model-specific registers to the vcpu. See KVM_GET_MSRS for the
661 ------------------
667 :Returns: 0 on success, -1 on error
672 Note, when this IOCTL fails, KVM gives no guarantees that previous valid CPUID
696 ------------------------
702 :Returns: 0 on success, -1 on error
707 their traditional behaviour) will cause KVM_RUN to return with -EINTR.
722 ----------------
728 :Returns: 0 on success, -1 on error
751 ----------------
757 :Returns: 0 on success, -1 on error
780 -----------------------
786 :Returns: 0 on success, -1 on error
790 future vcpus to have a local APIC. IRQ routing for GSIs 0-15 is set to both
791 PIC and IOAPIC; GSI 16-23 only go to the IOAPIC.
797 Note that on s390 the KVM_CAP_S390_IRQCHIP vm capability needs to be enabled
802 -----------------
808 :Returns: 0 on success, -1 on error
812 been previously created with KVM_CREATE_IRQCHIP. Note that edge-triggered
815 On real hardware, interrupt pins can be active-low or active-high. This
820 (active-low/active-high) for level-triggered interrupts, and KVM used
822 active-low interrupts, the above convention is now valid on x86 too.
824 should not present interrupts to the guest as active-low unless this
825 capability is present (or unless it is not using the in-kernel irqchip,
830 in-kernel irqchip (GIC), and for in-kernel irqchip can tell the GIC to
839 - irq_type[0]:
840 out-of-kernel GIC: irq_id 0 is IRQ, irq_id 1 is FIQ
841 - irq_type[1]:
842 in-kernel GIC: SPI, irq_id between 32 and 1019 (incl.)
844 - irq_type[2]:
845 in-kernel GIC: PPI, irq_id between 16 and 31 (incl.)
856 injection of interrupts for the in-kernel irqchip. KVM_IRQ_LINE can always
871 --------------------
877 :Returns: 0 on success, -1 on error
896 --------------------
902 :Returns: 0 on success, -1 on error
921 -----------------------
927 :Returns: 0 on success, -1 on error
932 page of a blob (32- or 64-bit, depending on the vcpu mode) to guest
949 ------------------
955 :Returns: 0 on success, -1 on error
968 with KVM_SET_CLOCK. KVM will try to make all VCPUs follow this clock,
975 __u64 clock; /* kvmclock current value */
982 ------------------
988 :Returns: 0 on success, -1 on error
997 __u64 clock; /* kvmclock current value */
1004 ------------------------
1011 :Returns: 0 on success, -1 on error
1056 - KVM_VCPUEVENT_VALID_SHADOW may be set to signal that
1057 interrupt.shadow contains a valid state.
1059 - KVM_VCPUEVENT_VALID_SMM may be set to signal that smi contains a
1060 valid state.
1062 - KVM_VCPUEVENT_VALID_PAYLOAD may be set to signal that the
1064 fields contain a valid state. This bit will be set whenever
1065 KVM_CAP_EXCEPTION_PAYLOAD is enabled.
1076 causes an SError to become pending. The event's description is only valid while
1082 guest-visible registers. It is not possible to 'cancel' an SError that has been
1085 A device being emulated in user-space may also wish to generate an SError. To do
1086 this the events structure can be populated by user-space. The current state
1095 always have a non-zero value when read, and the agent making an SError pending
1097 the system supports KVM_CAP_ARM_INJECT_SERROR_ESR, but user-space sets the events
1101 -EINVAL. Setting anything other than the lower 24bits of exception.serror_esr
1102 will return -EINVAL.
1123 ------------------------
1130 :Returns: 0 on success, -1 on error
1143 suppress overwriting the current in-kernel state. The bits are:
1148 KVM_VCPUEVENT_VALID_SMM transfer the smi sub-struct.
1152 the flags field to signal that interrupt.shadow contains a valid state and
1157 If KVM_CAP_EXCEPTION_PAYLOAD is enabled, KVM_VCPUEVENT_VALID_PAYLOAD
1160 contain a valid state and shall be written into the VCPU.
1172 information or because there is no device mapped at the accessed IPA, then
1186 ----------------------
1192 :Returns: 0 on success, -1 on error
1208 ----------------------
1214 :Returns: 0 on success, -1 on error
1223 -------------------------------
1229 :Returns: 0 on success, -1 on error
1246 memory slot. Bits 0-15 of "slot" specify the slot id and this value
1251 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of "slot"
1275 to make a new slot read-only. In this case, writes to this memory will be
1289 ---------------------
1295 :Returns: 0 on success, -1 on error
1297 This ioctl defines the physical address of a three-page region in the guest
1303 This ioctl is required on Intel-based hosts. This is needed on Intel hardware
1309 -------------------
1315 :Returns: 0 on success; -1 on error
1321 :Returns: 0 on success; -1 on error
1325 Not all extensions are enabled by default. Using this ioctl the application
1331 To check if a capability can be enabled, the KVM_CHECK_EXTENSION ioctl should
1340 The capability that is supposed to get enabled.
1360 The vcpu ioctl should be used for vcpu-specific capabilities, the vm ioctl
1361 for vm-wide capabilities.
1364 ---------------------
1370 :Returns: 0 on success; -1 on error
1378 Returns the vcpu's current "multiprocessing state" (though also valid on
1402 in-kernel irqchip, the multiprocessing state must be maintained by userspace on
1408 The only states that are valid are KVM_MP_STATE_STOPPED and
1412 ---------------------
1418 :Returns: 0 on success; -1 on error
1424 in-kernel irqchip, the multiprocessing state must be maintained by userspace on
1430 The only states that are valid are KVM_MP_STATE_STOPPED and
1434 ------------------------------
1440 :Returns: 0 on success, -1 on error
1442 This ioctl defines the physical address of a one-page region in the guest
1451 This ioctl is required on Intel-based hosts. This is needed on Intel hardware
1458 ------------------------
1464 :Returns: 0 on success, -1 on error
1472 ------------------
1478 :Returns: 0 on success, -1 on error
1491 ------------------
1497 :Returns: 0 on success, -1 on error
1510 -----------------
1516 :Returns: 0 on success, -1 on error
1537 -----------------
1543 :Returns: 0 on success, -1 on error
1564 ----------------------------
1570 :Returns: 0 on success, -1 on error
1609 with the 'nent' field indicating the number of entries in the variable-size
1613 number is just right, the 'nent' field is adjusted to the number of valid
1632 if the index field is valid
1649 -----------------------
1679 ------------------------
1685 :Returns: 0 on success, -1 on error
1691 - GSI routing does not apply to KVM_IRQ_LINE but only to KVM_IRQFD.
1727 - KVM_MSI_VALID_DEVID: used along with KVM_IRQ_ROUTING_MSI routing entry
1728 type, specifies that the devid field contains a valid value. The per-VM
1732 - zero otherwise
1756 feature of KVM_CAP_X2APIC_API capability is enabled. If it is enabled,
1757 address_hi bits 31-8 provide bits 31-8 of the destination id. Bits 7-0 of
1777 --------------------
1783 :Returns: 0 on success, -1 on error
1790 --------------------
1796 :Returns: virtual tsc-khz on success, negative value on error
1799 KHz. If the host has unstable tsc this ioctl returns -EIO instead as an
1804 ------------------
1810 :Returns: 0 on success, -1 on error
1823 enabled, then the format of APIC_ID register depends on the APIC mode
1825 the APIC_ID register (bytes 32-35). xAPIC only allows an 8-bit APIC ID
1826 which is stored in bits 31-24 of the APIC register, or equivalently in
1835 ------------------
1841 :Returns: 0 on success, -1 on error
1853 The format of the APIC ID register (bytes 32-35 of struct kvm_lapic_state's
1859 ------------------
1882 For the special case of virtio-ccw devices on s390, the ioevent is matched
1896 For virtio-ccw devices, addr contains the subchannel id and datamatch the
1905 ------------------
1911 :Returns: 0 on success, -1 on error
1931 The array is little-endian: the bit 0 is the least significant bit of the
1941 -------------------------
1950 is an IOMMU for PAPR-style virtual I/O. It is used to translate
1964 which this TCE table will translate - the table will contain one 64
1974 the entries written by kernel-handled H_PUT_TCE calls, and also lets
1980 ---------------------
1989 time by the kernel. An RMA is a physically-contiguous, aligned region
1991 will be accessed by real-mode (MMU off) accesses in a KVM guest.
2016 ------------
2022 :Returns: 0 on success, -1 on error
2032 - pause the vcpu
2033 - read the local APIC's state (KVM_GET_LAPIC)
2034 - check whether changing LINT1 will queue an NMI (see the LVT entry for LINT1)
2035 - if so, issue KVM_NMI
2036 - resume the vcpu
2043 ----------------------
2065 ------------------------
2087 ------------------------
2105 --------------------
2341 ARM 32-bit CP15 registers have the following id bit patterns::
2345 ARM 64-bit CP15 registers have the following id bit patterns::
2353 ARM 32-bit VFP control registers have the following id bit patterns::
2357 ARM 64-bit FP registers have the following id bit patterns::
2361 ARM firmware pseudo-registers have the following bit pattern::
2369 arm64 core/FP-SIMD registers have the following id bit patterns. Note
2403 .. [1] These encodings are not accepted for SVE-enabled vcpus. See
2408 enabled (see below).
2428 arm64 firmware pseudo-registers have the following bit pattern::
2437 0x6060 0000 0015 ffff KVM_REG_ARM64_SVE_VLS pseudo-register
2440 ENOENT. max_vq is the vcpu's maximum supported vector length in 128-bit
2443 These registers are only accessible on vcpus for which SVE is enabled.
2451 KVM_REG_ARM64_SVE_VLS is a pseudo-register that allows the set of vector
2461 ((vector_lengths[(vq - KVM_ARM64_SVE_VQ_MIN) / 64] >>
2462 ((vq - KVM_ARM64_SVE_VQ_MIN) % 64)) & 1))
2484 is hardware-dependent and may not be available. Attempting to configure
2500 patterns depending on whether they're 32-bit or 64-bit registers::
2502 0x7020 0000 0001 00 <reg:5> <sel:3> (32-bit)
2503 0x7030 0000 0001 00 <reg:5> <sel:3> (64-bit)
2528 0x7020 0000 0003 00 <0:3> <reg:5> (32-bit FPU registers)
2529 0x7030 0000 0003 00 <0:3> <reg:5> (64-bit FPU registers)
2530 0x7040 0000 0003 00 <0:3> <reg:5> (128-bit MSA vector registers)
2544 --------------------
2574 ----------------------
2580 :Returns: 0 on success, -1 on error
2591 load-link/store-conditional, or equivalent must be used. There are two cases
2598 -------------------
2604 :Returns: >0 on delivery, 0 if guest blocked the MSI, and -1 on error
2606 Directly inject a MSI message. Only valid with in-kernel irqchip that handles
2621 KVM_MSI_VALID_DEVID: devid contains a valid value. The per-VM
2631 feature of KVM_CAP_X2APIC_API capability is enabled. If it is enabled,
2632 address_hi bits 31-8 provide bits 31-8 of the destination id. Bits 7-0 of
2637 --------------------
2643 :Returns: 0 on success, -1 on error
2645 Creates an in-kernel device model for the i8254 PIT. This call is only valid
2646 after enabling in-kernel irqchip support via KVM_CREATE_IRQCHIP. The following
2654 Valid flags are::
2658 PIT timer interrupts may use a per-VM kernel thread for injection. If it
2661 kvm-pit/<owner-process-pid>
2670 -----------------
2676 :Returns: 0 on success, -1 on error
2678 Retrieves the state of the in-kernel PIT model. Only valid after
2687 Valid flags are::
2696 -----------------
2702 :Returns: 0 on success, -1 on error
2704 Sets the state of the in-kernel PIT model. Only valid after KVM_CREATE_PIT2.
2711 --------------------------
2717 :Returns: 0 on success, -1 on error
2722 device-tree properties for the guest operating system.
2736 - KVM_PPC_PAGE_SIZES_REAL:
2741 - KVM_PPC_1T_SEGMENTS
2745 - KVM_PPC_NO_HASH
2786 --------------
2792 :Returns: 0 on success, -1 on error
2802 With KVM_CAP_IRQFD_RESAMPLE, KVM_IRQFD supports a de-assert and notify
2803 mechanism allowing emulation of level-triggered, irqfd-based
2808 as from an EOI, the gsi is de-asserted and the user is notified via
2809 kvm_irqfd.resamplefd. It is the user's responsibility to re-queue
2817 - in case no routing entry is associated to this gsi, injection fails
2818 - in case the gsi is associated to an irqchip routing entry,
2820 - in case the gsi is associated to an MSI routing entry, the MSI
2822 to GICv3 ITS in-kernel emulation).
2825 --------------------------
2831 :Returns: 0 on success, -1 on error
2843 The parameter is a pointer to a 32-bit unsigned integer variable
2850 default-sized hash table (16 MB).
2858 real-mode area (VRMA) facility, the kernel will re-create the VMRA
2862 -----------------------
2868 :Returns: 0 on success, -1 on error
2884 - sigp stop; optional flags in parm
2886 - program check; code in parm
2888 - sigp set prefix; prefix address in parm
2890 - restart
2892 - clock comparator interrupt
2894 - CPU timer interrupt
2896 - virtio external interrupt; external interrupt
2899 - sclp external interrupt; sclp parameter in parm
2901 - sigp emergency; source cpu in parm
2903 - sigp external call; source cpu in parm
2905 - compound value to indicate an
2906 I/O interrupt (ai - adapter interrupt; cssid,ssid,schid - subchannel);
2910 - machine check interrupt; cr 14 bits in parm, machine check interrupt
2917 ------------------------
2923 :Returns: file descriptor number (>= 0) on success, -1 on error
2955 series of valid HPT entries (16 bytes) each. The header indicates how
2956 many valid HPT entries there are and how many invalid entries follow
2957 the valid entries. The invalid entries are not represented explicitly
2967 header; first 'n_valid' valid entries with contents from the data
2969 valid entries found.
2972 ----------------------
2977 :Returns: 0 on success, -1 on error
3010 --------------------------------------------
3016 :Returns: 0 on success, -1 on error
3024 (e.g. read-only attribute, or attribute that only makes
3031 semantics are device-specific. See individual device documentation in
3039 __u32 group; /* device-defined */
3040 __u64 attr; /* group-defined */
3045 ------------------------
3051 :Returns: 0 on success, -1 on error
3066 ----------------------
3072 :Returns: 0 on success; -1 on error
3096 - KVM_ARM_VCPU_POWER_OFF: Starts the CPU in a power-off state.
3099 - KVM_ARM_VCPU_EL1_32BIT: Starts the CPU in a 32bit mode.
3101 - KVM_ARM_VCPU_PSCI_0_2: Emulate PSCI v0.2 (or a future revision
3104 - KVM_ARM_VCPU_PMU_V3: Emulate PMUv3 for the CPU.
3107 - KVM_ARM_VCPU_PTRAUTH_ADDRESS: Enables Address Pointer authentication
3115 - KVM_ARM_VCPU_PTRAUTH_GENERIC: Enables Generic Pointer authentication
3123 - KVM_ARM_VCPU_SVE: Enables SVE for the CPU (arm64 only).
3129 - KVM_REG_ARM64_SVE_VLS may be read using KVM_GET_ONE_REG: the
3130 initial value of this pseudo-register indicates the best set of
3135 - KVM_RUN and KVM_GET_REG_LIST are not available;
3137 - KVM_GET_ONE_REG and KVM_SET_ONE_REG cannot be used to access
3142 - KVM_REG_ARM64_SVE_VLS may optionally be written using
3148 - the KVM_REG_ARM64_SVE_VLS pseudo-register is immutable, and can
3152 -----------------------------
3158 :Returns: 0 on success; -1 on error
3171 kvm_vcpu_init->features bitmap returned will have feature bits set if
3181 ---------------------
3187 :Returns: 0 on success; -1 on error
3208 -----------------------------------------
3214 :Returns: 0 on success, -1 on error
3244 ARM/arm64 currently only require this when using the in-kernel GIC
3250 base addresses will return -EEXIST.
3257 ------------------------------
3263 :Returns: 0 on success, -1 on error
3268 of a service that has a kernel-side implementation. If the token
3269 value is non-zero, it will be associated with that service, and
3277 ------------------------
3283 :Returns: 0 on success; -1 on error
3298 - KVM_GUESTDBG_ENABLE: guest debugging is enabled
3299 - KVM_GUESTDBG_SINGLESTEP: the next run should single-step
3304 - KVM_GUESTDBG_USE_SW_BP: using software breakpoints [x86, arm64]
3305 - KVM_GUESTDBG_USE_HW_BP: using hardware breakpoints [x86, s390, arm64]
3306 - KVM_GUESTDBG_INJECT_DB: inject DB type exception [x86]
3307 - KVM_GUESTDBG_INJECT_BP: inject BP type exception [x86]
3308 - KVM_GUESTDBG_EXIT_PENDING: trigger an immediate guest exit [s390]
3311 are enabled in memory so we need to ensure breakpoint exceptions are
3326 the single-step debug event (KVM_GUESTDBG_SINGLESTEP) is supported.
3333 ---------------------------
3339 :Returns: 0 on success, -1 on error
3374 the variable-size array 'entries'. If the number of entries is too low
3378 to the number of valid entries in the 'entries' array, which is then
3400 if the index field is valid
3408 --------------------
3415 < 0 on generic error (e.g. -EFAULT or -ENOMEM),
3451 register number to be used; the valid range is 0..15.
3457 -----------------------
3483 will cause the ioctl to return -EINVAL.
3489 -----------------------
3507 will cause the ioctl to return -EINVAL.
3514 the ioctl will return -EINVAL.
3517 -----------------
3523 :Returns: 0 on success, -1 on error
3564 - KVM_S390_SIGP_STOP - sigp stop; parameter in .stop
3565 - KVM_S390_PROGRAM_INT - program check; parameters in .pgm
3566 - KVM_S390_SIGP_SET_PREFIX - sigp set prefix; parameters in .prefix
3567 - KVM_S390_RESTART - restart; no parameters
3568 - KVM_S390_INT_CLOCK_COMP - clock comparator interrupt; no parameters
3569 - KVM_S390_INT_CPU_TIMER - CPU timer interrupt; no parameters
3570 - KVM_S390_INT_EMERGENCY - sigp emergency; parameters in .emerg
3571 - KVM_S390_INT_EXTERNAL_CALL - sigp external call; parameters in .extcall
3572 - KVM_S390_MCHK - machine check interrupt; parameters in .mchk
3577 ---------------------------
3584 -EINVAL if buffer size is 0,
3585 -ENOBUFS if buffer size is too small to fit all pending interrupts,
3586 -EFAULT if the buffer address was invalid
3604 the kernel never checked for flags == 0 and QEMU never pre-zeroed flags and
3608 If -ENOBUFS is returned the buffer provided was too small and userspace
3612 ---------------------------
3619 -EFAULT if the buffer address was invalid,
3620 -EINVAL for an invalid buffer length (see below),
3621 -EBUSY if there were already interrupts pending,
3625 This ioctl allows userspace to set the complete state of all cpu-local
3647 which is the maximum number of possibly pending cpu-local interrupts.
3650 ------------
3656 :Returns: 0 on success, -1 on error
3661 -------------------------
3676 IBM pSeries (sPAPR) guest starts using them if "hcall-multi-tce" is
3677 present in the "ibm,hypertas-functions" device-tree property.
3684 This capability is always enabled.
3687 ----------------------------
3720 -------------------------
3727 -EFAULT if struct kvm_reinject_control cannot be read,
3728 -ENXIO if KVM_CREATE_PIT or KVM_CREATE_PIT2 didn't succeed earlier.
3747 ------------------------------
3754 -EFAULT if struct kvm_ppc_mmuv3_cfg cannot be read,
3755 -EINVAL if the configuration is invalid
3781 ---------------------------
3788 -EFAULT if struct kvm_ppc_rmmu_info cannot be written,
3789 -EINVAL if no useful information can be returned
3818 --------------------------------
3827 -EFAULT if struct kvm_reinject_control cannot be read,
3828 -EINVAL if the supplied shift or flags are invalid,
3829 -ENOMEM if unable to allocate the new HPT,
3830 -ENOSPC if there was a hash collision
3854 --------------------------------
3863 -EFAULT if struct kvm_reinject_control cannot be read,
3864 -EINVAL if the supplied shift or flags are invalid,when moving existing
3866 -EIO on other error conditions
3891 returns 0 (i.e. cancels any in-progress preparation).
3894 flags will result in an -EINVAL.
3909 -------------------------------
3916 -EFAULT if struct kvm_reinject_control cannot be read,
3917 -EINVAL if the supplied shift or flags are invalid,
3918 -ENXIO is there is no pending HPT, or the pending HPT doesn't
3920 -EBUSY if the pending HPT is not fully prepared,
3921 -ENOSPC if there was a hash collision when moving existing
3923 -EIO on other error conditions
3932 KVM_PPC_RESIZE_HPT_COMMIT will return an error (usually -ENXIO or
3933 -EBUSY, though others may be possible if the preparation was started,
3937 placed itself in a quiescent state where no vcpu will make MMU enabled
3954 -----------------------------------
3960 :Returns: 0 on success, -1 on error
3967 -----------------------
3974 -EFAULT if u64 mcg_cap cannot be read,
3975 -EINVAL if the requested number of banks is invalid,
3976 -EINVAL if requested MCE capability is not supported.
3980 specifies which capabilities should be enabled. The maximum
3981 supported number of error-reporting banks can be retrieved when
3986 ---------------------
3993 -EFAULT if struct kvm_x86_mce cannot be read,
3994 -EINVAL if the bank number is invalid,
3995 -EINVAL if VAL bit is not set in status field.
4020 ----------------------------
4031 - During live migration to save the CMMA values. Live migration needs
4032 to be enabled via the KVM_REQ_START_MIGRATION VM property.
4033 - To non-destructively peek at the CMMA values, with the flag
4064 KVM_S390_SKEYS_MAX. KVM_S390_SKEYS_MAX is re-used for consistency with
4102 not enabled.
4108 This ioctl can fail with -ENOMEM if not enough memory can be allocated to
4109 complete the task, with -ENXIO if CMMA is not enabled, with -EINVAL if
4110 KVM_S390_CMMA_PEEK is not set but migration mode was not enabled, with
4111 -EFAULT if the userspace address is invalid or if no page table is
4115 ----------------------------
4154 This ioctl can fail with -ENOMEM if not enough memory can be allocated to
4155 complete the task, with -ENXIO if CMMA is not enabled, with -EINVAL if
4157 if the flags field was not 0, with -EFAULT if the userspace address is
4163 --------------------------
4170 -EFAULT if struct kvm_ppc_cpu_char cannot be written
4175 CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754). The information is
4181 __u64 character_mask; /* valid bits in character */
4182 __u64 behaviour_mask; /* valid bits in behaviour */
4192 with preventing inadvertent information disclosure - specifically,
4193 whether there is an instruction to flash-invalidate the L1 data cache
4210 ---------------------------
4216 :Returns: 0 on success; -1 on error
4219 for issuing platform-specific memory encryption commands to manage those
4224 Documentation/virt/kvm/amd-memory-encryption.rst.
4227 -----------------------------------
4233 :Returns: 0 on success; -1 on error
4238 It is used in the SEV-enabled guest. When encryption is enabled, a guest
4251 -------------------------------------
4257 :Returns: 0 on success; -1 on error
4263 ------------------------
4271 the specified Hyper-V connection id through the SIGNAL_EVENT hypercall, without
4272 causing a user exit. SIGNAL_EVENT hypercall with non-zero event flag number
4273 (bits 24-31) still triggers a KVM_EXIT_HYPERV_HCALL user exit.
4293 -EINVAL if conn_id or flags is outside the allowed range,
4294 -ENOENT on deassign if the conn_id isn't registered,
4295 -EEXIST on assign if the conn_id is already registered
4298 --------------------------
4304 :Returns: 0 on success, -1 on error
4372 --------------------------
4378 :Returns: 0 on success, -1 on error
4384 -------------------------------------
4413 ------------------------------------
4419 :Returns: 0 on success, -1 on error
4441 in KVM's dirty bitmap, and dirty tracking is re-enabled for that page
4442 (for example via write-protection, or by clearing the dirty bit in
4445 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 specifies
4451 is enabled; for more information, see the description of the capability.
4456 --------------------------------
4462 :Returns: 0 on success, -1 on error
4483 This ioctl returns x86 cpuid features leaves related to Hyper-V emulation in
4485 cpuid information presented to guests consuming Hyper-V enlightenments (e.g.
4486 Windows or Hyper-V guests).
4488 CPUID feature leaves returned by this ioctl are defined by Hyper-V Top Level
4494 - HYPERV_CPUID_VENDOR_AND_MAX_FUNCTIONS
4495 - HYPERV_CPUID_INTERFACE
4496 - HYPERV_CPUID_VERSION
4497 - HYPERV_CPUID_FEATURES
4498 - HYPERV_CPUID_ENLIGHTMENT_INFO
4499 - HYPERV_CPUID_IMPLEMENT_LIMITS
4500 - HYPERV_CPUID_NESTED_FEATURES
4501 - HYPERV_CPUID_SYNDBG_VENDOR_AND_MAX_FUNCTIONS
4502 - HYPERV_CPUID_SYNDBG_INTERFACE
4503 - HYPERV_CPUID_SYNDBG_PLATFORM_CAPABILITIES
4506 enabled on the corresponding vCPU (KVM_CAP_HYPERV_ENLIGHTENED_VMCS).
4509 with the 'nent' field indicating the number of entries in the variable-size
4510 array 'entries'. If the number of entries is too low to describe all Hyper-V
4512 to the number of Hyper-V feature leaves, the 'nent' field is adjusted to the
4513 number of valid entries in the 'entries' array, which is then filled.
4519 ---------------------------
4524 :Returns: 0 on success, -1 on error
4529 EPERM feature not enabled, needs configuration, or already finalized
4550 that should be performaned and how to do it are feature-dependent.
4554 -EPERM unless the feature has already been finalized by means of a
4561 ------------------------------
4567 :Returns: 0 on success, -1 on error
4589 Valid values for 'action'::
4595 ---------------------
4619 ---------------------------
4631 ----------------------------
4644 --------------------------
4658 -------------------------
4696 again. All registered VCPUs are converted back to non-protected
4711 ----------------------------
4778 default KVM in-kernel emulation behavior is fully preserved.
4833 This field is polled once when KVM_RUN starts; if non-zero, KVM_RUN
4834 exits immediately, returning -EINTR. In the common scenario where a
4838 a signal handler that sets run->immediate_exit to a non-zero value.
4864 The value of the current interrupt flag. Only valid if in-kernel
4871 More architecture-specific flags detailing state of the VCPU that may
4873 KVM_RUN_X86_SMM, which is valid on x86 machines and is set if the
4881 The value of the cr8 register. Only valid if in-kernel local APIC is
4888 The value of the APIC BASE msr. Only valid if in-kernel local
4900 reasons. Further architecture-specific information is available in
4912 to unknown reasons. Further architecture-specific information is
4965 executed a memory-mapped I/O instruction which could not be satisfied
4978 has re-entered the kernel with KVM_RUN. The kernel side will first finish
4980 can re-enter the guest with an unmasked signal pending to complete
5017 __u16 ipa;
5060 Deprecated - was used for 440 KVM.
5086 This is used on 64-bit PowerPC when emulating a pSeries partition,
5090 the arguments (from the guest R4 - R12). Userspace should put the
5108 s390 specific. This exit occurs when KVM_CAP_S390_CSS_SUPPORT has been enabled
5131 It gets triggered whenever both KVM_CAP_PPC_EPR are enabled and an
5147 a system-level event using some architecture specific mechanism (hypercall
5150 the system-level event type. The 'flags' field describes architecture
5151 specific flags for the system-level event.
5153 Valid values for 'type' are:
5155 - KVM_SYSTEM_EVENT_SHUTDOWN -- the guest has requested a shutdown of the
5159 - KVM_SYSTEM_EVENT_RESET -- the guest has requested a reset of the VM.
5162 - KVM_SYSTEM_EVENT_CRASH -- the guest crash occurred and the guest
5174 Indicates that the VCPU's in-kernel local APIC received an EOI for a
5175 level-triggered IOAPIC interrupt. This exit only triggers when the
5176 IOAPIC is implemented in userspace (i.e. KVM_CAP_SPLIT_IRQCHIP is enabled);
5217 related to Hyper-V emulation.
5219 Valid values for 'type' are:
5221 - KVM_EXIT_HYPERV_SYNIC -- synchronously notify user-space about
5223 Hyper-V SynIC state change. Notification is used to remap SynIC
5227 - KVM_EXIT_HYPERV_SYNDBG -- synchronously notify user-space about
5229 Hyper-V Synthetic debugger state change. Notification is used to either update
5248 the VM. KVM assumed that if the guest accessed non-memslot memory, it was
5257 instead return to userspace with KVM_EXIT_ARM_NISV, with the valid bits from
5258 the HSR (arm) and ESR_EL2 (arm64) in the esr_iss field, and the faulting IPA
5272 __u8 error; /* user -> kernel */
5274 __u32 reason; /* kernel -> user */
5275 __u32 index; /* kernel -> user */
5276 __u64 data; /* kernel <-> user */
5280 enabled, MSR accesses to registers that would invoke a #GP by KVM kernel code
5286 ENABLE_CAP. Currently valid exit reasons are:
5288 KVM_MSR_EXIT_REASON_UNKNOWN - access to MSR that is unknown to KVM
5289 KVM_MSR_EXIT_REASON_INVAL - access to invalid MSRs or reserved bits
5290 KVM_MSR_EXIT_REASON_FILTER - access blocked by KVM_X86_SET_MSR_FILTER
5344 6. Capabilities that can be enabled on vCPUs
5348 the virtual machine when enabled. To enable them, please see section 4.37.
5359 whether this is a per-vcpu or per-vm capability.
5370 -------------------
5375 :Returns: 0 on success; -1 on error
5379 were invented by Mac-on-Linux to have a standardized communication mechanism
5382 When this capability is enabled, KVM_EXIT_OSI can occur.
5386 --------------------
5391 :Returns: 0 on success; -1 on error
5403 When this capability is enabled, KVM_EXIT_PAPR_HCALL can occur.
5407 ------------------
5412 :Returns: 0 on success; -1 on error
5425 addresses of mmu-type-specific data structures. The "array_len" field is an
5441 - The "params" field is of type "struct kvm_book3e_206_tlb_params".
5442 - The "array" field points to an array of type "struct
5444 - The array consists of all entries in the first TLB, followed by all
5446 - Within a TLB, entries are ordered first by increasing set number. Within a
5448 - The hash for determining set number in TLB0 is: (MAS2 >> 12) & (num_sets - 1)
5450 - The tsize field of mas1 shall be set to 4K on TLB0, even though the
5454 ----------------------------
5459 :Returns: 0 on success; -1 on error
5464 handled in-kernel, while the other I/O instructions are passed to userspace.
5466 When this capability is enabled, KVM_EXIT_S390_TSCH will occur on TEST
5469 Note that even though this capability is enabled per-vcpu, the complete
5473 -------------------
5478 :Returns: 0 on success; -1 on error
5483 When enabled (args[0] != 0), every time the guest gets an external interrupt
5489 When this capability is enabled, KVM_EXIT_EPR can occur.
5492 --------------------
5498 This capability connects the vcpu to an in-kernel MPIC device.
5501 --------------------
5508 This capability connects the vcpu to an in-kernel XICS device.
5511 ------------------------
5517 This capability enables the in-kernel irqchip for s390. Please refer to
5521 --------------------
5535 ---------------------
5548 ----------------------
5551 :Target: s390: always enabled, x86: vcpu
5553 :Returns: x86: KVM_CHECK_EXTENSION returns a bit-array indicating which register
5569 - the register sets to be copied out to kvm_run are selectable
5571 - vcpu_events are available in addition to regs and sregs.
5574 function as an input bit-array field set by userspace to indicate the
5594 -------------------------
5601 This capability connects the vcpu to an in-kernel XIVE device.
5603 7. Capabilities that can be enabled on VMs
5607 machine when enabled. To enable them, please see section 4.37. Below
5626 ----------------------------
5630 args[1] is 0 to disable, 1 to enable in-kernel handling
5633 get handled by the kernel or not. Enabling or disabling in-kernel
5635 initial set of hcalls are enabled for in-kernel handling, which
5636 consists of those hcalls for which in-kernel handlers were implemented
5643 If the hcall number specified is not one that has an in-kernel
5648 --------------------------
5654 space. With this capability enabled, all fast orders will be handled completely
5657 - SENSE
5658 - SENSE RUNNING
5659 - EXTERNAL CALL
5660 - EMERGENCY SIGNAL
5661 - CONDITIONAL EMERGENCY SIGNAL
5666 in the hardware prior to interception). If this capability is not enabled, the
5670 ---------------------------------
5678 return -EINVAL if the machine does not support vectors.
5681 --------------------------
5686 This capability allows post-handlers for the STSI instruction. After
5691 vcpu->run::
5702 @addr - guest address of STSI SYSIB
5703 @fc - function code
5704 @sel1 - selector 1
5705 @sel2 - selector 2
5706 @ar - access register number
5708 KVM handlers should exit to userspace with rc = -EREMOTE.
5711 -------------------------
5714 :Parameters: args[0] - number of routes reserved for userspace IOAPICs
5715 :Returns: 0 on success, -1 on error
5719 IOAPIC and PIC (and also the PIT, even though this has to be enabled
5732 -------------------
5737 Allows use of runtime-instrumentation introduced with zEC12 processor.
5738 Will return -EINVAL if the machine does not support runtime-instrumentation.
5739 Will return -EBUSY if a VCPU has already been created.
5742 ----------------------
5745 :Parameters: args[0] - features that should be enabled
5746 :Returns: 0 on success, -EINVAL when args[0] contains invalid features
5748 Valid feature flags in args[0] are::
5755 allowing the use of 32-bit APIC IDs. See KVM_CAP_X2APIC_API in their
5758 KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK must be enabled for x2APIC to work
5762 where 0xff represents CPUs 0-7 in cluster 0.
5765 ----------------------------
5770 With this capability enabled, all illegal instructions 0x0000 (2 bytes) will
5772 mechanism e.g. to realize 2-byte software breakpoints. The kernel will
5776 This capability can be enabled dynamically even if VCPUs were already
5780 -------------------
5784 :Returns: 0 on success; -EINVAL if the machine does not support
5785 guarded storage; -EBUSY if a VCPU has already been created.
5790 ---------------------
5795 Allow use of adapter-interruption suppression.
5796 :Returns: 0 on success; -EBUSY if a VCPU has already been created.
5799 --------------------
5817 ----------------------
5829 ------------------------------
5833 :Returns: 0 on success, -EINVAL when args[0] contains invalid exits
5835 Valid bits in args[0] are::
5852 --------------------------
5856 :Returns: 0 on success, -EINVAL if hpage module parameter was not set
5857 or cmma is enabled, or the VM has the KVM_VM_S390_UCONTROL
5861 through hugetlbfs can be enabled for a VM. After the capability is
5862 enabled, cmma can't be enabled anymore and pfmfi and the storage key
5863 interpretation are disabled. If cmma has already been enabled or the
5864 hpage module parameter is not set to 1, -EINVAL is returned.
5870 ------------------------------
5873 :Parameters: args[0] whether feature should be enabled or not
5880 --------------------------
5884 :Returns: 0 on success, -EINVAL when the implementation doesn't support
5885 nested-HV virtualization.
5887 HV-KVM on POWER9 and later systems allows for "nested-HV"
5889 can run using the CPU's supervisor mode (privileged non-hypervisor
5891 the necessary functionality and on the facility being enabled with a
5892 kvm-hv module parameter.
5895 ------------------------------
5898 :Parameters: args[0] whether feature should be enabled or not
5900 With this capability enabled, CR2 will not be modified prior to the
5901 emulated VM-exit when L1 intercepts a #PF exception that occurs in
5902 L2. Similarly, for kvm-intel only, DR6 will not be modified prior to
5903 the emulated VM-exit when L1 intercepts a #DB exception that occurs in
5909 exception.has_payload and to put the faulting address - or the new DR6
5910 bits\ [#]_ - in the exception_payload field.
5923 :Parameters: args[0] whether feature should be enabled or not
5925 Valid flags are::
5931 automatically clear and write-protect all pages that are returned as dirty.
5937 KVM_CLEAR_DIRTY_LOG ioctl can operate on a 64-page granularity rather
5950 dirty logging can be enabled gradually in small chunks on the first call
5962 ------------------------------
5974 If present, this capability can be enabled for a VM, meaning that KVM
5979 ----------------------
5984 :Returns: 0 on success; -1 on error
5992 the maximum halt time to specified on a per-VM basis, effectively overriding
5996 -------------------------------
6001 :Returns: 0 on success; -1 on error
6011 this capability. With it enabled, MSR accesses that match the mask specified in
6024 ---------------------
6030 H_RANDOM hypercall backed by a hardware random-number generator.
6031 If present, the kernel H_RANDOM handler can be enabled for guest use
6035 ------------------------
6041 Hyper-V Synthetic interrupt controller(SynIC). Hyper-V SynIC is
6042 used to support Windows Hyper-V based guest paravirt drivers(VMBus).
6047 by the CPU, as it's incompatible with SynIC auto-EOI behavior.
6050 -------------------------
6060 ---------------------------
6067 the POWER9 processor), including in-memory segment tables.
6070 -------------------
6100 -------------------
6114 ----------------------
6128 Both registers and addresses are 32-bits wide.
6129 It will only be possible to run 32-bit guest code.
6131 1 MIPS64 or microMIPS64 with access only to 32-bit compatibility segments.
6132 Registers are 64-bits wide, but addresses are 32-bits wide.
6133 64-bit guest code may run but cannot access MIPS64 memory segments.
6134 It will also be possible to run 32-bit guest code.
6137 Both registers and addresses are 64-bits wide.
6138 It will be possible to run 64-bit or 32-bit guest code.
6142 ------------------------
6147 that if userspace creates a VM without an in-kernel interrupt controller, it
6148 will be notified of changes to the output level of in-kernel emulated devices,
6151 updates the vcpu's run->s.regs.device_irq_level field to represent the actual
6157 userspace can always sample the device output level and re-compute the state of
6159 of run->s.regs.device_irq_level on every kvm exit.
6160 The value in run->s.regs.device_irq_level can represent both level and edge
6162 signals will exit to userspace with the bit in run->s.regs.device_irq_level
6165 The field run->s.regs.device_irq_level is available independent of
6166 run->kvm_valid_regs or run->kvm_dirty_regs bits.
6170 and thereby which bits in run->s.regs.device_irq_level can signal values.
6176 KVM_ARM_DEV_EL1_VTIMER - EL1 virtual timer
6177 KVM_ARM_DEV_EL1_PTIMER - EL1 physical timer
6178 KVM_ARM_DEV_PMU - ARM PMU overflow interrupt signal
6185 -----------------------------
6195 --------------------------
6199 This capability enables a newer version of Hyper-V Synthetic interrupt
6201 doesn't clear SynIC message and event flags pages when they are enabled by
6205 ----------------------------
6215 -------------------------------
6225 ---------------------
6232 ----------------------
6241 ---------------------
6246 use copy-on-write semantics as well as dirty pages tracking via read-only page
6250 ---------------------
6259 ----------------------------
6263 This capability indicates that KVM supports paravirtualized Hyper-V TLB Flush
6269 ----------------------------------
6284 ----------------------------
6288 This capability indicates that KVM supports paravirtualized Hyper-V IPI send
6293 -----------------------------------
6297 This capability indicates that KVM running on top of Hyper-V hypervisor
6299 hypercalls are handled by Level 0 hypervisor (Hyper-V) bypassing KVM.
6300 Due to the different ABI for hypercall parameters between Hyper-V and
6303 flush hypercalls by Hyper-V) so userspace should disable KVM identification
6304 in CPUID and only exposes Hyper-V identification. In this case, guest
6305 thinks it's running on Hyper-V and only use Hyper-V hypercalls.
6308 -----------------------------
6316 ---------------------------
6327 -----------------------
6332 When steal time accounting is supported it may be enabled with
6333 architecture-specific interfaces. This capability and the architecture-
6340 -------------------------
6350 an 8-byte value consisting of a one-byte Control Program Name Code (CPNC) and
6351 a 7-byte Control Program Version Code (CPVC). The CPNC determines what
6360 -------------------------------
6365 writes to user space. It can be enabled on a VM level. If enabled, MSR
6371 ---------------------------
6385 -----------------------------
6389 When enabled, KVM will disable paravirtual features provided to the