Lines Matching +full:pins +full:- +full:cmd +full:- +full:dat
1 .. SPDX-License-Identifier: GPL-2.0
4 The Definitive KVM (Kernel-based Virtual Machine) API Documentation
13 - System ioctls: These query and set global attributes which affect the
17 - VM ioctls: These query and set attributes that affect an entire virtual
24 - vcpu ioctls: These query and set attributes that control the operation
32 - device ioctls: These query and set attributes that control the operation
80 facility that allows backward-compatible extensions to the API to be
104 the ioctl returns -ENOTTY.
122 -----------------------
139 -----------------
159 address used by the VM. The IPA_Bits is encoded in bits[7-0] of the
177 ioctl() at run-time.
189 ----------------------------------------------------------
195 :Returns: 0 on success; -1 on error
231 -----------------------
250 --------------------------
263 the VCPU file descriptor can be mmap-ed, including:
265 - if KVM_CAP_COALESCED_MMIO is available, a page at
270 - if KVM_CAP_DIRTY_LOG_RING is available, a number of pages at
276 -------------------------
282 :Returns: 0 on success, -1 on error
288 -------------------
294 :Returns: vcpu fd on success, -1 on error
300 the KVM_CHECK_EXTENSION ioctl() at run-time.
302 KVM_CAP_MAX_VCPUS of the KVM_CHECK_EXTENSION ioctl() at run-time.
310 KVM_CAP_MAX_VCPU_ID of the KVM_CHECK_EXTENSION ioctl() at run-time.
325 single-threaded guest vcpus, it should make all vcpu ids be a multiple
335 --------------------------------
341 :Returns: 0 on success, -1 on error
360 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of slot field specifies
372 ------------------------
378 :Returns: 0 (success), -1 (error)
384 ------------
390 :Returns: 0 on success, -1 on error
411 -----------------
417 :Returns: 0 on success, -1 on error
444 -----------------
450 :Returns: 0 on success, -1 on error
458 ------------------
464 :Returns: 0 on success, -1 on error
481 /* ppc -- see arch/powerpc/include/uapi/asm/kvm.h */
489 ------------------
495 :Returns: 0 on success, -1 on error
502 ------------------
508 :Returns: 0 on success, -1 on error
529 ------------------
554 -EEXIST if an interrupt is already enqueued
555 -EINVAL the irq number is invalid
556 -ENXIO if the PIC is in the kernel
557 -EFAULT if the pointer is invalid
561 ioctl is useful if the in-kernel PIC is not used.
601 RISC-V:
620 --------------------
626 :Returns: -1 on error
632 -----------------
639 -1 on error
642 Reads the values of MSR-based features that are available for the VM. This
644 The list of msr-based features can be obtained using KVM_GET_MSR_FEATURE_INDEX_LIST
648 Reads model-specific registers from the vcpu. Supported msr indices can
672 -----------------
678 :Returns: number of msrs successfully set (see below), -1 on error
680 Writes model-specific registers to the vcpu. See KVM_GET_MSRS for the
694 ------------------
700 :Returns: 0 on success, -1 on error
706 - If this IOCTL fails, KVM gives no guarantees that previous valid CPUID
709 - Using KVM_SET_CPUID{,2} after KVM_RUN, i.e. changing the guest vCPU model
711 - Using heterogeneous CPUID configurations, modulo APIC IDs, topology, etc...
734 ------------------------
740 :Returns: 0 on success, -1 on error
745 their traditional behaviour) will cause KVM_RUN to return with -EINTR.
760 ----------------
766 :Returns: 0 on success, -1 on error
789 ----------------
795 :Returns: 0 on success, -1 on error
818 -----------------------
824 :Returns: 0 on success, -1 on error
828 future vcpus to have a local APIC. IRQ routing for GSIs 0-15 is set to both
829 PIC and IOAPIC; GSI 16-23 only go to the IOAPIC.
840 -----------------
846 :Returns: 0 on success, -1 on error
850 been previously created with KVM_CREATE_IRQCHIP. Note that edge-triggered
853 On real hardware, interrupt pins can be active-low or active-high. This
858 (active-low/active-high) for level-triggered interrupts, and KVM used
860 active-low interrupts, the above convention is now valid on x86 too.
862 should not present interrupts to the guest as active-low unless this
863 capability is present (or unless it is not using the in-kernel irqchip,
868 in-kernel irqchip (GIC), and for in-kernel irqchip can tell the GIC to
877 - irq_type[0]:
878 out-of-kernel GIC: irq_id 0 is IRQ, irq_id 1 is FIQ
879 - irq_type[1]:
880 in-kernel GIC: SPI, irq_id between 32 and 1019 (incl.)
882 - irq_type[2]:
883 in-kernel GIC: PPI, irq_id between 16 and 31 (incl.)
894 injection of interrupts for the in-kernel irqchip. KVM_IRQ_LINE can always
909 --------------------
915 :Returns: 0 on success, -1 on error
934 --------------------
940 :Returns: 0 on success, -1 on error
959 -----------------------
965 :Returns: 0 on success, -1 on error
970 page of a blob (32- or 64-bit, depending on the vcpu mode) to guest
1005 ------------------
1011 :Returns: 0 on success, -1 on error
1055 ------------------
1061 :Returns: 0 on success, -1 on error
1090 ------------------------
1097 :Returns: 0 on success, -1 on error
1142 - KVM_VCPUEVENT_VALID_SHADOW may be set to signal that
1145 - KVM_VCPUEVENT_VALID_SMM may be set to signal that smi contains a
1148 - KVM_VCPUEVENT_VALID_PAYLOAD may be set to signal that the
1153 - KVM_VCPUEVENT_VALID_TRIPLE_FAULT may be set to signal that the
1172 guest-visible registers. It is not possible to 'cancel' an SError that has been
1175 A device being emulated in user-space may also wish to generate an SError. To do
1176 this the events structure can be populated by user-space. The current state
1185 always have a non-zero value when read, and the agent making an SError pending
1187 the system supports KVM_CAP_ARM_INJECT_SERROR_ESR, but user-space sets the events
1191 -EINVAL. Setting anything other than the lower 24bits of exception.serror_esr
1192 will return -EINVAL.
1213 ------------------------
1220 :Returns: 0 on success, -1 on error
1233 suppress overwriting the current in-kernel state. The bits are:
1238 KVM_VCPUEVENT_VALID_SMM transfer the smi sub-struct.
1280 ----------------------
1286 :Returns: 0 on success, -1 on error
1302 ----------------------
1308 :Returns: 0 on success, -1 on error
1317 -------------------------------
1323 :Returns: 0 on success, -1 on error
1340 memory slot. Bits 0-15 of "slot" specify the slot id and this value
1345 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of "slot"
1372 to make a new slot read-only. In this case, writes to this memory will be
1386 ---------------------
1392 :Returns: 0 on success, -1 on error
1394 This ioctl defines the physical address of a three-page region in the guest
1400 This ioctl is required on Intel-based hosts. This is needed on Intel hardware
1406 -------------------
1412 :Returns: 0 on success; -1 on error
1418 :Returns: 0 on success; -1 on error
1457 The vcpu ioctl should be used for vcpu-specific capabilities, the vm ioctl
1458 for vm-wide capabilities.
1461 ---------------------
1467 :Returns: 0 on success; -1 on error
1502 in-kernel irqchip, the multiprocessing state must be maintained by userspace on
1539 ---------------------
1545 :Returns: 0 on success; -1 on error
1551 in-kernel irqchip, the multiprocessing state must be maintained by userspace on
1561 ------------------------------
1567 :Returns: 0 on success, -1 on error
1569 This ioctl defines the physical address of a one-page region in the guest
1578 This ioctl is required on Intel-based hosts. This is needed on Intel hardware
1585 ------------------------
1591 :Returns: 0 on success, -1 on error
1600 ------------------
1606 :Returns: 0 on success, -1 on error
1620 ------------------
1626 :Returns: 0 on success, -1 on error
1648 -----------------
1654 :Returns: 0 on success, -1 on error
1675 -----------------
1681 :Returns: 0 on success, -1 on error
1702 ----------------------------
1708 :Returns: 0 on success, -1 on error
1741 Dynamically-enabled feature bits need to be requested with
1751 with the 'nent' field indicating the number of entries in the variable-size
1791 -----------------------
1821 ------------------------
1827 :Returns: 0 on success, -1 on error
1833 - GSI routing does not apply to KVM_IRQ_LINE but only to KVM_IRQFD.
1871 - KVM_MSI_VALID_DEVID: used along with KVM_IRQ_ROUTING_MSI routing entry
1872 type, specifies that the devid field contains a valid value. The per-VM
1876 - zero otherwise
1901 address_hi bits 31-8 provide bits 31-8 of the destination id. Bits 7-0 of
1935 --------------------
1941 :Returns: 0 on success, -1 on error
1951 --------------------
1957 :Returns: virtual tsc-khz on success, negative value on error
1960 KHz. If the host has unstable tsc this ioctl returns -EIO instead as an
1965 ------------------
1971 :Returns: 0 on success, -1 on error
1986 the APIC_ID register (bytes 32-35). xAPIC only allows an 8-bit APIC ID
1987 which is stored in bits 31-24 of the APIC register, or equivalently in
1996 ------------------
2002 :Returns: 0 on success, -1 on error
2014 The format of the APIC ID register (bytes 32-35 of struct kvm_lapic_state's
2020 ------------------
2043 For the special case of virtio-ccw devices on s390, the ioevent is matched
2057 For virtio-ccw devices, addr contains the subchannel id and datamatch the
2066 ------------------
2072 :Returns: 0 on success, -1 on error
2092 The array is little-endian: the bit 0 is the least significant bit of the
2102 -------------------------
2111 is an IOMMU for PAPR-style virtual I/O. It is used to translate
2125 which this TCE table will translate - the table will contain one 64
2135 the entries written by kernel-handled H_PUT_TCE calls, and also lets
2141 ---------------------
2150 time by the kernel. An RMA is a physically-contiguous, aligned region
2152 will be accessed by real-mode (MMU off) accesses in a KVM guest.
2177 ------------
2183 :Returns: 0 on success, -1 on error
2193 - pause the vcpu
2194 - read the local APIC's state (KVM_GET_LAPIC)
2195 - check whether changing LINT1 will queue an NMI (see the LVT entry for LINT1)
2196 - if so, issue KVM_NMI
2197 - resume the vcpu
2204 ----------------------
2226 ------------------------
2248 ------------------------
2266 --------------------
2504 ARM 32-bit CP15 registers have the following id bit patterns::
2508 ARM 64-bit CP15 registers have the following id bit patterns::
2516 ARM 32-bit VFP control registers have the following id bit patterns::
2520 ARM 64-bit FP registers have the following id bit patterns::
2524 ARM firmware pseudo-registers have the following bit pattern::
2532 arm64 core/FP-SIMD registers have the following id bit patterns. Note
2566 .. [1] These encodings are not accepted for SVE-enabled vcpus. See
2591 arm64 firmware pseudo-registers have the following bit pattern::
2600 0x6060 0000 0015 ffff KVM_REG_ARM64_SVE_VLS pseudo-register
2603 ENOENT. max_vq is the vcpu's maximum supported vector length in 128-bit
2614 KVM_REG_ARM64_SVE_VLS is a pseudo-register that allows the set of vector
2624 ((vector_lengths[(vq - KVM_ARM64_SVE_VQ_MIN) / 64] >>
2625 ((vq - KVM_ARM64_SVE_VQ_MIN) % 64)) & 1))
2647 is hardware-dependent and may not be available. Attempting to configure
2654 arm64 bitmap feature firmware pseudo-registers have the following bit pattern::
2668 a -EBUSY to userspace.
2681 patterns depending on whether they're 32-bit or 64-bit registers::
2683 0x7020 0000 0001 00 <reg:5> <sel:3> (32-bit)
2684 0x7030 0000 0001 00 <reg:5> <sel:3> (64-bit)
2709 0x7020 0000 0003 00 <0:3> <reg:5> (32-bit FPU registers)
2710 0x7030 0000 0003 00 <0:3> <reg:5> (64-bit FPU registers)
2711 0x7040 0000 0003 00 <0:3> <reg:5> (128-bit MSA vector registers)
2723 RISC-V registers are mapped using the lower 32 bits. The upper 8 bits of
2726 RISC-V config registers are meant for configuring a Guest VCPU and it has
2732 Following are the RISC-V config registers:
2744 RISC-V core registers represent the general excution state of a Guest VCPU
2750 Following are the RISC-V core registers:
2787 0x80x0 0000 0200 0020 mode Privilege mode (1 = S-mode or 0 = U-mode)
2790 RISC-V csr registers represent the supervisor mode control/status registers
2796 Following are the RISC-V csr registers:
2812 RISC-V timer registers represent the timer state of a Guest VCPU and it has
2817 Following are the RISC-V timer registers:
2822 0x8030 0000 0400 0000 frequency Time base frequency (read-only)
2828 RISC-V F-extension registers represent the single precision floating point
2833 Following are the RISC-V F-extension registers:
2844 RISC-V D-extension registers represent the double precision floating point
2848 0x8030 0000 06 <index into the __riscv_d_ext_state struct:24> (non-fcsr)
2850 Following are the RISC-V D-extension registers:
2863 --------------------
2893 ----------------------
2899 :Returns: 0 on success, -1 on error
2910 load-link/store-conditional, or equivalent must be used. There are two cases
2917 -------------------
2923 :Returns: >0 on delivery, 0 if guest blocked the MSI, and -1 on error
2925 Directly inject a MSI message. Only valid with in-kernel irqchip that handles
2940 KVM_MSI_VALID_DEVID: devid contains a valid value. The per-VM
2951 address_hi bits 31-8 provide bits 31-8 of the destination id. Bits 7-0 of
2956 --------------------
2962 :Returns: 0 on success, -1 on error
2964 Creates an in-kernel device model for the i8254 PIT. This call is only valid
2965 after enabling in-kernel irqchip support via KVM_CREATE_IRQCHIP. The following
2977 PIT timer interrupts may use a per-VM kernel thread for injection. If it
2980 kvm-pit/<owner-process-pid>
2989 -----------------
2995 :Returns: 0 on success, -1 on error
2997 Retrieves the state of the in-kernel PIT model. Only valid after
3017 -----------------
3023 :Returns: 0 on success, -1 on error
3025 Sets the state of the in-kernel PIT model. Only valid after KVM_CREATE_PIT2.
3032 --------------------------
3038 :Returns: 0 on success, -1 on error
3043 device-tree properties for the guest operating system.
3057 - KVM_PPC_PAGE_SIZES_REAL:
3062 - KVM_PPC_1T_SEGMENTS
3066 - KVM_PPC_NO_HASH
3107 --------------
3113 :Returns: 0 on success, -1 on error
3123 With KVM_CAP_IRQFD_RESAMPLE, KVM_IRQFD supports a de-assert and notify
3124 mechanism allowing emulation of level-triggered, irqfd-based
3129 as from an EOI, the gsi is de-asserted and the user is notified via
3130 kvm_irqfd.resamplefd. It is the user's responsibility to re-queue
3138 - in case no routing entry is associated to this gsi, injection fails
3139 - in case the gsi is associated to an irqchip routing entry,
3141 - in case the gsi is associated to an MSI routing entry, the MSI
3143 to GICv3 ITS in-kernel emulation).
3146 --------------------------
3152 :Returns: 0 on success, -1 on error
3164 The parameter is a pointer to a 32-bit unsigned integer variable
3171 default-sized hash table (16 MB).
3179 real-mode area (VRMA) facility, the kernel will re-create the VMRA
3183 -----------------------
3189 :Returns: 0 on success, -1 on error
3205 - sigp stop; optional flags in parm
3207 - program check; code in parm
3209 - sigp set prefix; prefix address in parm
3211 - restart
3213 - clock comparator interrupt
3215 - CPU timer interrupt
3217 - virtio external interrupt; external interrupt
3220 - sclp external interrupt; sclp parameter in parm
3222 - sigp emergency; source cpu in parm
3224 - sigp external call; source cpu in parm
3226 - compound value to indicate an
3227 I/O interrupt (ai - adapter interrupt; cssid,ssid,schid - subchannel);
3231 - machine check interrupt; cr 14 bits in parm, machine check interrupt
3238 ------------------------
3244 :Returns: file descriptor number (>= 0) on success, -1 on error
3293 ----------------------
3298 :Returns: 0 on success, -1 on error
3331 --------------------------------------------
3338 :Returns: 0 on success, -1 on error
3346 (e.g. read-only attribute, or attribute that only makes
3353 semantics are device-specific. See individual device documentation in
3361 __u32 group; /* device-defined */
3362 __u64 attr; /* group-defined */
3367 ------------------------
3374 :Returns: 0 on success, -1 on error
3389 ----------------------
3395 :Returns: 0 on success; -1 on error
3410 - Processor state:
3415 - General Purpose registers, including PC and SP: set to 0
3416 - FPSIMD/NEON registers: set to 0
3417 - SVE registers: set to 0
3418 - System registers: Reset to their architecturally defined
3431 - KVM_ARM_VCPU_POWER_OFF: Starts the CPU in a power-off state.
3434 - KVM_ARM_VCPU_EL1_32BIT: Starts the CPU in a 32bit mode.
3436 - KVM_ARM_VCPU_PSCI_0_2: Emulate PSCI v0.2 (or a future revision
3439 - KVM_ARM_VCPU_PMU_V3: Emulate PMUv3 for the CPU.
3442 - KVM_ARM_VCPU_PTRAUTH_ADDRESS: Enables Address Pointer authentication
3450 - KVM_ARM_VCPU_PTRAUTH_GENERIC: Enables Generic Pointer authentication
3458 - KVM_ARM_VCPU_SVE: Enables SVE for the CPU (arm64 only).
3464 - KVM_REG_ARM64_SVE_VLS may be read using KVM_GET_ONE_REG: the
3465 initial value of this pseudo-register indicates the best set of
3470 - KVM_RUN and KVM_GET_REG_LIST are not available;
3472 - KVM_GET_ONE_REG and KVM_SET_ONE_REG cannot be used to access
3477 - KVM_REG_ARM64_SVE_VLS may optionally be written using
3483 - the KVM_REG_ARM64_SVE_VLS pseudo-register is immutable, and can
3487 -----------------------------
3493 :Returns: 0 on success; -1 on error
3506 kvm_vcpu_init->features bitmap returned will have feature bits set if
3516 ---------------------
3522 :Returns: 0 on success; -1 on error
3543 -----------------------------------------
3549 :Returns: 0 on success, -1 on error
3579 arm64 currently only require this when using the in-kernel GIC
3585 base addresses will return -EEXIST.
3592 ------------------------------
3598 :Returns: 0 on success, -1 on error
3603 of a service that has a kernel-side implementation. If the token
3604 value is non-zero, it will be associated with that service, and
3612 ------------------------
3618 :Returns: 0 on success; -1 on error
3633 - KVM_GUESTDBG_ENABLE: guest debugging is enabled
3634 - KVM_GUESTDBG_SINGLESTEP: the next run should single-step
3639 - KVM_GUESTDBG_USE_SW_BP: using software breakpoints [x86, arm64]
3640 - KVM_GUESTDBG_USE_HW_BP: using hardware breakpoints [x86, s390]
3641 - KVM_GUESTDBG_USE_HW: using hardware debug events [arm64]
3642 - KVM_GUESTDBG_INJECT_DB: inject DB type exception [x86]
3643 - KVM_GUESTDBG_INJECT_BP: inject BP type exception [x86]
3644 - KVM_GUESTDBG_EXIT_PENDING: trigger an immediate guest exit [s390]
3645 - KVM_GUESTDBG_BLOCKIRQ: avoid injecting interrupts/NMI/SMI [x86]
3663 the single-step debug event (KVM_GUESTDBG_SINGLESTEP) is supported.
3673 ---------------------------
3679 :Returns: 0 on success, -1 on error
3714 the variable-size array 'entries'. If the number of entries is too low
3748 --------------------
3755 < 0 on generic error (e.g. -EFAULT or -ENOMEM),
3810 Logical accesses are permitted for non-protected guests only.
3828 translation-exception identifier (TEID) indicates suppression.
3851 Absolute accesses are permitted for non-protected guests only.
3871 -----------------------
3897 will cause the ioctl to return -EINVAL.
3903 -----------------------
3921 will cause the ioctl to return -EINVAL.
3928 the ioctl will return -EINVAL.
3931 -----------------
3937 :Returns: 0 on success, -1 on error
3978 - KVM_S390_SIGP_STOP - sigp stop; parameter in .stop
3979 - KVM_S390_PROGRAM_INT - program check; parameters in .pgm
3980 - KVM_S390_SIGP_SET_PREFIX - sigp set prefix; parameters in .prefix
3981 - KVM_S390_RESTART - restart; no parameters
3982 - KVM_S390_INT_CLOCK_COMP - clock comparator interrupt; no parameters
3983 - KVM_S390_INT_CPU_TIMER - CPU timer interrupt; no parameters
3984 - KVM_S390_INT_EMERGENCY - sigp emergency; parameters in .emerg
3985 - KVM_S390_INT_EXTERNAL_CALL - sigp external call; parameters in .extcall
3986 - KVM_S390_MCHK - machine check interrupt; parameters in .mchk
3991 ---------------------------
3998 -EINVAL if buffer size is 0,
3999 -ENOBUFS if buffer size is too small to fit all pending interrupts,
4000 -EFAULT if the buffer address was invalid
4018 the kernel never checked for flags == 0 and QEMU never pre-zeroed flags and
4022 If -ENOBUFS is returned the buffer provided was too small and userspace
4026 ---------------------------
4033 -EFAULT if the buffer address was invalid,
4034 -EINVAL for an invalid buffer length (see below),
4035 -EBUSY if there were already interrupts pending,
4039 This ioctl allows userspace to set the complete state of all cpu-local
4061 which is the maximum number of possibly pending cpu-local interrupts.
4064 ------------
4070 :Returns: 0 on success, -1 on error
4075 ----------------------------
4142 default KVM in-kernel emulation behavior is fully preserved.
4182 ----------------------------
4215 -------------------------
4222 -EFAULT if struct kvm_reinject_control cannot be read,
4223 -ENXIO if KVM_CREATE_PIT or KVM_CREATE_PIT2 didn't succeed earlier.
4242 ------------------------------
4249 -EFAULT if struct kvm_ppc_mmuv3_cfg cannot be read,
4250 -EINVAL if the configuration is invalid
4276 ---------------------------
4283 -EFAULT if struct kvm_ppc_rmmu_info cannot be written,
4284 -EINVAL if no useful information can be returned
4313 --------------------------------
4322 -EFAULT if struct kvm_reinject_control cannot be read,
4323 -EINVAL if the supplied shift or flags are invalid,
4324 -ENOMEM if unable to allocate the new HPT,
4357 returns 0 (i.e. cancels any in-progress preparation).
4360 flags will result in an -EINVAL.
4367 -------------------------------
4374 -EFAULT if struct kvm_reinject_control cannot be read,
4375 -EINVAL if the supplied shift or flags are invalid,
4376 -ENXIO is there is no pending HPT, or the pending HPT doesn't
4378 -EBUSY if the pending HPT is not fully prepared,
4379 -ENOSPC if there was a hash collision when moving existing
4381 -EIO on other error conditions
4398 KVM_PPC_RESIZE_HPT_COMMIT will return an error (usually -ENXIO or
4399 -EBUSY, though others may be possible if the preparation was started,
4412 -----------------------------------
4418 :Returns: 0 on success, -1 on error
4425 -----------------------
4432 -EFAULT if u64 mcg_cap cannot be read,
4433 -EINVAL if the requested number of banks is invalid,
4434 -EINVAL if requested MCE capability is not supported.
4439 supported number of error-reporting banks can be retrieved when
4444 ---------------------
4451 -EFAULT if struct kvm_x86_mce cannot be read,
4452 -EINVAL if the bank number is invalid,
4453 -EINVAL if VAL bit is not set in status field.
4478 ----------------------------
4489 - During live migration to save the CMMA values. Live migration needs
4491 - To non-destructively peek at the CMMA values, with the flag
4522 KVM_S390_SKEYS_MAX. KVM_S390_SKEYS_MAX is re-used for consistency with
4566 This ioctl can fail with -ENOMEM if not enough memory can be allocated to
4567 complete the task, with -ENXIO if CMMA is not enabled, with -EINVAL if
4569 -EFAULT if the userspace address is invalid or if no page table is
4573 ----------------------------
4612 This ioctl can fail with -ENOMEM if not enough memory can be allocated to
4613 complete the task, with -ENXIO if CMMA is not enabled, with -EINVAL if
4615 if the flags field was not 0, with -EFAULT if the userspace address is
4621 --------------------------
4628 -EFAULT if struct kvm_ppc_cpu_char cannot be written
4633 CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754). The information is
4650 with preventing inadvertent information disclosure - specifically,
4651 whether there is an instruction to flash-invalidate the L1 data cache
4668 ---------------------------
4674 :Returns: 0 on success; -1 on error
4677 for issuing platform-specific memory encryption commands to manage those
4682 Documentation/virt/kvm/x86/amd-memory-encryption.rst.
4685 -----------------------------------
4691 :Returns: 0 on success; -1 on error
4696 It is used in the SEV-enabled guest. When encryption is enabled, a guest
4709 -------------------------------------
4715 :Returns: 0 on success; -1 on error
4721 ------------------------
4729 the specified Hyper-V connection id through the SIGNAL_EVENT hypercall, without
4730 causing a user exit. SIGNAL_EVENT hypercall with non-zero event flag number
4731 (bits 24-31) still triggers a KVM_EXIT_HYPERV_HCALL user exit.
4751 -EINVAL if conn_id or flags is outside the allowed range,
4752 -ENOENT on deassign if the conn_id isn't registered,
4753 -EEXIST on assign if the conn_id is already registered
4756 --------------------------
4762 :Returns: 0 on success, -1 on error
4830 --------------------------
4836 :Returns: 0 on success, -1 on error
4842 -------------------------------------
4871 ------------------------------------
4877 :Returns: 0 on success, -1 on error
4899 in KVM's dirty bitmap, and dirty tracking is re-enabled for that page
4900 (for example via write-protection, or by clearing the dirty bit in
4903 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of slot field specifies
4913 --------------------------------
4919 :Returns: 0 on success, -1 on error
4940 This ioctl returns x86 cpuid features leaves related to Hyper-V emulation in
4942 cpuid information presented to guests consuming Hyper-V enlightenments (e.g.
4943 Windows or Hyper-V guests).
4945 CPUID feature leaves returned by this ioctl are defined by Hyper-V Top Level
4952 - HYPERV_CPUID_VENDOR_AND_MAX_FUNCTIONS
4953 - HYPERV_CPUID_INTERFACE
4954 - HYPERV_CPUID_VERSION
4955 - HYPERV_CPUID_FEATURES
4956 - HYPERV_CPUID_ENLIGHTMENT_INFO
4957 - HYPERV_CPUID_IMPLEMENT_LIMITS
4958 - HYPERV_CPUID_NESTED_FEATURES
4959 - HYPERV_CPUID_SYNDBG_VENDOR_AND_MAX_FUNCTIONS
4960 - HYPERV_CPUID_SYNDBG_INTERFACE
4961 - HYPERV_CPUID_SYNDBG_PLATFORM_CAPABILITIES
4964 with the 'nent' field indicating the number of entries in the variable-size
4965 array 'entries'. If the number of entries is too low to describe all Hyper-V
4967 to the number of Hyper-V feature leaves, the 'nent' field is adjusted to the
4977 - HYPERV_CPUID_NESTED_FEATURES leaf and HV_X64_ENLIGHTENED_VMCS_RECOMMENDED
4980 - HV_STIMER_DIRECT_MODE_AVAILABLE bit is only exposed with in-kernel LAPIC.
4984 ---------------------------
4989 :Returns: 0 on success, -1 on error
5015 that should be performaned and how to do it are feature-dependent.
5019 -EPERM unless the feature has already been finalized by means of a
5026 ------------------------------
5032 :Returns: 0 on success, -1 on error
5060 ---------------------
5084 ---------------------------
5096 ----------------------------
5109 --------------------------
5123 -------------------------
5134 __u32 cmd; /* Command to be executed */
5150 **cmd values:**
5168 again. All registered VCPUs are converted back to non-protected
5266 not succeed all other subcommands will fail with -EINVAL. This
5267 subcommand will return -EINVAL if a dump process has not yet been
5293 --------------------------
5337 Sets the ABI mode of the VM to 32-bit or 64-bit (long mode). This
5361 This is the HVM-wide vector injected directly by the hypervisor
5380 the 32-bit version code returned to the guest when it invokes the
5387 --------------------------
5400 ---------------------------
5467 other four times. The state field must be set to -1, or to a valid
5475 vCPU ID of the given vCPU, to allow timer-related VCPU operations to
5487 per-vCPU local APIC upcall vector, configured by a Xen guest with
5489 used by Windows guests, and is distinct from the HVM-wide upcall
5494 ---------------------------
5509 ---------------------------
5515 :Returns: number of bytes copied, < 0 on error (-EINVAL for incorrect
5516 arguments, -EFAULT if memory cannot be accessed).
5546 --------------------
5552 :Returns: 0 on success, -1 on error
5579 --------------------
5585 :Returns: 0 on success, -1 on error
5592 ----------------------
5611 +-------------+
5613 +-------------+
5615 +-------------+
5617 +-------------+
5619 +-------------+
5709 Bits 0-3 of ``flags`` encode the type:
5731 is [``hist_param``*(N-1), ``hist_param``*N), while the range of the last
5732 bucket is [``hist_param``*(``size``-1), +INF). (+INF means positive infinity
5737 [0, 1), while the range of the last bucket is [pow(2, ``size``-2), +INF).
5739 [pow(2, N-2), pow(2, N-1)).
5741 Bits 4-7 of ``flags`` encode the unit:
5764 Bits 8-11 of ``flags``, together with ``exponent``, encode the scale of the
5769 CPU clock cycles. For example, an exponent of -9 can be used with
5785 bucket in the unit expressed by bits 4-11 of ``flags`` together with ``exponent``.
5791 The Stats Data block contains an array of 64-bit values in the same order
5795 --------------------
5801 :Returns: 0 on success, -1 on error
5822 -----------------------------
5842 -----------------------------
5851 for vcpus. It re-uses the kvm_s390_pv_dmp struct and hence also shares
5867 ----------------------
5875 Used to manage hardware-assisted virtualization features for zPCI devices.
5935 This field is polled once when KVM_RUN starts; if non-zero, KVM_RUN
5936 exits immediately, returning -EINTR. In the common scenario where a
5940 a signal handler that sets run->immediate_exit to a non-zero value.
5966 The value of the current interrupt flag. Only valid if in-kernel
5973 More architecture-specific flags detailing state of the VCPU that may
5988 The value of the cr8 register. Only valid if in-kernel local APIC is
5995 The value of the APIC BASE msr. Only valid if in-kernel local
6007 reasons. Further architecture-specific information is available in
6019 to unknown reasons. Further architecture-specific information is
6072 executed a memory-mapped I/O instruction which could not be satisfied
6085 has re-entered the kernel with KVM_RUN. The kernel side will first finish
6090 completed before performing a live migration. Userspace can re-enter the
6161 (DAT)
6172 Deprecated - was used for 440 KVM.
6198 This is used on 64-bit PowerPC when emulating a pSeries partition,
6202 the arguments (from the guest R4 - R12). Userspace should put the
6263 a system-level event using some architecture specific mechanism (hypercall
6267 The 'type' field describes the system-level event type.
6270 - KVM_SYSTEM_EVENT_SHUTDOWN -- the guest has requested a shutdown of the
6274 - KVM_SYSTEM_EVENT_RESET -- the guest has requested a reset of the VM.
6277 - KVM_SYSTEM_EVENT_CRASH -- the guest crash occurred and the guest
6281 - KVM_SYSTEM_EVENT_SEV_TERM -- an AMD SEV guest requested termination.
6283 - KVM_SYSTEM_EVENT_WAKEUP -- the exiting vCPU is in a suspended state and
6286 - KVM_SYSTEM_EVENT_SUSPEND -- the guest has requested a suspension of
6290 architecture specific information for the system-level event. Only
6293 - for arm64, data[0] is set to KVM_SYSTEM_EVENT_RESET_FLAG_PSCI_RESET2 if
6297 - for RISC-V, data[0] is set to the value of the second argument of the
6305 --------------
6315 the call parameters are left in-place in the vCPU registers.
6320 - Honor the guest request to suspend the VM. Userspace can request
6321 in-kernel emulation of suspension by setting the calling vCPU's
6327 - Deny the guest request to suspend the VM. See ARM DEN0022D.b 5.19.2
6337 Indicates that the VCPU's in-kernel local APIC received an EOI for a
6338 level-triggered IOAPIC interrupt. This exit only triggers when the
6380 related to Hyper-V emulation.
6384 - KVM_EXIT_HYPERV_SYNIC -- synchronously notify user-space about
6386 Hyper-V SynIC state change. Notification is used to remap SynIC
6390 - KVM_EXIT_HYPERV_SYNDBG -- synchronously notify user-space about
6392 Hyper-V Synthetic debugger state change. Notification is used to either update
6411 the VM. KVM assumed that if the guest accessed non-memslot memory, it was
6434 __u8 error; /* user -> kernel */
6436 __u32 reason; /* kernel -> user */
6437 __u32 index; /* kernel -> user */
6438 __u64 data; /* kernel <-> user */
6450 KVM_MSR_EXIT_REASON_UNKNOWN - access to MSR that is unknown to KVM
6451 KVM_MSR_EXIT_REASON_INVAL - access to invalid MSRs or reserved bits
6452 KVM_MSR_EXIT_REASON_FILTER - access blocked by KVM_X86_SET_MSR_FILTER
6492 - KVM_EXIT_XEN_HCALL -- synchronously notify user-space about Xen hypercall.
6507 done a SBI call which is not handled by KVM RISC-V kernel module. The details
6513 values of SBI call before resuming the VCPU. For more details on RISC-V SBI
6514 spec refer, https://github.com/riscv/riscv-sbi-doc.
6525 enabled, a VM exit generated if no event window occurs in VM non-root mode
6533 - KVM_NOTIFY_CONTEXT_INVALID -- the VM context is corrupted and not valid
6589 whether this is a per-vcpu or per-vm capability.
6600 -------------------
6605 :Returns: 0 on success; -1 on error
6609 were invented by Mac-on-Linux to have a standardized communication mechanism
6616 --------------------
6621 :Returns: 0 on success; -1 on error
6637 ------------------
6642 :Returns: 0 on success; -1 on error
6655 addresses of mmu-type-specific data structures. The "array_len" field is an
6671 - The "params" field is of type "struct kvm_book3e_206_tlb_params".
6672 - The "array" field points to an array of type "struct
6674 - The array consists of all entries in the first TLB, followed by all
6676 - Within a TLB, entries are ordered first by increasing set number. Within a
6678 - The hash for determining set number in TLB0 is: (MAS2 >> 12) & (num_sets - 1)
6680 - The tsize field of mas1 shall be set to 4K on TLB0, even though the
6684 ----------------------------
6689 :Returns: 0 on success; -1 on error
6694 handled in-kernel, while the other I/O instructions are passed to userspace.
6699 Note that even though this capability is enabled per-vcpu, the complete
6703 -------------------
6708 :Returns: 0 on success; -1 on error
6722 --------------------
6728 This capability connects the vcpu to an in-kernel MPIC device.
6731 --------------------
6738 This capability connects the vcpu to an in-kernel XICS device.
6741 ------------------------
6747 This capability enables the in-kernel irqchip for s390. Please refer to
6751 --------------------
6765 ---------------------
6778 ----------------------
6783 :Returns: x86: KVM_CHECK_EXTENSION returns a bit-array indicating which register
6799 - the register sets to be copied out to kvm_run are selectable
6801 - vcpu_events are available in addition to regs and sregs.
6804 function as an input bit-array field set by userspace to indicate the
6824 -------------------------
6831 This capability connects the vcpu to an in-kernel XIVE device.
6856 ----------------------------
6860 args[1] is 0 to disable, 1 to enable in-kernel handling
6863 get handled by the kernel or not. Enabling or disabling in-kernel
6865 initial set of hcalls are enabled for in-kernel handling, which
6866 consists of those hcalls for which in-kernel handlers were implemented
6873 If the hcall number specified is not one that has an in-kernel
6878 --------------------------
6887 - SENSE
6888 - SENSE RUNNING
6889 - EXTERNAL CALL
6890 - EMERGENCY SIGNAL
6891 - CONDITIONAL EMERGENCY SIGNAL
6900 ---------------------------------
6908 return -EINVAL if the machine does not support vectors.
6911 --------------------------
6916 This capability allows post-handlers for the STSI instruction. After
6921 vcpu->run::
6932 @addr - guest address of STSI SYSIB
6933 @fc - function code
6934 @sel1 - selector 1
6935 @sel2 - selector 2
6936 @ar - access register number
6938 KVM handlers should exit to userspace with rc = -EREMOTE.
6941 -------------------------
6944 :Parameters: args[0] - number of routes reserved for userspace IOAPICs
6945 :Returns: 0 on success, -1 on error
6955 for the IOAPIC pins. Whenever the LAPIC receives an EOI for these routes,
6962 -------------------
6967 Allows use of runtime-instrumentation introduced with zEC12 processor.
6968 Will return -EINVAL if the machine does not support runtime-instrumentation.
6969 Will return -EBUSY if a VCPU has already been created.
6972 ----------------------
6975 :Parameters: args[0] - features that should be enabled
6976 :Returns: 0 on success, -EINVAL when args[0] contains invalid features
6985 allowing the use of 32-bit APIC IDs. See KVM_CAP_X2APIC_API in their
6992 where 0xff represents CPUs 0-7 in cluster 0.
6995 ----------------------------
7002 mechanism e.g. to realize 2-byte software breakpoints. The kernel will
7010 -------------------
7014 :Returns: 0 on success; -EINVAL if the machine does not support
7015 guarded storage; -EBUSY if a VCPU has already been created.
7020 ---------------------
7025 Allow use of adapter-interruption suppression.
7026 :Returns: 0 on success; -EBUSY if a VCPU has already been created.
7029 --------------------
7047 ----------------------
7059 ------------------------------
7063 :Returns: 0 on success, -EINVAL when args[0] contains invalid exits
7082 --------------------------
7086 :Returns: 0 on success, -EINVAL if hpage module parameter was not set
7094 hpage module parameter is not set to 1, -EINVAL is returned.
7100 ------------------------------
7110 --------------------------
7114 :Returns: 0 on success, -EINVAL when the implementation doesn't support
7115 nested-HV virtualization.
7117 HV-KVM on POWER9 and later systems allows for "nested-HV"
7119 can run using the CPU's supervisor mode (privileged non-hypervisor
7122 kvm-hv module parameter.
7125 ------------------------------
7131 emulated VM-exit when L1 intercepts a #PF exception that occurs in
7132 L2. Similarly, for kvm-intel only, DR6 will not be modified prior to
7133 the emulated VM-exit when L1 intercepts a #DB exception that occurs in
7139 exception.has_payload and to put the faulting address - or the new DR6
7140 bits\ [#]_ - in the exception_payload field.
7161 automatically clear and write-protect all pages that are returned as dirty.
7167 KVM_CLEAR_DIRTY_LOG ioctl can operate on a 64-page granularity rather
7192 ------------------------------
7209 ----------------------
7214 :Returns: 0 on success; -1 on error
7217 maximum halt-polling time for all vCPUs in the target VM. This capability can
7219 maximum halt-polling time.
7221 See Documentation/virt/kvm/halt-polling.rst for more information on halt
7225 -------------------------------
7230 :Returns: 0 on success; -1 on error
7247 -------------------------------
7252 :Returns: 0 on success, -EINVAL when args[0] contains invalid bits
7278 KVM_RUN_BUS_LOCK flag in vcpu-run->flags field and exit to userspace. Concerning
7284 ----------------------
7288 :Returns: 0 on success, -EINVAL when CPU doesn't support 2nd DAWR
7295 -------------------------------------
7305 This is intended to support in-guest workloads scheduled by the host. This
7306 allows the in-guest workload to maintain its own NPTs and keeps the two vms
7311 --------------------------
7316 :Returns: 0 on success, -EINVAL if the file handle is invalid or if a requested
7334 -------------------------------
7345 IBM pSeries (sPAPR) guest starts using it if "hcall-rpt-invalidate" is
7346 present in the "ibm,hypertas-functions" device-tree property.
7352 --------------------------------------
7370 --------------------
7387 not-shareable (no MAP_SHARED), attempts to create a memslot with a
7388 MAP_SHARED mmap will result in an -EINVAL return.
7394 -------------------------------------
7404 This is intended to support intra-host migration of VMs between userspace VMMs,
7408 -------------------------------
7418 This capability allows a guest kernel to use a better-performance mode for
7422 ----------------------------
7425 :Parameters: args[0] - set of KVM quirks to disable
7457 KVM_X86_QUIRK_OUT_7E_INC_RIP By default, KVM pre-increments %rip before
7460 KVM does not pre-increment %rip before
7494 ------------------------
7498 :Parameters: args[0] - maximum APIC ID value set for current VM
7499 :Returns: 0 on success, -EINVAL if args[0] is beyond KVM_MAX_VCPU_IDS
7515 ------------------------------
7520 :Returns: 0 on success, -EINVAL if args[0] contains invalid flags or notify
7530 in per-VM scope during VM creation. Notify VM exit is disabled by default.
7533 a VM exit if no event window occurs in VM non-root mode for a specified of
7550 ---------------------
7556 H_RANDOM hypercall backed by a hardware random-number generator.
7561 ------------------------
7567 Hyper-V Synthetic interrupt controller(SynIC). Hyper-V SynIC is
7568 used to support Windows Hyper-V based guest paravirt drivers(VMBus).
7573 by the CPU, as it's incompatible with SynIC auto-EOI behavior.
7576 -------------------------
7586 ---------------------------
7593 the POWER9 processor), including in-memory segment tables.
7596 -------------------
7626 -------------------
7640 ----------------------
7654 Both registers and addresses are 32-bits wide.
7655 It will only be possible to run 32-bit guest code.
7657 1 MIPS64 or microMIPS64 with access only to 32-bit compatibility segments.
7658 Registers are 64-bits wide, but addresses are 32-bits wide.
7659 64-bit guest code may run but cannot access MIPS64 memory segments.
7660 It will also be possible to run 32-bit guest code.
7663 Both registers and addresses are 64-bits wide.
7664 It will be possible to run 64-bit or 32-bit guest code.
7668 ------------------------
7673 that if userspace creates a VM without an in-kernel interrupt controller, it
7674 will be notified of changes to the output level of in-kernel emulated devices,
7677 updates the vcpu's run->s.regs.device_irq_level field to represent the actual
7683 userspace can always sample the device output level and re-compute the state of
7685 of run->s.regs.device_irq_level on every kvm exit.
7686 The value in run->s.regs.device_irq_level can represent both level and edge
7688 signals will exit to userspace with the bit in run->s.regs.device_irq_level
7691 The field run->s.regs.device_irq_level is available independent of
7692 run->kvm_valid_regs or run->kvm_dirty_regs bits.
7696 and thereby which bits in run->s.regs.device_irq_level can signal values.
7702 KVM_ARM_DEV_EL1_VTIMER - EL1 virtual timer
7703 KVM_ARM_DEV_EL1_PTIMER - EL1 physical timer
7704 KVM_ARM_DEV_PMU - ARM PMU overflow interrupt signal
7711 -----------------------------
7721 --------------------------
7725 This capability enables a newer version of Hyper-V Synthetic interrupt
7731 ----------------------------
7741 -------------------------------
7751 ---------------------
7758 ----------------------
7767 ---------------------
7772 use copy-on-write semantics as well as dirty pages tracking via read-only page
7776 ---------------------
7785 ----------------------------
7789 This capability indicates that KVM supports paravirtualized Hyper-V TLB Flush
7795 ----------------------------------
7810 ----------------------------
7814 This capability indicates that KVM supports paravirtualized Hyper-V IPI send
7819 -----------------------------------
7823 This capability indicates that KVM running on top of Hyper-V hypervisor
7825 hypercalls are handled by Level 0 hypervisor (Hyper-V) bypassing KVM.
7826 Due to the different ABI for hypercall parameters between Hyper-V and
7829 flush hypercalls by Hyper-V) so userspace should disable KVM identification
7830 in CPUID and only exposes Hyper-V identification. In this case, guest
7831 thinks it's running on Hyper-V and only use Hyper-V hypercalls.
7834 -----------------------------
7842 ---------------------------
7853 -----------------------
7859 architecture-specific interfaces. This capability and the architecture-
7866 -------------------------
7876 an 8-byte value consisting of a one-byte Control Program Name Code (CPNC) and
7877 a 7-byte Control Program Version Code (CPVC). The CPNC determines what
7886 -------------------------------
7897 ---------------------------
7911 -------------------------------------
7921 ----------------------------------------------------------
7924 :Parameters: args[0] - size of the dirty log ring
7964 00 -----------> 01 -------------> 1X -------+
7967 +------------------------------------------+
7981 using load-acquire/store-release accessors when available, or any
8009 machine will switch to ring-buffer dirty page tracking and further
8016 Architecture with TSO-like ordering (such as x86) are allowed to
8021 --------------------
8049 The KVM_XEN_HVM_CONFIG_RUNSTATE flag indicates that the runstate-related
8066 -------------------------
8081 IBM pSeries (sPAPR) guest starts using them if "hcall-multi-tce" is
8082 present in the "ibm,hypertas-functions" device-tree property.
8092 --------------------
8101 ---------------------------------
8105 When enabled, KVM will disable emulated Hyper-V features provided to the
8106 guest according to the bits Hyper-V CPUID feature leaves. Otherwise, all
8107 currently implmented Hyper-V features are provided unconditionally when
8108 Hyper-V identification is set in the HYPERV_CPUID_INTERFACE (0x40000001)
8112 ---------------------------
8131 ---------------------------
8137 :Returns 0 on success, -EINVAL when arg[0] contains invalid bits
8153 -------------------------------
8163 --------------------------------
8176 -------------------------------------
8182 :Returns: 0 on success, -EPERM if the userspace process does not
8183 have CAP_SYS_BOOT, -EINVAL if args[0] is not 0 or any vCPUs have been
8193 ------------------------------
8214 When getting the Modified Change Topology Report value, the attr->addr
8228 --------
8242 ``KVM_ENABLE_CAP(KVM_CAP_IRQCHIP_SPLIT)`` are used to enable in-kernel emulation of
8249 has enabled in-kernel emulation of the local APIC.