Lines Matching +full:ipa +full:- +full:clock +full:- +full:enabled +full:- +full:valid
1 .. SPDX-License-Identifier: GPL-2.0
4 The Definitive KVM (Kernel-based Virtual Machine) API Documentation
24 - System ioctls: These query and set global attributes which affect the
28 - VM ioctls: These query and set attributes that affect an entire virtual
35 - vcpu ioctls: These query and set attributes that control the operation
43 - device ioctls: These query and set attributes that control the operation
56 capabilities also need to be enabled for VMs or VCPUs where their
92 facility that allows backward-compatible extensions to the API to be
133 -----------------------
150 -----------------
184 On arm64, the physical address size for a VM (IPA Size limit) is limited
189 address used by the VM. The IPA_Bits is encoded in bits[7-0] of the
207 ioctl() at run-time.
209 Creation of the VM will fail if the requested IPA size (whether it is
212 Please note that configuring the IPA size does not affect the capability
219 ----------------------------------------------------------
225 :Returns: 0 on success; -1 on error
263 -----------------------
282 --------------------------
295 the VCPU file descriptor can be mmap-ed, including:
297 - if KVM_CAP_COALESCED_MMIO is available, a page at
302 - if KVM_CAP_DIRTY_LOG_RING is available, a number of pages at
308 -------------------
314 :Returns: vcpu fd on success, -1 on error
320 the KVM_CHECK_EXTENSION ioctl() at run-time.
322 KVM_CAP_MAX_VCPUS of the KVM_CHECK_EXTENSION ioctl() at run-time.
330 KVM_CAP_MAX_VCPU_ID of the KVM_CHECK_EXTENSION ioctl() at run-time.
345 single-threaded guest vcpus, it should make all vcpu ids be a multiple
355 ---------------------
361 :Returns: 0 on success, -1 on error
380 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of slot field specifies
385 KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2 is enabled. For more information,
393 ------------
399 :Returns: 0 on success, -1 on error
408 KVM_CAP_ARM_NISV_TO_USER not enabled (arm64)
420 -----------------
426 :Returns: 0 on success, -1 on error
460 -----------------
466 :Returns: 0 on success, -1 on error
474 ------------------
480 :Returns: 0 on success, -1 on error
497 /* ppc -- see arch/powerpc/include/uapi/asm/kvm.h */
505 ------------------
511 :Returns: 0 on success, -1 on error
518 ------------------
524 :Returns: 0 on success, -1 on error
537 __u8 valid;
545 ------------------
570 -EEXIST if an interrupt is already enqueued
571 -EINVAL the irq number is invalid
572 -ENXIO if the PIC is in the kernel
573 -EFAULT if the pointer is invalid
577 ioctl is useful if the in-kernel PIC is not used.
617 RISC-V:
644 -----------------
651 -1 on error
654 Reads the values of MSR-based features that are available for the VM. This
656 The list of msr-based features can be obtained using KVM_GET_MSR_FEATURE_INDEX_LIST
660 Reads model-specific registers from the vcpu. Supported msr indices can
684 -----------------
690 :Returns: number of msrs successfully set (see below), -1 on error
692 Writes model-specific registers to the vcpu. See KVM_GET_MSRS for the
706 ------------------
712 :Returns: 0 on success, -1 on error
718 - If this IOCTL fails, KVM gives no guarantees that previous valid CPUID
721 - Using KVM_SET_CPUID{,2} after KVM_RUN, i.e. changing the guest vCPU model
723 - Using heterogeneous CPUID configurations, modulo APIC IDs, topology, etc...
746 ------------------------
752 :Returns: 0 on success, -1 on error
757 their traditional behaviour) will cause KVM_RUN to return with -EINTR.
772 ----------------
778 :Returns: 0 on success, -1 on error
810 ----------------
816 :Returns: 0 on success, -1 on error
848 -----------------------
854 :Returns: 0 on success, -1 on error
858 future vcpus to have a local APIC. IRQ routing for GSIs 0-15 is set to both
859 PIC and IOAPIC; GSI 16-23 only go to the IOAPIC.
865 Note that on s390 the KVM_CAP_S390_IRQCHIP vm capability needs to be enabled
870 -----------------
876 :Returns: 0 on success, -1 on error
880 been previously created with KVM_CREATE_IRQCHIP. Note that edge-triggered
883 On real hardware, interrupt pins can be active-low or active-high. This
888 (active-low/active-high) for level-triggered interrupts, and KVM used
890 active-low interrupts, the above convention is now valid on x86 too.
892 should not present interrupts to the guest as active-low unless this
893 capability is present (or unless it is not using the in-kernel irqchip,
898 in-kernel irqchip (GIC), and for in-kernel irqchip can tell the GIC to
907 - KVM_ARM_IRQ_TYPE_CPU:
908 out-of-kernel GIC: irq_id 0 is IRQ, irq_id 1 is FIQ
909 - KVM_ARM_IRQ_TYPE_SPI:
910 in-kernel GIC: SPI, irq_id between 32 and 1019 (incl.)
912 - KVM_ARM_IRQ_TYPE_PPI:
913 in-kernel GIC: PPI, irq_id between 16 and 31 (incl.)
924 injection of interrupts for the in-kernel irqchip. KVM_IRQ_LINE can always
939 --------------------
945 :Returns: 0 on success, -1 on error
964 --------------------
970 :Returns: 0 on success, -1 on error
989 -----------------------
995 :Returns: 0 on success, -1 on error
1000 page of a blob (32- or 64-bit, depending on the vcpu mode) to guest
1036 No other flags are currently valid in the struct kvm_xen_hvm_config.
1039 ------------------
1045 :Returns: 0 on success, -1 on error
1061 to make all VCPUs follow this clock, but the exact value read by each
1079 __u64 clock; /* kvmclock current value */
1089 ------------------
1095 :Returns: 0 on success, -1 on error
1114 __u64 clock; /* kvmclock current value */
1124 ------------------------
1131 :Returns: 0 on success, -1 on error
1176 - KVM_VCPUEVENT_VALID_SHADOW may be set to signal that
1177 interrupt.shadow contains a valid state.
1179 - KVM_VCPUEVENT_VALID_SMM may be set to signal that smi contains a
1180 valid state.
1182 - KVM_VCPUEVENT_VALID_PAYLOAD may be set to signal that the
1184 fields contain a valid state. This bit will be set whenever
1185 KVM_CAP_EXCEPTION_PAYLOAD is enabled.
1187 - KVM_VCPUEVENT_VALID_TRIPLE_FAULT may be set to signal that the
1188 triple_fault_pending field contains a valid state. This bit will
1189 be set whenever KVM_CAP_X86_TRIPLE_FAULT_EVENT is enabled.
1200 causes an SError to become pending. The event's description is only valid while
1206 guest-visible registers. It is not possible to 'cancel' an SError that has been
1209 A device being emulated in user-space may also wish to generate an SError. To do
1210 this the events structure can be populated by user-space. The current state
1219 always have a non-zero value when read, and the agent making an SError pending
1221 the system supports KVM_CAP_ARM_INJECT_SERROR_ESR, but user-space sets the events
1225 -EINVAL. Setting anything other than the lower 24bits of exception.serror_esr
1226 will return -EINVAL.
1247 ------------------------
1254 :Returns: 0 on success, -1 on error
1267 suppress overwriting the current in-kernel state. The bits are:
1272 KVM_VCPUEVENT_VALID_SMM transfer the smi sub-struct.
1276 the flags field to signal that interrupt.shadow contains a valid state and
1281 If KVM_CAP_EXCEPTION_PAYLOAD is enabled, KVM_VCPUEVENT_VALID_PAYLOAD
1284 contain a valid state and shall be written into the VCPU.
1286 If KVM_CAP_X86_TRIPLE_FAULT_EVENT is enabled, KVM_VCPUEVENT_VALID_TRIPLE_FAULT
1288 a valid state and shall be written into the VCPU.
1300 information or because there is no device mapped at the accessed IPA, then
1314 ----------------------
1320 :Returns: 0 on success, -1 on error
1336 ----------------------
1342 :Returns: 0 on success, -1 on error
1351 -------------------------------
1357 :Returns: 0 on success, -1 on error
1374 memory slot. Bits 0-15 of "slot" specify the slot id and this value
1379 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of "slot"
1406 to make a new slot read-only. In this case, writes to this memory will be
1415 Read only region isn't supported. Only as-id 0 is supported.
1417 Note: On arm64, a write generated by the page-table walker (to update
1421 page-table walker, making it impossible to emulate the access.
1422 Instead, an abort (data abort if the cause of the page-table update
1429 Returns -EINVAL or -EEXIST if the VM has the KVM_VM_S390_UCONTROL flag set.
1430 Returns -EINVAL if called on a protected VM.
1433 ---------------------
1439 :Returns: 0 on success, -1 on error
1441 This ioctl defines the physical address of a three-page region in the guest
1447 This ioctl is required on Intel-based hosts. This is needed on Intel hardware
1455 -------------------
1461 :Returns: 0 on success; -1 on error
1467 :Returns: 0 on success; -1 on error
1471 Not all extensions are enabled by default. Using this ioctl the application
1477 To check if a capability can be enabled, the KVM_CHECK_EXTENSION ioctl should
1486 The capability that is supposed to get enabled.
1506 The vcpu ioctl should be used for vcpu-specific capabilities, the vm ioctl
1507 for vm-wide capabilities.
1510 ---------------------
1516 :Returns: 0 on success; -1 on error
1524 Returns the vcpu's current "multiprocessing state" (though also valid on
1551 in-kernel irqchip, the multiprocessing state must be maintained by userspace on
1584 The only states that are valid are KVM_MP_STATE_STOPPED and
1591 ---------------------
1597 :Returns: 0 on success; -1 on error
1603 in-kernel irqchip, the multiprocessing state must be maintained by userspace on
1609 The only states that are valid are KVM_MP_STATE_STOPPED and
1616 ------------------------------
1622 :Returns: 0 on success, -1 on error
1624 This ioctl defines the physical address of a one-page region in the guest
1633 This ioctl is required on Intel-based hosts. This is needed on Intel hardware
1640 ------------------------
1646 :Returns: 0 on success, -1 on error
1655 ------------------
1661 :Returns: 0 on success, -1 on error
1675 ------------------
1681 :Returns: 0 on success, -1 on error
1696 enabled with ``arch_prctl()``, but this may change in the future.
1703 -----------------
1709 :Returns: 0 on success, -1 on error
1730 -----------------
1736 :Returns: 0 on success, -1 on error
1757 ----------------------------
1763 :Returns: 0 on success, -1 on error
1796 Dynamically-enabled feature bits need to be requested with
1806 with the 'nent' field indicating the number of entries in the variable-size
1810 number is just right, the 'nent' field is adjusted to the number of valid
1829 if the index field is valid
1836 may be returned as true, but they depend on KVM_CREATE_IRQCHIP for in-kernel
1849 -----------------------
1879 ------------------------
1885 :Returns: 0 on success, -1 on error
1891 - GSI routing does not apply to KVM_IRQ_LINE but only to KVM_IRQFD.
1928 error -EINVAL.
1932 - KVM_MSI_VALID_DEVID: used along with KVM_IRQ_ROUTING_MSI routing entry
1933 type, specifies that the devid field contains a valid value. The per-VM
1937 - zero otherwise
1961 feature of KVM_CAP_X2APIC_API capability is enabled. If it is enabled,
1962 address_hi bits 31-8 provide bits 31-8 of the destination id. Bits 7-0 of
1996 --------------------
2002 :Returns: 0 on success, -1 on error
2012 --------------------
2018 :Returns: virtual tsc-khz on success, negative value on error
2021 KHz. If the host has unstable tsc this ioctl returns -EIO instead as an
2026 ------------------
2032 :Returns: 0 on success, -1 on error
2045 enabled, then the format of APIC_ID register depends on the APIC mode
2047 the APIC_ID register (bytes 32-35). xAPIC only allows an 8-bit APIC ID
2048 which is stored in bits 31-24 of the APIC register, or equivalently in
2057 ------------------
2063 :Returns: 0 on success, -1 on error
2075 The format of the APIC ID register (bytes 32-35 of struct kvm_lapic_state's
2081 ------------------
2104 For the special case of virtio-ccw devices on s390, the ioevent is matched
2118 For virtio-ccw devices, addr contains the subchannel id and datamatch the
2127 ------------------
2133 :Returns: 0 on success, -1 on error
2153 The array is little-endian: the bit 0 is the least significant bit of the
2163 -------------------------
2172 is an IOMMU for PAPR-style virtual I/O. It is used to translate
2186 which this TCE table will translate - the table will contain one 64
2196 the entries written by kernel-handled H_PUT_TCE calls, and also lets
2202 ------------
2208 :Returns: 0 on success, -1 on error
2218 - pause the vcpu
2219 - read the local APIC's state (KVM_GET_LAPIC)
2220 - check whether changing LINT1 will queue an NMI (see the LVT entry for LINT1)
2221 - if so, issue KVM_NMI
2222 - resume the vcpu
2229 ----------------------
2251 ------------------------
2273 ------------------------
2291 --------------------
2534 ARM 32-bit CP15 registers have the following id bit patterns::
2538 ARM 64-bit CP15 registers have the following id bit patterns::
2546 ARM 32-bit VFP control registers have the following id bit patterns::
2550 ARM 64-bit FP registers have the following id bit patterns::
2554 ARM firmware pseudo-registers have the following bit pattern::
2562 arm64 core/FP-SIMD registers have the following id bit patterns. Note
2596 .. [1] These encodings are not accepted for SVE-enabled vcpus. See
2601 enabled (see below).
2621 arm64 firmware pseudo-registers have the following bit pattern::
2630 0x6060 0000 0015 ffff KVM_REG_ARM64_SVE_VLS pseudo-register
2633 ENOENT. max_vq is the vcpu's maximum supported vector length in 128-bit
2636 These registers are only accessible on vcpus for which SVE is enabled.
2644 KVM_REG_ARM64_SVE_VLS is a pseudo-register that allows the set of vector
2654 ((vector_lengths[(vq - KVM_ARM64_SVE_VQ_MIN) / 64] >>
2655 ((vq - KVM_ARM64_SVE_VQ_MIN) % 64)) & 1))
2677 is hardware-dependent and may not be available. Attempting to configure
2684 arm64 bitmap feature firmware pseudo-registers have the following bit pattern::
2698 a -EBUSY to userspace.
2711 patterns depending on whether they're 32-bit or 64-bit registers::
2713 0x7020 0000 0001 00 <reg:5> <sel:3> (32-bit)
2714 0x7030 0000 0001 00 <reg:5> <sel:3> (64-bit)
2739 0x7020 0000 0003 00 <0:3> <reg:5> (32-bit FPU registers)
2740 0x7030 0000 0003 00 <0:3> <reg:5> (64-bit FPU registers)
2741 0x7040 0000 0003 00 <0:3> <reg:5> (128-bit MSA vector registers)
2753 RISC-V registers are mapped using the lower 32 bits. The upper 8 bits of
2756 RISC-V config registers are meant for configuring a Guest VCPU and it has
2762 Following are the RISC-V config registers:
2774 RISC-V core registers represent the general execution state of a Guest VCPU
2780 Following are the RISC-V core registers:
2817 0x80x0 0000 0200 0020 mode Privilege mode (1 = S-mode or 0 = U-mode)
2820 RISC-V csr registers represent the supervisor mode control/status registers
2826 Following are the RISC-V csr registers:
2842 RISC-V timer registers represent the timer state of a Guest VCPU and it has
2847 Following are the RISC-V timer registers:
2852 0x8030 0000 0400 0000 frequency Time base frequency (read-only)
2858 RISC-V F-extension registers represent the single precision floating point
2863 Following are the RISC-V F-extension registers:
2874 RISC-V D-extension registers represent the double precision floating point
2878 0x8030 0000 06 <index into the __riscv_d_ext_state struct:24> (non-fcsr)
2880 Following are the RISC-V D-extension registers:
2897 0x9030 0000 0001 00 <reg:5> <sel:3> (64-bit)
2906 --------------------
2936 ----------------------
2942 :Returns: 0 on success, -1 on error
2953 load-link/store-conditional, or equivalent must be used. There are two cases
2960 -------------------
2966 :Returns: >0 on delivery, 0 if guest blocked the MSI, and -1 on error
2968 Directly inject a MSI message. Only valid with in-kernel irqchip that handles
2983 KVM_MSI_VALID_DEVID: devid contains a valid value. The per-VM
2993 feature of KVM_CAP_X2APIC_API capability is enabled. If it is enabled,
2994 address_hi bits 31-8 provide bits 31-8 of the destination id. Bits 7-0 of
2999 --------------------
3005 :Returns: 0 on success, -1 on error
3007 Creates an in-kernel device model for the i8254 PIT. This call is only valid
3008 after enabling in-kernel irqchip support via KVM_CREATE_IRQCHIP. The following
3016 Valid flags are::
3020 PIT timer interrupts may use a per-VM kernel thread for injection. If it
3023 kvm-pit/<owner-process-pid>
3032 -----------------
3038 :Returns: 0 on success, -1 on error
3040 Retrieves the state of the in-kernel PIT model. Only valid after
3049 Valid flags are::
3053 /* speaker port data bit enabled */
3060 -----------------
3066 :Returns: 0 on success, -1 on error
3068 Sets the state of the in-kernel PIT model. Only valid after KVM_CREATE_PIT2.
3075 --------------------------
3081 :Returns: 0 on success, -1 on error
3086 device-tree properties for the guest operating system.
3100 - KVM_PPC_PAGE_SIZES_REAL:
3105 - KVM_PPC_1T_SEGMENTS
3109 - KVM_PPC_NO_HASH
3150 --------------
3156 :Returns: 0 on success, -1 on error
3166 With KVM_CAP_IRQFD_RESAMPLE, KVM_IRQFD supports a de-assert and notify
3167 mechanism allowing emulation of level-triggered, irqfd-based
3172 as from an EOI, the gsi is de-asserted and the user is notified via
3173 kvm_irqfd.resamplefd. It is the user's responsibility to re-queue
3181 - in case no routing entry is associated to this gsi, injection fails
3182 - in case the gsi is associated to an irqchip routing entry,
3184 - in case the gsi is associated to an MSI routing entry, the MSI
3186 to GICv3 ITS in-kernel emulation).
3189 --------------------------
3195 :Returns: 0 on success, -1 on error
3207 The parameter is a pointer to a 32-bit unsigned integer variable
3214 default-sized hash table (16 MB).
3222 real-mode area (VRMA) facility, the kernel will re-create the VMRA
3226 -----------------------
3232 :Returns: 0 on success, -1 on error
3248 - sigp stop; optional flags in parm
3250 - program check; code in parm
3252 - sigp set prefix; prefix address in parm
3254 - restart
3256 - clock comparator interrupt
3258 - CPU timer interrupt
3260 - virtio external interrupt; external interrupt
3263 - sclp external interrupt; sclp parameter in parm
3265 - sigp emergency; source cpu in parm
3267 - sigp external call; source cpu in parm
3269 - compound value to indicate an
3270 I/O interrupt (ai - adapter interrupt; cssid,ssid,schid - subchannel);
3274 - machine check interrupt; cr 14 bits in parm, machine check interrupt
3281 ------------------------
3287 :Returns: file descriptor number (>= 0) on success, -1 on error
3319 series of valid HPT entries (16 bytes) each. The header indicates how
3320 many valid HPT entries there are and how many invalid entries follow
3321 the valid entries. The invalid entries are not represented explicitly
3331 header; first 'n_valid' valid entries with contents from the data
3333 valid entries found.
3336 ----------------------
3342 :Returns: 0 on success, -1 on error
3375 --------------------------------------------
3383 :Returns: 0 on success, -1 on error
3391 (e.g. read-only attribute, or attribute that only makes
3398 semantics are device-specific. See individual device documentation in
3406 __u32 group; /* device-defined */
3407 __u64 attr; /* group-defined */
3412 ------------------------
3419 :Returns: 0 on success, -1 on error
3436 ----------------------
3442 :Returns: 0 on success; -1 on error
3457 - Processor state:
3462 - General Purpose registers, including PC and SP: set to 0
3463 - FPSIMD/NEON registers: set to 0
3464 - SVE registers: set to 0
3465 - System registers: Reset to their architecturally defined
3467 case of EL2 being enabled).
3479 - KVM_ARM_VCPU_POWER_OFF: Starts the CPU in a power-off state.
3482 - KVM_ARM_VCPU_EL1_32BIT: Starts the CPU in a 32bit mode.
3484 - KVM_ARM_VCPU_PSCI_0_2: Emulate PSCI v0.2 (or a future revision
3487 - KVM_ARM_VCPU_PMU_V3: Emulate PMUv3 for the CPU.
3490 - KVM_ARM_VCPU_PTRAUTH_ADDRESS: Enables Address Pointer authentication
3498 - KVM_ARM_VCPU_PTRAUTH_GENERIC: Enables Generic Pointer authentication
3506 - KVM_ARM_VCPU_SVE: Enables SVE for the CPU (arm64 only).
3512 - KVM_REG_ARM64_SVE_VLS may be read using KVM_GET_ONE_REG: the
3513 initial value of this pseudo-register indicates the best set of
3518 - KVM_RUN and KVM_GET_REG_LIST are not available;
3520 - KVM_GET_ONE_REG and KVM_SET_ONE_REG cannot be used to access
3525 - KVM_REG_ARM64_SVE_VLS may optionally be written using
3531 - the KVM_REG_ARM64_SVE_VLS pseudo-register is immutable, and can
3534 - KVM_ARM_VCPU_HAS_EL2: Enable Nested Virtualisation support,
3540 - KVM_ARM_VCPU_HAS_EL2_E2H0: Restrict Nested Virtualisation
3541 support to HCR_EL2.E2H being RES0 (non-VHE).
3546 -----------------------------
3552 :Returns: 0 on success; -1 on error
3565 kvm_vcpu_init->features bitmap returned will have feature bits set if
3575 ---------------------
3581 :Returns: 0 on success; -1 on error
3603 - KVM_REG_S390_TODPR
3605 - KVM_REG_S390_EPOCHDIFF
3607 - KVM_REG_S390_CPU_TIMER
3609 - KVM_REG_S390_CLOCK_COMP
3611 - KVM_REG_S390_PFTOKEN
3613 - KVM_REG_S390_PFCOMPARE
3615 - KVM_REG_S390_PFSELECT
3617 - KVM_REG_S390_PP
3619 - KVM_REG_S390_GBEA
3623 -----------------------------------------
3629 :Returns: 0 on success, -1 on error
3659 arm64 currently only require this when using the in-kernel GIC
3665 base addresses will return -EEXIST.
3672 ------------------------------
3678 :Returns: 0 on success, -1 on error
3683 of a service that has a kernel-side implementation. If the token
3684 value is non-zero, it will be associated with that service, and
3692 ------------------------
3698 :Returns: 0 on success; -1 on error
3713 - KVM_GUESTDBG_ENABLE: guest debugging is enabled
3714 - KVM_GUESTDBG_SINGLESTEP: the next run should single-step
3719 - KVM_GUESTDBG_USE_SW_BP: using software breakpoints [x86, arm64]
3720 - KVM_GUESTDBG_USE_HW_BP: using hardware breakpoints [x86, s390]
3721 - KVM_GUESTDBG_USE_HW: using hardware debug events [arm64]
3722 - KVM_GUESTDBG_INJECT_DB: inject DB type exception [x86]
3723 - KVM_GUESTDBG_INJECT_BP: inject BP type exception [x86]
3724 - KVM_GUESTDBG_EXIT_PENDING: trigger an immediate guest exit [s390]
3725 - KVM_GUESTDBG_BLOCKIRQ: avoid injecting interrupts/NMI/SMI [x86]
3728 are enabled in memory so we need to ensure breakpoint exceptions are
3743 the single-step debug event (KVM_GUESTDBG_SINGLESTEP) is supported.
3753 ---------------------------
3759 :Returns: 0 on success, -1 on error
3794 the variable-size array 'entries'. If the number of entries is too low
3798 to the number of valid entries in the 'entries' array, which is then
3820 if the index field is valid
3828 --------------------
3835 < 0 on generic error (e.g. -EFAULT or -ENOMEM),
3890 the access. "ar" designates the access register number to be used; the valid
3893 Logical accesses are permitted for non-protected guests only.
3911 translation-exception identifier (TEID) indicates suppression.
3915 prohibited given the access key designated by "key"; the valid range is 0..15.
3934 Absolute accesses are permitted for non-protected guests only.
3973 -----------------------
3999 will cause the ioctl to return -EINVAL.
4005 -----------------------
4023 will cause the ioctl to return -EINVAL.
4030 the ioctl will return -EINVAL.
4033 -----------------
4039 :Returns: 0 on success, -1 on error
4080 - KVM_S390_SIGP_STOP - sigp stop; parameter in .stop
4081 - KVM_S390_PROGRAM_INT - program check; parameters in .pgm
4082 - KVM_S390_SIGP_SET_PREFIX - sigp set prefix; parameters in .prefix
4083 - KVM_S390_RESTART - restart; no parameters
4084 - KVM_S390_INT_CLOCK_COMP - clock comparator interrupt; no parameters
4085 - KVM_S390_INT_CPU_TIMER - CPU timer interrupt; no parameters
4086 - KVM_S390_INT_EMERGENCY - sigp emergency; parameters in .emerg
4087 - KVM_S390_INT_EXTERNAL_CALL - sigp external call; parameters in .extcall
4088 - KVM_S390_MCHK - machine check interrupt; parameters in .mchk
4093 ---------------------------
4100 -EINVAL if buffer size is 0,
4101 -ENOBUFS if buffer size is too small to fit all pending interrupts,
4102 -EFAULT if the buffer address was invalid
4120 the kernel never checked for flags == 0 and QEMU never pre-zeroed flags and
4124 If -ENOBUFS is returned the buffer provided was too small and userspace
4128 ---------------------------
4135 -EFAULT if the buffer address was invalid,
4136 -EINVAL for an invalid buffer length (see below),
4137 -EBUSY if there were already interrupts pending,
4141 This ioctl allows userspace to set the complete state of all cpu-local
4163 which is the maximum number of possibly pending cpu-local interrupts.
4166 ------------
4172 :Returns: 0 on success, -1 on error
4177 ----------------------------
4239 enabled. If KVM_MSR_EXIT_REASON_FILTER is enabled, KVM will exit to userspace
4241 KVM_MSR_EXIT_REASON_FILTER is not enabled, KVM will inject a #GP into the guest
4266 part of VM-Enter/VM-Exit emulation.
4269 of VM-Enter/VM-Exit emulation. If an MSR access is denied on VM-Enter, KVM
4270 synthesizes a consistency check VM-Exit(EXIT_REASON_MSR_LOAD_FAIL). If an
4271 MSR access is denied on VM-Exit, KVM synthesizes a VM-Abort. In short, KVM
4273 the VM-Enter/VM-Exit MSR list. It is platform owner's responsibility to
4285 KVM_MSR_EXIT_REASON_FILTER must be enabled before activating any filters, and
4286 left enabled until after all filters are deactivated. Failure to do so may
4290 ----------------------------
4323 -------------------------
4330 -EFAULT if struct kvm_reinject_control cannot be read,
4331 -ENXIO if KVM_CREATE_PIT or KVM_CREATE_PIT2 didn't succeed earlier.
4350 ------------------------------
4357 -EFAULT if struct kvm_ppc_mmuv3_cfg cannot be read,
4358 -EINVAL if the configuration is invalid
4384 ---------------------------
4391 -EFAULT if struct kvm_ppc_rmmu_info cannot be written,
4392 -EINVAL if no useful information can be returned
4421 --------------------------------
4430 -EFAULT if struct kvm_reinject_control cannot be read,
4431 -EINVAL if the supplied shift or flags are invalid,
4432 -ENOMEM if unable to allocate the new HPT,
4465 returns 0 (i.e. cancels any in-progress preparation).
4468 flags will result in an -EINVAL.
4475 -------------------------------
4482 -EFAULT if struct kvm_reinject_control cannot be read,
4483 -EINVAL if the supplied shift or flags are invalid,
4484 -ENXIO is there is no pending HPT, or the pending HPT doesn't
4486 -EBUSY if the pending HPT is not fully prepared,
4487 -ENOSPC if there was a hash collision when moving existing
4489 -EIO on other error conditions
4506 KVM_PPC_RESIZE_HPT_COMMIT will return an error (usually -ENXIO or
4507 -EBUSY, though others may be possible if the preparation was started,
4511 placed itself in a quiescent state where no vcpu will make MMU enabled
4520 -----------------------------------
4526 :Returns: 0 on success, -1 on error
4533 -----------------------
4540 -EFAULT if u64 mcg_cap cannot be read,
4541 -EINVAL if the requested number of banks is invalid,
4542 -EINVAL if requested MCE capability is not supported.
4546 specifies which capabilities should be enabled. The maximum
4547 supported number of error-reporting banks can be retrieved when
4552 ---------------------
4559 -EFAULT if struct kvm_x86_mce cannot be read,
4560 -EINVAL if the bank number is invalid,
4561 -EINVAL if VAL bit is not set in status field.
4586 ----------------------------
4598 ENXIO if CMMA is not enabled
4599 EINVAL if KVM_S390_CMMA_PEEK is not set but migration mode was not enabled
4609 - During live migration to save the CMMA values. Live migration needs
4610 to be enabled via the KVM_REQ_START_MIGRATION VM property.
4611 - To non-destructively peek at the CMMA values, with the flag
4642 KVM_S390_SKEYS_MAX. KVM_S390_SKEYS_MAX is re-used for consistency with
4680 not enabled.
4687 ----------------------------
4726 This ioctl can fail with -ENOMEM if not enough memory can be allocated to
4727 complete the task, with -ENXIO if CMMA is not enabled, with -EINVAL if
4729 if the flags field was not 0, with -EFAULT if the userspace address is
4735 --------------------------
4742 -EFAULT if struct kvm_ppc_cpu_char cannot be written
4747 CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754). The information is
4753 __u64 character_mask; /* valid bits in character */
4754 __u64 behaviour_mask; /* valid bits in behaviour */
4764 with preventing inadvertent information disclosure - specifically,
4765 whether there is an instruction to flash-invalidate the L1 data cache
4782 ---------------------------
4788 :Returns: 0 on success; -1 on error
4791 for issuing platform-specific memory encryption commands to manage those
4797 Documentation/virt/kvm/x86/amd-memory-encryption.rst and
4798 Documentation/virt/kvm/x86/intel-tdx.rst.
4801 -----------------------------------
4807 :Returns: 0 on success; -1 on error
4812 It is used in the SEV-enabled guest. When encryption is enabled, a guest
4825 -------------------------------------
4831 :Returns: 0 on success; -1 on error
4837 ------------------------
4845 the specified Hyper-V connection id through the SIGNAL_EVENT hypercall, without
4846 causing a user exit. SIGNAL_EVENT hypercall with non-zero event flag number
4847 (bits 24-31) still triggers a KVM_EXIT_HYPERV_HCALL user exit.
4867 -EINVAL if conn_id or flags is outside the allowed range,
4868 -ENOENT on deassign if the conn_id isn't registered,
4869 -EEXIST on assign if the conn_id is already registered
4872 --------------------------
4878 :Returns: 0 on success, -1 on error
4946 --------------------------
4952 :Returns: 0 on success, -1 on error
4958 -------------------------------------
4987 -------------------------
4993 :Returns: 0 on success, -1 on error
5015 in KVM's dirty bitmap, and dirty tracking is re-enabled for that page
5016 (for example via write-protection, or by clearing the dirty bit in
5019 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of slot field specifies
5024 is enabled; for more information, see the description of the capability.
5029 --------------------------------
5035 :Returns: 0 on success, -1 on error
5056 This ioctl returns x86 cpuid features leaves related to Hyper-V emulation in
5058 cpuid information presented to guests consuming Hyper-V enlightenments (e.g.
5059 Windows or Hyper-V guests).
5061 CPUID feature leaves returned by this ioctl are defined by Hyper-V Top Level
5068 - HYPERV_CPUID_VENDOR_AND_MAX_FUNCTIONS
5069 - HYPERV_CPUID_INTERFACE
5070 - HYPERV_CPUID_VERSION
5071 - HYPERV_CPUID_FEATURES
5072 - HYPERV_CPUID_ENLIGHTMENT_INFO
5073 - HYPERV_CPUID_IMPLEMENT_LIMITS
5074 - HYPERV_CPUID_NESTED_FEATURES
5075 - HYPERV_CPUID_SYNDBG_VENDOR_AND_MAX_FUNCTIONS
5076 - HYPERV_CPUID_SYNDBG_INTERFACE
5077 - HYPERV_CPUID_SYNDBG_PLATFORM_CAPABILITIES
5080 with the 'nent' field indicating the number of entries in the variable-size
5081 array 'entries'. If the number of entries is too low to describe all Hyper-V
5083 to the number of Hyper-V feature leaves, the 'nent' field is adjusted to the
5084 number of valid entries in the 'entries' array, which is then filled.
5093 - HYPERV_CPUID_NESTED_FEATURES leaf and HV_X64_ENLIGHTENED_VMCS_RECOMMENDED
5094 feature bit are only exposed when Enlightened VMCS was previously enabled
5096 - HV_STIMER_DIRECT_MODE_AVAILABLE bit is only exposed with in-kernel LAPIC.
5100 ---------------------------
5105 :Returns: 0 on success, -1 on error
5110 EPERM feature not enabled, needs configuration, or already finalized
5131 that should be performed and how to do it are feature-dependent.
5135 -EPERM unless the feature has already been finalized by means of a
5142 ------------------------------
5148 :Returns: 0 on success, -1 on error
5178 Valid values for 'flags'::
5201 ---- -----------
5230 When setting a new pmu event filter, -EINVAL will be returned if any of the
5234 Valid values for 'action'::
5242 Specifically, KVM follows the following pseudo-code when determining whether to
5243 allow the guest FixCtr[i] to count its pre-defined fixed event::
5258 ---------------------
5282 ---------------------------
5294 ----------------------------
5307 --------------------------
5321 -------------------------
5366 All registered VCPUs are converted back to non-protected ones. If a
5390 valid fields if more response fields are added in the future.
5467 not succeed all other subcommands will fail with -EINVAL. This
5468 subcommand will return -EINVAL if a dump process has not yet been
5499 resume execution immediately as non-protected. There can be at most
5524 --------------------------
5570 Sets the ABI mode of the VM to 32-bit or 64-bit (long mode). This
5604 re-mapped in guest physical address space.
5610 This is the HVM-wide vector injected directly by the hypervisor
5632 the 32-bit version code returned to the guest when it invokes the
5647 --------------------------
5660 ---------------------------
5699 dirtied at any time if event channel interrupt delivery is enabled, so
5745 other four times. The state field must be set to -1, or to a valid
5753 vCPU ID of the given vCPU, to allow timer-related VCPU operations to
5766 per-vCPU local APIC upcall vector, configured by a Xen guest with
5768 used by Windows guests, and is distinct from the HVM-wide upcall
5774 ---------------------------
5789 ---------------------------
5795 :Returns: number of bytes copied, < 0 on error (-EINVAL for incorrect
5796 arguments, -EFAULT if memory cannot be accessed).
5810 ``length`` must not be bigger than 2^31 - PAGE_SIZE bytes. The ``addr``
5827 --------------------
5833 :Returns: 0 on success, -1 on error
5856 Indicates that the struct contains valid PDPTR values.
5860 --------------------
5866 :Returns: 0 on success, -1 on error
5873 ----------------------
5892 +-------------+
5894 +-------------+
5896 +-------------+
5898 +-------------+
5900 +-------------+
5990 Bits 0-3 of ``flags`` encode the type:
6012 is [``hist_param``*(N-1), ``hist_param``*N), while the range of the last
6013 bucket is [``hist_param``*(``size``-1), +INF). (+INF means positive infinity
6018 [0, 1), while the range of the last bucket is [pow(2, ``size``-2), +INF).
6020 [pow(2, N-2), pow(2, N-1)).
6022 Bits 4-7 of ``flags`` encode the unit:
6034 It indicates that the statistics data is used to measure CPU clock cycles.
6045 Bits 8-11 of ``flags``, together with ``exponent``, encode the scale of the
6050 CPU clock cycles. For example, an exponent of -9 can be used with
6066 bucket in the unit expressed by bits 4-11 of ``flags`` together with ``exponent``.
6072 The Stats Data block contains an array of 64-bit values in the same order
6076 --------------------
6082 :Returns: 0 on success, -1 on error
6097 enabled with ``arch_prctl()``, but this may change in the future.
6103 -----------------------------
6123 -----------------------------
6132 for vcpus. It re-uses the kvm_s390_pv_dmp struct and hence also shares
6148 ----------------------
6156 Used to manage hardware-assisted virtualization features for zPCI devices.
6195 --------------------------------
6203 This capability indicates that userspace is able to apply a single VM-wide
6224 (-EINVAL) being returned. This ioctl can also return -EBUSY if any vcpu
6235 ------------------------------------
6274 op0==3, op1=={0, 1, 3}, CRn==0, CRm=={0-7}, op2=={0-7}.
6283 ---------------------------------
6289 :Returns: 0 on success, -1 on error
6314 A KVM_MEM_GUEST_MEMFD region _must_ have a valid guest_memfd (private memory) and
6315 userspace_addr (shared memory). However, "valid" for userspace_addr simply
6317 mapping for userspace_addr is not required to be valid/populated at the time of
6319 on-demand.
6330 Returns -EINVAL if the VM has the KVM_VM_S390_UCONTROL flag set.
6331 Returns -EINVAL if called on a protected VM.
6334 -------------------------------
6370 ----------------------------
6413 ---------------------------
6445 KVM_PRE_FAULT_MEMORY populates KVM's stage-2 page tables used to map memory
6447 stage-2 read page fault, e.g. faults in memory as needed, but doesn't break
6448 CoW. However, KVM does not mark any newly created stage-2 PTE as Accessed.
6497 This field is polled once when KVM_RUN starts; if non-zero, KVM_RUN
6498 exits immediately, returning -EINTR. In the common scenario where a
6502 a signal handler that sets run->immediate_exit to a non-zero value.
6528 The value of the current interrupt flag. Only valid if in-kernel
6535 More architecture-specific flags detailing state of the VCPU that may
6553 The value of the cr8 register. Only valid if in-kernel local APIC is
6560 The value of the APIC BASE msr. Only valid if in-kernel local
6572 reasons. Further architecture-specific information is available in
6584 to unknown reasons. Further architecture-specific information is
6637 executed a memory-mapped I/O instruction which could not be satisfied
6651 has re-entered the kernel with KVM_RUN. The kernel side will first finish
6656 completed before performing a live migration. Userspace can re-enter the
6679 ----------
6681 SMCCC exits can be enabled depending on the configuration of the SMCCC
6690 - ``KVM_HYPERCALL_EXIT_SMC``: Indicates that the guest used the SMC
6694 - ``KVM_HYPERCALL_EXIT_16BIT``: Indicates that the guest used a 16bit
6720 __u16 ipa;
6763 Deprecated - was used for 440 KVM.
6789 This is used on 64-bit PowerPC when emulating a pSeries partition,
6793 the arguments (from the guest R4 - R12). Userspace should put the
6811 s390 specific. This exit occurs when KVM_CAP_S390_CSS_SUPPORT has been enabled
6834 It gets triggered whenever both KVM_CAP_PPC_EPR are enabled and an
6855 a system-level event using some architecture specific mechanism (hypercall
6859 The 'type' field describes the system-level event type.
6860 Valid values for 'type' are:
6862 - KVM_SYSTEM_EVENT_SHUTDOWN -- the guest has requested a shutdown of the
6866 - KVM_SYSTEM_EVENT_RESET -- the guest has requested a reset of the VM.
6869 - KVM_SYSTEM_EVENT_CRASH -- the guest crash occurred and the guest
6873 - KVM_SYSTEM_EVENT_SEV_TERM -- an AMD SEV guest requested termination.
6875 - KVM_SYSTEM_EVENT_TDX_FATAL -- a TDX guest reported a fatal error state.
6876 KVM doesn't do any parsing or conversion, it just dumps 16 general-purpose
6877 registers to userspace, in ascending order of the 4-bit indices for x86-64
6878 general-purpose registers in instruction encoding, as defined in the Intel
6880 - KVM_SYSTEM_EVENT_WAKEUP -- the exiting vCPU is in a suspended state and
6883 - KVM_SYSTEM_EVENT_SUSPEND -- the guest has requested a suspension of
6887 architecture specific information for the system-level event. Only
6888 the first `ndata` items (possibly zero) of the data array are valid.
6890 - for arm64, data[0] is set to KVM_SYSTEM_EVENT_RESET_FLAG_PSCI_RESET2 if
6894 - for arm64, data[0] is set to KVM_SYSTEM_EVENT_SHUTDOWN_FLAG_PSCI_OFF2
6898 - for RISC-V, data[0] is set to the value of the second argument of the
6906 --------------
6908 KVM_SYSTEM_EVENT_SUSPEND exits are enabled with the
6916 the call parameters are left in-place in the vCPU registers.
6921 - Honor the guest request to suspend the VM. Userspace can request
6922 in-kernel emulation of suspension by setting the calling vCPU's
6928 - Deny the guest request to suspend the VM. See ARM DEN0022D.b 5.19.2
6931 Hibernation using the PSCI SYSTEM_OFF2 call is enabled when PSCI v1.3
6932 is enabled. If a guest invokes the PSCI SYSTEM_OFF2 function, KVM will
6944 Indicates that the VCPU's in-kernel local APIC received an EOI for a
6945 level-triggered IOAPIC interrupt. This exit only triggers when the
6946 IOAPIC is implemented in userspace (i.e. KVM_CAP_SPLIT_IRQCHIP is enabled);
6987 related to Hyper-V emulation.
6989 Valid values for 'type' are:
6991 - KVM_EXIT_HYPERV_SYNIC -- synchronously notify user-space about
6993 Hyper-V SynIC state change. Notification is used to remap SynIC
6997 - KVM_EXIT_HYPERV_SYNDBG -- synchronously notify user-space about
6999 Hyper-V Synthetic debugger state change. Notification is used to either update
7018 the VM. KVM assumed that if the guest accessed non-memslot memory, it was
7027 instead return to userspace with KVM_EXIT_ARM_NISV, with the valid bits from
7028 the ESR_EL2 in the esr_iss field, and the faulting IPA in the fault_ipa field.
7048 __u8 error; /* user -> kernel */
7050 __u32 reason; /* kernel -> user */
7051 __u32 index; /* kernel -> user */
7052 __u64 data; /* kernel <-> user */
7056 enabled, MSR accesses to registers that would invoke a #GP by KVM kernel code
7062 ENABLE_CAP. Currently valid exit reasons are:
7108 Valid values for 'type' are:
7110 - KVM_EXIT_XEN_HCALL -- synchronously notify user-space about Xen hypercall.
7125 done a SBI call which is not handled by KVM RISC-V kernel module. The details
7131 values of SBI call before resuming the VCPU. For more details on RISC-V SBI
7132 spec refer, https://github.com/riscv/riscv-sbi-doc.
7149 - KVM_MEMORY_EXIT_FLAG_PRIVATE - When set, indicates the memory fault occurred
7154 accompanies a return code of '-1', not '0'! errno will always be set to EFAULT
7167 enabled, a VM exit generated if no event window occurs in VM non-root mode
7173 The valid value for 'flags' is:
7175 - KVM_NOTIFY_CONTEXT_INVALID -- the VM context is corrupted and not valid
7203 on the Guest-Hypervisor Communication Interface (GHCI) specification;
7206 on re-entry.
7213 * ``TDVMCALL_GET_QUOTE``: the guest has requested to generate a TD-Quote
7214 signed by a service hosting TD-Quoting Enclave operating on the host.
7217 (without the shared bit set) and the size of a shared-memory buffer, in
7221 shared-memory area to check whether the Quote generation is completed or
7231 it will enter with output fields already valid; in the common case, the
7269 6. Capabilities that can be enabled on vCPUs
7273 the virtual machine when enabled. To enable them, please see
7286 whether this is a per-vcpu or per-vm capability.
7297 -------------------
7302 :Returns: 0 on success; -1 on error
7306 were invented by Mac-on-Linux to have a standardized communication mechanism
7309 When this capability is enabled, KVM_EXIT_OSI can occur.
7313 --------------------
7318 :Returns: 0 on success; -1 on error
7330 When this capability is enabled, KVM_EXIT_PAPR_HCALL can occur.
7334 ------------------
7339 :Returns: 0 on success; -1 on error
7352 addresses of mmu-type-specific data structures. The "array_len" field is an
7368 - The "params" field is of type "struct kvm_book3e_206_tlb_params".
7369 - The "array" field points to an array of type "struct
7371 - The array consists of all entries in the first TLB, followed by all
7373 - Within a TLB, entries are ordered first by increasing set number. Within a
7375 - The hash for determining set number in TLB0 is: (MAS2 >> 12) & (num_sets - 1)
7377 - The tsize field of mas1 shall be set to 4K on TLB0, even though the
7381 ----------------------------
7386 :Returns: 0 on success; -1 on error
7391 handled in-kernel, while the other I/O instructions are passed to userspace.
7393 When this capability is enabled, KVM_EXIT_S390_TSCH will occur on TEST
7396 Note that even though this capability is enabled per-vcpu, the complete
7400 -------------------
7405 :Returns: 0 on success; -1 on error
7410 When enabled (args[0] != 0), every time the guest gets an external interrupt
7416 When this capability is enabled, KVM_EXIT_EPR can occur.
7419 --------------------
7425 This capability connects the vcpu to an in-kernel MPIC device.
7428 --------------------
7435 This capability connects the vcpu to an in-kernel XICS device.
7438 ------------------------
7444 This capability enables the in-kernel irqchip for s390. Please refer to
7448 --------------------
7462 ---------------------
7475 ----------------------
7478 :Target: s390: always enabled, x86: vcpu
7480 :Returns: x86: KVM_CHECK_EXTENSION returns a bit-array indicating which register
7496 - the register sets to be copied out to kvm_run are selectable
7498 - vcpu_events are available in addition to regs and sregs.
7501 function as an input bit-array field set by userspace to indicate the
7521 -------------------------
7528 This capability connects the vcpu to an in-kernel XIVE device.
7531 -------------------------
7538 Hyper-V Synthetic interrupt controller(SynIC). Hyper-V SynIC is
7539 used to support Windows Hyper-V based guest paravirt drivers(VMBus).
7544 by the CPU, as it's incompatible with SynIC auto-EOI behavior.
7547 --------------------------
7552 This capability enables a newer version of Hyper-V Synthetic interrupt
7554 doesn't clear SynIC message and event flags pages when they are enabled by
7558 -----------------------------------
7563 This capability indicates that KVM running on top of Hyper-V hypervisor
7565 hypercalls are handled by Level 0 hypervisor (Hyper-V) bypassing KVM.
7566 Due to the different ABI for hypercall parameters between Hyper-V and
7569 flush hypercalls by Hyper-V) so userspace should disable KVM identification
7570 in CPUID and only exposes Hyper-V identification. In this case, guest
7571 thinks it's running on Hyper-V and only use Hyper-V hypercalls.
7574 ---------------------------------
7579 When enabled, KVM will disable emulated Hyper-V features provided to the
7580 guest according to the bits Hyper-V CPUID feature leaves. Otherwise, all
7581 currently implemented Hyper-V features are provided unconditionally when
7582 Hyper-V identification is set in the HYPERV_CPUID_INTERFACE (0x40000001)
7586 -------------------------------------
7591 When enabled, KVM will disable paravirtual features provided to the
7601 7. Capabilities that can be enabled on VMs
7605 machine when enabled. To enable them, please see section
7624 ----------------------------
7628 args[1] is 0 to disable, 1 to enable in-kernel handling
7631 get handled by the kernel or not. Enabling or disabling in-kernel
7633 initial set of hcalls are enabled for in-kernel handling, which
7634 consists of those hcalls for which in-kernel handlers were implemented
7641 If the hcall number specified is not one that has an in-kernel
7646 --------------------------
7652 space. With this capability enabled, all fast orders will be handled completely
7655 - SENSE
7656 - SENSE RUNNING
7657 - EXTERNAL CALL
7658 - EMERGENCY SIGNAL
7659 - CONDITIONAL EMERGENCY SIGNAL
7664 in the hardware prior to interception). If this capability is not enabled, the
7668 ---------------------------------
7676 return -EINVAL if the machine does not support vectors.
7679 --------------------------
7684 This capability allows post-handlers for the STSI instruction. After
7689 vcpu->run::
7700 @addr - guest address of STSI SYSIB
7701 @fc - function code
7702 @sel1 - selector 1
7703 @sel2 - selector 2
7704 @ar - access register number
7706 KVM handlers should exit to userspace with rc = -EREMOTE.
7709 -------------------------
7712 :Parameters: args[0] - number of routes reserved for userspace IOAPICs
7713 :Returns: 0 on success, -1 on error
7717 IOAPIC and PIC (and also the PIT, even though this has to be enabled
7730 -------------------
7735 Allows use of runtime-instrumentation introduced with zEC12 processor.
7736 Will return -EINVAL if the machine does not support runtime-instrumentation.
7737 Will return -EBUSY if a VCPU has already been created.
7740 ----------------------
7743 :Parameters: args[0] - features that should be enabled
7744 :Returns: 0 on success, -EINVAL when args[0] contains invalid features
7746 Valid feature flags in args[0] are::
7753 allowing the use of 32-bit APIC IDs. See KVM_CAP_X2APIC_API in their
7756 KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK must be enabled for x2APIC to work
7760 where 0xff represents CPUs 0-7 in cluster 0.
7763 ----------------------------
7768 With this capability enabled, all illegal instructions 0x0000 (2 bytes) will
7770 mechanism e.g. to realize 2-byte software breakpoints. The kernel will
7774 This capability can be enabled dynamically even if VCPUs were already
7778 -------------------
7782 :Returns: 0 on success; -EINVAL if the machine does not support
7783 guarded storage; -EBUSY if a VCPU has already been created.
7788 ---------------------
7793 Allow use of adapter-interruption suppression.
7794 :Returns: 0 on success; -EBUSY if a VCPU has already been created.
7797 --------------------
7815 ----------------------
7827 ------------------------------
7831 :Returns: 0 on success, -EINVAL when args[0] contains invalid exits
7834 Valid bits in args[0] are::
7851 --------------------------
7855 :Returns: 0 on success, -EINVAL if hpage module parameter was not set
7856 or cmma is enabled, or the VM has the KVM_VM_S390_UCONTROL
7860 through hugetlbfs can be enabled for a VM. After the capability is
7861 enabled, cmma can't be enabled anymore and pfmfi and the storage key
7862 interpretation are disabled. If cmma has already been enabled or the
7863 hpage module parameter is not set to 1, -EINVAL is returned.
7869 ------------------------------
7872 :Parameters: args[0] whether feature should be enabled or not
7879 --------------------------
7883 :Returns: 0 on success, -EINVAL when the implementation doesn't support
7884 nested-HV virtualization.
7886 HV-KVM on POWER9 and later systems allows for "nested-HV"
7888 can run using the CPU's supervisor mode (privileged non-hypervisor
7890 the necessary functionality and on the facility being enabled with a
7891 kvm-hv module parameter.
7894 ------------------------------
7897 :Parameters: args[0] whether feature should be enabled or not
7899 With this capability enabled, CR2 will not be modified prior to the
7900 emulated VM-exit when L1 intercepts a #PF exception that occurs in
7901 L2. Similarly, for kvm-intel only, DR6 will not be modified prior to
7902 the emulated VM-exit when L1 intercepts a #DB exception that occurs in
7908 exception.has_payload and to put the faulting address - or the new DR6
7909 bits\ [#]_ - in the exception_payload field.
7920 --------------------------------------
7923 :Parameters: args[0] whether feature should be enabled or not
7925 Valid flags are::
7931 automatically clear and write-protect all pages that are returned as dirty.
7937 KVM_CLEAR_DIRTY_LOG ioctl can operate on a 64-page granularity rather
7950 dirty logging can be enabled gradually in small chunks on the first call
7962 ------------------------------
7974 If present, this capability can be enabled for a VM, meaning that KVM
7979 ----------------------
7984 :Returns: 0 on success; -1 on error
7987 maximum halt-polling time for all vCPUs in the target VM. This capability can
7989 maximum halt-polling time.
7991 See Documentation/virt/kvm/halt-polling.rst for more information on halt
7995 -------------------------------
8000 :Returns: 0 on success; -1 on error
8010 this capability. With it enabled, MSR accesses that match the mask specified in
8016 The valid mask flags are:
8027 -------------------------------
8032 :Returns: 0 on success, -EINVAL when args[0] contains invalid bits
8034 Valid bits in args[0] are::
8042 the KVM_ENABLE_CAP. The supported modes are mutually-exclusive.
8045 guest, irrespective whether or not the host has enabled split-lock detection
8051 exit, although the host kernel's split-lock #AC detection still applies, if
8052 enabled.
8057 apply some other policy-based mitigation. When exiting to userspace, KVM sets
8058 KVM_RUN_X86_BUS_LOCK in vcpu-run->flags, and conditionally sets the exit_reason
8063 the next instruction, i.e. the exit is trap-like. On AMD hosts, RIP points at
8064 the offending instruction, i.e. the exit is fault-like.
8071 ----------------------
8075 :Returns: 0 on success, -EINVAL when CPU doesn't support 2nd DAWR
8082 -------------------------------------
8084 :Architectures: x86 SEV enabled
8092 This is intended to support in-guest workloads scheduled by the host. This
8093 allows the in-guest workload to maintain its own NPTs and keeps the two vms
8098 --------------------------
8103 :Returns: 0 on success, -EINVAL if the file handle is invalid or if a requested
8107 more privileged enclave attributes. args[0] must hold a file handle to a valid
8121 --------------------------------------
8124 :Parameters: args[0] whether the feature should be enabled or not
8126 When this capability is enabled, an emulation failure will result in an exit
8134 that are valid (ie: if KVM_INTERNAL_ERROR_EMULATION_FLAG_INSTRUCTION_BYTES is
8135 set in the 'flags' field then both 'insn_size' and 'insn_bytes' have valid data
8139 --------------------
8145 Memory Tagging Extensions (MTE) to the guest. It must also be enabled by the
8150 When enabled the guest is able to access tags associated with any memory given
8155 When this capability is enabled all memory in memslots must be mapped as
8156 ``MAP_ANONYMOUS`` or with a RAM-based file mapping (``tmpfs``, ``memfd``),
8158 -EINVAL return.
8160 When enabled the VMM may make use of the ``KVM_ARM_MTE_COPY_TAGS`` ioctl to
8164 -------------------------------------
8166 :Architectures: x86 SEV enabled
8174 This is intended to support intra-host migration of VMs between userspace VMMs,
8178 ----------------------------
8180 :Parameters: args[0] - set of KVM quirks to disable
8184 This capability, if enabled, will cause KVM to disable some behavior
8194 The valid bits in cap.args[0] are:
8216 KVM_X86_QUIRK_OUT_7E_INC_RIP By default, KVM pre-increments %rip before
8219 KVM does not pre-increment %rip before
8288 self-snoop, KVM always ignores guest PAT and
8291 when a VM has non-coherent DMA devices
8295 (e.g. ICX, SPR) where self-snoop feature is
8307 ------------------------
8311 :Parameters: args[0] - maximum APIC ID value set for current VM
8312 :Returns: 0 on success, -EINVAL if args[0] is beyond KVM_MAX_VCPU_IDS
8328 ------------------------------
8333 :Returns: 0 on success, -EINVAL if args[0] contains invalid flags or notify
8337 Bits 31:0 of args[0] are for some flags. Valid bits are::
8343 in per-VM scope during VM creation. Notify VM exit is disabled by default.
8346 a VM exit if no event window occurs in VM non-root mode for a specified of
8357 -----------------------------------
8361 :Parameters: args[0] is the desired APIC bus clock rate, in nanoseconds
8362 :Returns: 0 on success, -EINVAL if args[0] contains an invalid value for the
8363 frequency or if any vCPUs have been created, -ENXIO if a virtual
8366 This capability sets the VM's APIC bus clock frequency, used by KVM's in-kernel
8371 core crystal clock frequency, if a non-zero CPUID 0x15 is exposed to the guest.
8374 ----------------------------------------------------------
8378 :Parameters: args[0] - size of the dirty log ring
8418 00 -----------> 01 -------------> 1X -------+
8421 +------------------------------------------+
8435 using load-acquire/store-release accessors when available, or any
8463 Architecture with TSO-like ordering (such as x86) are allowed to
8469 ring structures can be backed by per-slot bitmaps. With this capability
8473 can't be enabled if the capability of KVM_CAP_DIRTY_LOG_RING_ACQ_REL
8474 hasn't been enabled, or any memslot has been existing.
8479 context. Otherwise, the stand-alone per-slot bitmap mechanism needs to
8492 KVM device "kvm-arm-vgic-its". (2) restore vgic/its tables through
8494 "kvm-arm-vgic-its". VGICv3 LPI pending status is restored. (3) save
8496 command on KVM device "kvm-arm-vgic-v3".
8499 ---------------------------
8504 :Returns: 0 on success, -EINVAL when arg[0] contains invalid bits
8520 -------------------------------------
8525 :Returns: 0 on success, -EPERM if the userspace process does not
8526 have CAP_SYS_BOOT, -EINVAL if args[0] is not 0 or any vCPUs have been
8536 ---------------------------------------
8541 :Returns: 0 on success, -EINVAL if any memslot was already created.
8545 Eager Page Splitting improves the performance of dirty-logging (used
8546 in live migrations) when guest memory is backed by huge-pages. It
8547 avoids splitting huge-pages (into PAGE_SIZE pages) on fault, by doing
8556 The chunk size needs to be a valid block size. The list of acceptable
8558 64-bit bitmap (each bit describing a block size). The default value is
8562 ---------------------------
8567 This capability, if enabled, will cause KVM to exit to userspace
8580 -------------------------------
8585 When enabled, KVM will exit to userspace with KVM_EXIT_SYSTEM_EVENT of
8589 -------------------------------------
8594 :Returns: 0 on success, -EINVAL if vCPUs have been created before enabling this
8601 When this capability is enabled, KVM allows userspace to change the
8607 ---------------------------------
8612 :Returns: 0 on success, -EINVAL if arg[0] is not zero
8614 When this capability is enabled, KVM resets the VCPU when setting
8624 ---------------------
8630 H_RANDOM hypercall backed by a hardware random-number generator.
8631 If present, the kernel H_RANDOM handler can be enabled for guest use
8635 -------------------------
8645 ---------------------------
8652 the POWER9 processor), including in-memory segment tables.
8655 -------------------
8685 ----------------------
8699 Both registers and addresses are 32-bits wide.
8700 It will only be possible to run 32-bit guest code.
8702 1 MIPS64 or microMIPS64 with access only to 32-bit compatibility segments.
8703 Registers are 64-bits wide, but addresses are 32-bits wide.
8704 64-bit guest code may run but cannot access MIPS64 memory segments.
8705 It will also be possible to run 32-bit guest code.
8708 Both registers and addresses are 64-bits wide.
8709 It will be possible to run 64-bit or 32-bit guest code.
8713 ------------------------
8718 that if userspace creates a VM without an in-kernel interrupt controller, it
8719 will be notified of changes to the output level of in-kernel emulated devices,
8722 updates the vcpu's run->s.regs.device_irq_level field to represent the actual
8728 userspace can always sample the device output level and re-compute the state of
8730 of run->s.regs.device_irq_level on every kvm exit.
8731 The value in run->s.regs.device_irq_level can represent both level and edge
8733 signals will exit to userspace with the bit in run->s.regs.device_irq_level
8736 The field run->s.regs.device_irq_level is available independent of
8737 run->kvm_valid_regs or run->kvm_dirty_regs bits.
8741 and thereby which bits in run->s.regs.device_irq_level can signal values.
8747 KVM_ARM_DEV_EL1_VTIMER - EL1 virtual timer
8748 KVM_ARM_DEV_EL1_PTIMER - EL1 physical timer
8749 KVM_ARM_DEV_PMU - ARM PMU overflow interrupt signal
8756 -----------------------------
8766 ----------------------------
8776 -------------------------------
8785 ---------------------
8792 ----------------------
8801 ---------------------
8806 use copy-on-write semantics as well as dirty pages tracking via read-only page
8810 ---------------------
8819 ----------------------------
8823 This capability indicates that KVM supports paravirtualized Hyper-V TLB Flush
8829 ----------------------------------
8844 ----------------------------
8848 This capability indicates that KVM supports paravirtualized Hyper-V IPI send
8853 -----------------------------
8861 ---------------------------
8872 -----------------------
8877 When steal time accounting is supported it may be enabled with
8878 architecture-specific interfaces. This capability and the architecture-
8885 -------------------------
8895 an 8-byte value consisting of a one-byte Control Program Name Code (CPNC) and
8896 a 7-byte Control Program Version Code (CPVC). The CPNC determines what
8905 -------------------------------
8910 writes to user space. It can be enabled on a VM level. If enabled, MSR
8916 ---------------------------
8930 --------------------
8935 PVHVM guests. Valid flags are::
8960 The KVM_XEN_HVM_CONFIG_RUNSTATE flag indicates that the runstate-related
8985 specifically enabled (by the guest making the hypercall, causing the VMM
8994 ---------------------------
9008 IBM pSeries (sPAPR) guest starts using them if "hcall-multi-tce" is
9009 present in the "ibm,hypertas-functions" device-tree property.
9016 This capability is always enabled.
9019 --------------------
9028 --------------------------------
9040 ------------------------------
9060 When getting the Modified Change Topology Report value, the attr->addr
9064 ---------------------
9069 This capability returns a bitmap of support VM types. The 1-setting of bit @n
9079 production. The behavior and effective ABI for software-protected VMs is
9083 -------------------------------
9092 IBM pSeries (sPAPR) guest starts using it if "hcall-rpt-invalidate" is
9093 present in the "ibm,hypertas-functions" device-tree property.
9095 This capability is enabled for hypervisors on platforms like POWER9
9099 ---------------------------
9107 This capability allows a guest kernel to use a better-performance mode for
9111 ------------------------------
9116 kvm_run.memory_fault if KVM cannot resolve a guest page fault VM-Exit, e.g. if
9117 there is a valid memslot but no backing VMA for the corresponding host virtual
9120 The information in kvm_run.memory_fault is valid if and only if KVM_RUN returns
9131 ---------------------------
9154 --------
9167 but it can only be enabled if ``KVM_CREATE_IRQCHIP`` or
9168 ``KVM_ENABLE_CAP(KVM_CAP_IRQCHIP_SPLIT)`` are used to enable in-kernel emulation of
9174 ``KVM_GET_SUPPORTED_CPUID``, but it can be enabled if ``KVM_CAP_TSC_DEADLINE_TIMER``
9175 is present and the kernel has enabled in-kernel emulation of the local APIC.