Lines Matching +full:use +full:- +full:rtm
1 .. SPDX-License-Identifier: GPL-2.0
4 The Definitive KVM (Kernel-based Virtual Machine) API Documentation
24 - System ioctls: These query and set global attributes which affect the
28 - VM ioctls: These query and set attributes that affect an entire virtual
35 - vcpu ioctls: These query and set attributes that control the operation
43 - device ioctls: These query and set attributes that control the operation
92 facility that allows backward-compatible extensions to the API to be
98 set of ioctls is available for application use.
133 -----------------------
150 -----------------
159 You probably want to use 0 as machine type.
170 KVM_CAP_S390_UCONTROL and use the flag KVM_VM_S390_UCONTROL as
176 To use hardware assisted virtualization on MIPS (VZ ASE) rather than
178 memory layout to fit in user mode), check KVM_CAP_MIPS_VZ and use the
186 extension KVM_CAP_ARM_VM_IPA_SIZE. When supported, use
189 address used by the VM. The IPA_Bits is encoded in bits[7-0] of the
192 e.g, to configure a guest to use 48bit physical address size::
207 ioctl() at run-time.
219 ----------------------------------------------------------
225 :Returns: 0 on success; -1 on error
263 -----------------------
278 It is thus encouraged to use the vm ioctl to query for capabilities (available
282 --------------------------
295 the VCPU file descriptor can be mmap-ed, including:
297 - if KVM_CAP_COALESCED_MMIO is available, a page at
302 - if KVM_CAP_DIRTY_LOG_RING is available, a number of pages at
308 -------------------
314 :Returns: vcpu fd on success, -1 on error
320 the KVM_CHECK_EXTENSION ioctl() at run-time.
322 KVM_CAP_MAX_VCPUS of the KVM_CHECK_EXTENSION ioctl() at run-time.
330 KVM_CAP_MAX_VCPU_ID of the KVM_CHECK_EXTENSION ioctl() at run-time.
345 single-threaded guest vcpus, it should make all vcpu ids be a multiple
355 ---------------------
361 :Returns: 0 on success, -1 on error
380 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of slot field specifies
393 ------------
399 :Returns: 0 on success, -1 on error
420 -----------------
426 :Returns: 0 on success, -1 on error
460 -----------------
466 :Returns: 0 on success, -1 on error
474 ------------------
480 :Returns: 0 on success, -1 on error
497 /* ppc -- see arch/powerpc/include/uapi/asm/kvm.h */
505 ------------------
511 :Returns: 0 on success, -1 on error
518 ------------------
524 :Returns: 0 on success, -1 on error
545 ------------------
570 -EEXIST if an interrupt is already enqueued
571 -EINVAL the irq number is invalid
572 -ENXIO if the PIC is in the kernel
573 -EFAULT if the pointer is invalid
577 ioctl is useful if the in-kernel PIC is not used.
617 RISC-V:
644 -----------------
651 -1 on error
654 Reads the values of MSR-based features that are available for the VM. This
656 The list of msr-based features can be obtained using KVM_GET_MSR_FEATURE_INDEX_LIST
660 Reads model-specific registers from the vcpu. Supported msr indices can
684 -----------------
690 :Returns: number of msrs successfully set (see below), -1 on error
692 Writes model-specific registers to the vcpu. See KVM_GET_MSRS for the
706 ------------------
712 :Returns: 0 on success, -1 on error
715 should use the KVM_SET_CPUID2 ioctl if available.
718 - If this IOCTL fails, KVM gives no guarantees that previous valid CPUID
721 - Using KVM_SET_CPUID{,2} after KVM_RUN, i.e. changing the guest vCPU model
723 - Using heterogeneous CPUID configurations, modulo APIC IDs, topology, etc...
746 ------------------------
752 :Returns: 0 on success, -1 on error
757 their traditional behaviour) will cause KVM_RUN to return with -EINTR.
772 ----------------
778 :Returns: 0 on success, -1 on error
810 ----------------
816 :Returns: 0 on success, -1 on error
848 -----------------------
854 :Returns: 0 on success, -1 on error
858 future vcpus to have a local APIC. IRQ routing for GSIs 0-15 is set to both
859 PIC and IOAPIC; GSI 16-23 only go to the IOAPIC.
870 -----------------
876 :Returns: 0 on success, -1 on error
880 been previously created with KVM_CREATE_IRQCHIP. Note that edge-triggered
883 On real hardware, interrupt pins can be active-low or active-high. This
888 (active-low/active-high) for level-triggered interrupts, and KVM used
890 active-low interrupts, the above convention is now valid on x86 too.
892 should not present interrupts to the guest as active-low unless this
893 capability is present (or unless it is not using the in-kernel irqchip,
898 in-kernel irqchip (GIC), and for in-kernel irqchip can tell the GIC to
899 use PPIs designated for specific cpus. The irq field is interpreted
907 - KVM_ARM_IRQ_TYPE_CPU:
908 out-of-kernel GIC: irq_id 0 is IRQ, irq_id 1 is FIQ
909 - KVM_ARM_IRQ_TYPE_SPI:
910 in-kernel GIC: SPI, irq_id between 32 and 1019 (incl.)
912 - KVM_ARM_IRQ_TYPE_PPI:
913 in-kernel GIC: PPI, irq_id between 16 and 31 (incl.)
924 injection of interrupts for the in-kernel irqchip. KVM_IRQ_LINE can always
939 --------------------
945 :Returns: 0 on success, -1 on error
964 --------------------
970 :Returns: 0 on success, -1 on error
989 -----------------------
995 :Returns: 0 on success, -1 on error
1000 page of a blob (32- or 64-bit, depending on the vcpu mode) to guest
1004 in the range that is unofficially reserved for use by hypervisors. The min/max
1028 will always use the KVM_XEN_HVM_EVTCHN_SEND ioctl to deliver event
1032 spinlock operation for the guest. Userspace may still use the ioctl
1039 ------------------
1045 :Returns: 0 on success, -1 on error
1089 ------------------
1095 :Returns: 0 on success, -1 on error
1124 ------------------------
1131 :Returns: 0 on success, -1 on error
1176 - KVM_VCPUEVENT_VALID_SHADOW may be set to signal that
1179 - KVM_VCPUEVENT_VALID_SMM may be set to signal that smi contains a
1182 - KVM_VCPUEVENT_VALID_PAYLOAD may be set to signal that the
1187 - KVM_VCPUEVENT_VALID_TRIPLE_FAULT may be set to signal that the
1206 guest-visible registers. It is not possible to 'cancel' an SError that has been
1209 A device being emulated in user-space may also wish to generate an SError. To do
1210 this the events structure can be populated by user-space. The current state
1219 always have a non-zero value when read, and the agent making an SError pending
1221 the system supports KVM_CAP_ARM_INJECT_SERROR_ESR, but user-space sets the events
1225 -EINVAL. Setting anything other than the lower 24bits of exception.serror_esr
1226 will return -EINVAL.
1233 -ENOEXEC.
1250 ------------------------
1257 :Returns: 0 on success, -1 on error
1270 suppress overwriting the current in-kernel state. The bits are:
1275 KVM_VCPUEVENT_VALID_SMM transfer the smi sub-struct.
1316 -ENOEXEC.
1319 ----------------------
1325 :Returns: 0 on success, -1 on error
1341 ----------------------
1347 :Returns: 0 on success, -1 on error
1356 -------------------------------
1362 :Returns: 0 on success, -1 on error
1379 memory slot. Bits 0-15 of "slot" specify the slot id and this value
1384 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of "slot"
1410 use it. The latter can be set, if KVM_CAP_READONLY_MEM capability allows it,
1411 to make a new slot read-only. In this case, writes to this memory will be
1420 Read only region isn't supported. Only as-id 0 is supported.
1422 Note: On arm64, a write generated by the page-table walker (to update
1426 page-table walker, making it impossible to emulate the access.
1427 Instead, an abort (data abort if the cause of the page-table update
1434 Returns -EINVAL or -EEXIST if the VM has the KVM_VM_S390_UCONTROL flag set.
1435 Returns -EINVAL if called on a protected VM.
1438 ---------------------
1444 :Returns: 0 on success, -1 on error
1446 This ioctl defines the physical address of a three-page region in the guest
1452 This ioctl is required on Intel-based hosts. This is needed on Intel hardware
1460 -------------------
1466 :Returns: 0 on success; -1 on error
1472 :Returns: 0 on success; -1 on error
1511 The vcpu ioctl should be used for vcpu-specific capabilities, the vm ioctl
1512 for vm-wide capabilities.
1515 ---------------------
1521 :Returns: 0 on success; -1 on error
1556 in-kernel irqchip, the multiprocessing state must be maintained by userspace on
1596 ---------------------
1602 :Returns: 0 on success; -1 on error
1608 in-kernel irqchip, the multiprocessing state must be maintained by userspace on
1621 ------------------------------
1627 :Returns: 0 on success, -1 on error
1629 This ioctl defines the physical address of a one-page region in the guest
1638 This ioctl is required on Intel-based hosts. This is needed on Intel hardware
1645 ------------------------
1651 :Returns: 0 on success, -1 on error
1660 ------------------
1666 :Returns: 0 on success, -1 on error
1680 ------------------
1686 :Returns: 0 on success, -1 on error
1708 -----------------
1714 :Returns: 0 on success, -1 on error
1735 -----------------
1741 :Returns: 0 on success, -1 on error
1762 ----------------------------
1768 :Returns: 0 on success, -1 on error
1794 hardware and kvm in its default configuration. Userspace can use the
1801 Dynamically-enabled feature bits need to be requested with
1811 with the 'nent' field indicating the number of entries in the variable-size
1841 may be returned as true, but they depend on KVM_CREATE_IRQCHIP for in-kernel
1846 if that returns true and you use KVM_CREATE_IRQCHIP, or if you emulate the
1854 -----------------------
1884 ------------------------
1890 :Returns: 0 on success, -1 on error
1896 - GSI routing does not apply to KVM_IRQ_LINE but only to KVM_IRQFD.
1933 error -EINVAL.
1937 - KVM_MSI_VALID_DEVID: used along with KVM_IRQ_ROUTING_MSI routing entry
1938 type, specifies that the devid field contains a valid value. The per-VM
1942 - zero otherwise
1967 address_hi bits 31-8 provide bits 31-8 of the destination id. Bits 7-0 of
2001 --------------------
2007 :Returns: 0 on success, -1 on error
2024 --------------------
2030 :Returns: virtual tsc-khz on success, negative value on error
2033 KHz. If the host has unstable tsc this ioctl returns -EIO instead as an
2038 ------------------
2044 :Returns: 0 on success, -1 on error
2059 the APIC_ID register (bytes 32-35). xAPIC only allows an 8-bit APIC ID
2060 which is stored in bits 31-24 of the APIC register, or equivalently in
2069 ------------------
2075 :Returns: 0 on success, -1 on error
2087 The format of the APIC ID register (bytes 32-35 of struct kvm_lapic_state's
2093 ------------------
2116 For the special case of virtio-ccw devices on s390, the ioevent is matched
2130 For virtio-ccw devices, addr contains the subchannel id and datamatch the
2139 ------------------
2145 :Returns: 0 on success, -1 on error
2165 The array is little-endian: the bit 0 is the least significant bit of the
2175 -------------------------
2184 is an IOMMU for PAPR-style virtual I/O. It is used to translate
2198 which this TCE table will translate - the table will contain one 64
2208 the entries written by kernel-handled H_PUT_TCE calls, and also lets
2214 ------------
2220 :Returns: 0 on success, -1 on error
2227 To use this to emulate the LINT1 input with KVM_CREATE_IRQCHIP, use the
2230 - pause the vcpu
2231 - read the local APIC's state (KVM_GET_LAPIC)
2232 - check whether changing LINT1 will queue an NMI (see the LVT entry for LINT1)
2233 - if so, issue KVM_NMI
2234 - resume the vcpu
2241 ----------------------
2263 ------------------------
2285 ------------------------
2303 --------------------
2546 ARM 32-bit CP15 registers have the following id bit patterns::
2550 ARM 64-bit CP15 registers have the following id bit patterns::
2558 ARM 32-bit VFP control registers have the following id bit patterns::
2562 ARM 64-bit FP registers have the following id bit patterns::
2566 ARM firmware pseudo-registers have the following bit pattern::
2574 arm64 core/FP-SIMD registers have the following id bit patterns. Note
2608 .. [1] These encodings are not accepted for SVE-enabled vcpus. See
2633 arm64 firmware pseudo-registers have the following bit pattern::
2642 0x6060 0000 0015 ffff KVM_REG_ARM64_SVE_VLS pseudo-register
2645 ENOENT. max_vq is the vcpu's maximum supported vector length in 128-bit
2656 KVM_REG_ARM64_SVE_VLS is a pseudo-register that allows the set of vector
2666 ((vector_lengths[(vq - KVM_ARM64_SVE_VQ_MIN) / 64] >>
2667 ((vq - KVM_ARM64_SVE_VQ_MIN) % 64)) & 1))
2689 is hardware-dependent and may not be available. Attempting to configure
2696 arm64 bitmap feature firmware pseudo-registers have the following bit pattern::
2710 a -EBUSY to userspace.
2723 patterns depending on whether they're 32-bit or 64-bit registers::
2725 0x7020 0000 0001 00 <reg:5> <sel:3> (32-bit)
2726 0x7030 0000 0001 00 <reg:5> <sel:3> (64-bit)
2751 0x7020 0000 0003 00 <0:3> <reg:5> (32-bit FPU registers)
2752 0x7030 0000 0003 00 <0:3> <reg:5> (64-bit FPU registers)
2753 0x7040 0000 0003 00 <0:3> <reg:5> (128-bit MSA vector registers)
2765 RISC-V registers are mapped using the lower 32 bits. The upper 8 bits of
2768 RISC-V config registers are meant for configuring a Guest VCPU and it has
2774 Following are the RISC-V config registers:
2786 RISC-V core registers represent the general execution state of a Guest VCPU
2792 Following are the RISC-V core registers:
2829 0x80x0 0000 0200 0020 mode Privilege mode (1 = S-mode or 0 = U-mode)
2832 RISC-V csr registers represent the supervisor mode control/status registers
2838 Following are the RISC-V csr registers:
2854 RISC-V timer registers represent the timer state of a Guest VCPU and it has
2859 Following are the RISC-V timer registers:
2864 0x8030 0000 0400 0000 frequency Time base frequency (read-only)
2870 RISC-V F-extension registers represent the single precision floating point
2875 Following are the RISC-V F-extension registers:
2886 RISC-V D-extension registers represent the double precision floating point
2890 0x8030 0000 06 <index into the __riscv_d_ext_state struct:24> (non-fcsr)
2892 Following are the RISC-V D-extension registers:
2909 0x9030 0000 0001 00 <reg:5> <sel:3> (64-bit)
2919 Following are the KVM-defined registers for x86:
2928 --------------------
2958 ----------------------
2964 :Returns: 0 on success, -1 on error
2975 load-link/store-conditional, or equivalent must be used. There are two cases
2982 -------------------
2988 :Returns: >0 on delivery, 0 if guest blocked the MSI, and -1 on error
2990 Directly inject a MSI message. Only valid with in-kernel irqchip that handles
3005 KVM_MSI_VALID_DEVID: devid contains a valid value. The per-VM
3016 address_hi bits 31-8 provide bits 31-8 of the destination id. Bits 7-0 of
3021 --------------------
3027 :Returns: 0 on success, -1 on error
3029 Creates an in-kernel device model for the i8254 PIT. This call is only valid
3030 after enabling in-kernel irqchip support via KVM_CREATE_IRQCHIP. The following
3042 PIT timer interrupts may use a per-VM kernel thread for injection. If it
3045 kvm-pit/<owner-process-pid>
3054 -----------------
3060 :Returns: 0 on success, -1 on error
3062 Retrieves the state of the in-kernel PIT model. Only valid after
3082 -----------------
3088 :Returns: 0 on success, -1 on error
3090 Sets the state of the in-kernel PIT model. Only valid after KVM_CREATE_PIT2.
3097 interval timer <https://www.scs.stanford.edu/10wi-cs140/pintos/specs/8254.pdf>`_.
3103 --------------------------
3109 :Returns: 0 on success, -1 on error
3114 device-tree properties for the guest operating system.
3128 - KVM_PPC_PAGE_SIZES_REAL:
3133 - KVM_PPC_1T_SEGMENTS
3137 - KVM_PPC_NO_HASH
3139 thus all guests must use radix MMU mode.
3157 The "slb_enc" field provides the encoding to use in the SLB for the
3178 --------------
3184 :Returns: 0 on success, -1 on error
3187 kvm_irqfd.fd specifies the file descriptor to use as the eventfd and
3194 With KVM_CAP_IRQFD_RESAMPLE, KVM_IRQFD supports a de-assert and notify
3195 mechanism allowing emulation of level-triggered, irqfd-based
3200 as from an EOI, the gsi is de-asserted and the user is notified via
3201 kvm_irqfd.resamplefd. It is the user's responsibility to re-queue
3202 the interrupt if the device making use of it still requires service.
3209 - in case no routing entry is associated to this gsi, injection fails
3210 - in case the gsi is associated to an irqchip routing entry,
3212 - in case the gsi is associated to an MSI routing entry, the MSI
3214 to GICv3 ITS in-kernel emulation).
3217 --------------------------
3223 :Returns: 0 on success, -1 on error
3227 anything if the kernel is configured to use the Book 3S HV style of
3235 The parameter is a pointer to a 32-bit unsigned integer variable
3242 default-sized hash table (16 MB).
3250 real-mode area (VRMA) facility, the kernel will re-create the VMRA
3254 -----------------------
3260 :Returns: 0 on success, -1 on error
3276 - sigp stop; optional flags in parm
3278 - program check; code in parm
3280 - sigp set prefix; prefix address in parm
3282 - restart
3284 - clock comparator interrupt
3286 - CPU timer interrupt
3288 - virtio external interrupt; external interrupt
3291 - sclp external interrupt; sclp parameter in parm
3293 - sigp emergency; source cpu in parm
3295 - sigp external call; source cpu in parm
3297 - compound value to indicate an
3298 I/O interrupt (ai - adapter interrupt; cssid,ssid,schid - subchannel);
3302 - machine check interrupt; cr 14 bits in parm, machine check interrupt
3309 ------------------------
3315 :Returns: file descriptor number (>= 0) on success, -1 on error
3364 ----------------------
3370 :Returns: 0 on success, -1 on error
3403 --------------------------------------------
3411 :Returns: 0 on success, -1 on error
3419 (e.g. read-only attribute, or attribute that only makes
3426 semantics are device-specific. See individual device documentation in
3434 __u32 group; /* device-defined */
3435 __u64 attr; /* group-defined */
3440 ------------------------
3447 :Returns: 0 on success, -1 on error
3464 ----------------------
3470 :Returns: 0 on success; -1 on error
3485 - Processor state:
3490 - General Purpose registers, including PC and SP: set to 0
3491 - FPSIMD/NEON registers: set to 0
3492 - SVE registers: set to 0
3493 - System registers: Reset to their architecturally defined
3502 state. All calls to this function after the initial call must use the same
3507 - KVM_ARM_VCPU_POWER_OFF: Starts the CPU in a power-off state.
3510 - KVM_ARM_VCPU_EL1_32BIT: Starts the CPU in a 32bit mode.
3512 - KVM_ARM_VCPU_PSCI_0_2: Emulate PSCI v0.2 (or a future revision
3515 - KVM_ARM_VCPU_PMU_V3: Emulate PMUv3 for the CPU.
3518 - KVM_ARM_VCPU_PTRAUTH_ADDRESS: Enables Address Pointer authentication
3526 - KVM_ARM_VCPU_PTRAUTH_GENERIC: Enables Generic Pointer authentication
3534 - KVM_ARM_VCPU_SVE: Enables SVE for the CPU (arm64 only).
3540 - KVM_REG_ARM64_SVE_VLS may be read using KVM_GET_ONE_REG: the
3541 initial value of this pseudo-register indicates the best set of
3546 - KVM_RUN and KVM_GET_REG_LIST are not available;
3548 - KVM_GET_ONE_REG and KVM_SET_ONE_REG cannot be used to access
3553 - KVM_REG_ARM64_SVE_VLS may optionally be written using
3559 - the KVM_REG_ARM64_SVE_VLS pseudo-register is immutable, and can
3562 - KVM_ARM_VCPU_HAS_EL2: Enable Nested Virtualisation support,
3568 - KVM_ARM_VCPU_HAS_EL2_E2H0: Restrict Nested Virtualisation
3569 support to HCR_EL2.E2H being RES0 (non-VHE).
3574 -----------------------------
3580 :Returns: 0 on success; -1 on error
3593 kvm_vcpu_init->features bitmap returned will have feature bits set if
3603 ---------------------
3609 :Returns: 0 on success; -1 on error
3631 - KVM_REG_S390_TODPR
3633 - KVM_REG_S390_EPOCHDIFF
3635 - KVM_REG_S390_CPU_TIMER
3637 - KVM_REG_S390_CLOCK_COMP
3639 - KVM_REG_S390_PFTOKEN
3641 - KVM_REG_S390_PFCOMPARE
3643 - KVM_REG_S390_PFSELECT
3645 - KVM_REG_S390_PP
3647 - KVM_REG_S390_GBEA
3653 -----------------------------------------
3659 :Returns: 0 on success, -1 on error
3689 arm64 currently only require this when using the in-kernel GIC
3695 base addresses will return -EEXIST.
3702 ------------------------------
3708 :Returns: 0 on success, -1 on error
3713 of a service that has a kernel-side implementation. If the token
3714 value is non-zero, it will be associated with that service, and
3722 ------------------------
3728 :Returns: 0 on success; -1 on error
3743 - KVM_GUESTDBG_ENABLE: guest debugging is enabled
3744 - KVM_GUESTDBG_SINGLESTEP: the next run should single-step
3749 - KVM_GUESTDBG_USE_SW_BP: using software breakpoints [x86, arm64]
3750 - KVM_GUESTDBG_USE_HW_BP: using hardware breakpoints [x86, s390]
3751 - KVM_GUESTDBG_USE_HW: using hardware debug events [arm64]
3752 - KVM_GUESTDBG_INJECT_DB: inject DB type exception [x86]
3753 - KVM_GUESTDBG_INJECT_BP: inject BP type exception [x86]
3754 - KVM_GUESTDBG_EXIT_PENDING: trigger an immediate guest exit [s390]
3755 - KVM_GUESTDBG_BLOCKIRQ: avoid injecting interrupts/NMI/SMI [x86]
3773 the single-step debug event (KVM_GUESTDBG_SINGLESTEP) is supported.
3783 ---------------------------
3789 :Returns: 0 on success, -1 on error
3819 kvm.Userspace can use the information returned by this ioctl to query
3824 the variable-size array 'entries'. If the number of entries is too low
3858 --------------------
3865 < 0 on generic error (e.g. -EFAULT or -ENOMEM),
3919 address given the state of the VCPU and use the absolute address as target of
3923 Logical accesses are permitted for non-protected guests only.
3941 translation-exception identifier (TEID) indicates suppression.
3964 Absolute accesses are permitted for non-protected guests only.
3976 Perform cmpxchg on absolute guest memory. Intended for use with the
4003 -----------------------
4029 will cause the ioctl to return -EINVAL.
4035 -----------------------
4053 will cause the ioctl to return -EINVAL.
4060 the ioctl will return -EINVAL.
4063 -----------------
4069 :Returns: 0 on success, -1 on error
4110 - KVM_S390_SIGP_STOP - sigp stop; parameter in .stop
4111 - KVM_S390_PROGRAM_INT - program check; parameters in .pgm
4112 - KVM_S390_SIGP_SET_PREFIX - sigp set prefix; parameters in .prefix
4113 - KVM_S390_RESTART - restart; no parameters
4114 - KVM_S390_INT_CLOCK_COMP - clock comparator interrupt; no parameters
4115 - KVM_S390_INT_CPU_TIMER - CPU timer interrupt; no parameters
4116 - KVM_S390_INT_EMERGENCY - sigp emergency; parameters in .emerg
4117 - KVM_S390_INT_EXTERNAL_CALL - sigp external call; parameters in .extcall
4118 - KVM_S390_MCHK - machine check interrupt; parameters in .mchk
4123 ---------------------------
4130 -EINVAL if buffer size is 0,
4131 -ENOBUFS if buffer size is too small to fit all pending interrupts,
4132 -EFAULT if the buffer address was invalid
4135 pending interrupts in a single buffer. Use cases include migration
4150 the kernel never checked for flags == 0 and QEMU never pre-zeroed flags and
4154 If -ENOBUFS is returned the buffer provided was too small and userspace
4158 ---------------------------
4165 -EFAULT if the buffer address was invalid,
4166 -EINVAL for an invalid buffer length (see below),
4167 -EBUSY if there were already interrupts pending,
4171 This ioctl allows userspace to set the complete state of all cpu-local
4193 which is the maximum number of possibly pending cpu-local interrupts.
4196 ------------
4202 :Returns: 0 on success, -1 on error
4207 ----------------------------
4296 part of VM-Enter/VM-Exit emulation.
4299 of VM-Enter/VM-Exit emulation. If an MSR access is denied on VM-Enter, KVM
4300 synthesizes a consistency check VM-Exit(EXIT_REASON_MSR_LOAD_FAIL). If an
4301 MSR access is denied on VM-Exit, KVM synthesizes a VM-Abort. In short, KVM
4303 the VM-Enter/VM-Exit MSR list. It is platform owner's responsibility to
4320 ----------------------------
4353 -------------------------
4360 -EFAULT if struct kvm_reinject_control cannot be read,
4361 -ENXIO if KVM_CREATE_PIT or KVM_CREATE_PIT2 didn't succeed earlier.
4380 ------------------------------
4387 -EFAULT if struct kvm_ppc_mmuv3_cfg cannot be read,
4388 -EINVAL if the configuration is invalid
4390 This ioctl controls whether the guest will use radix or HPT (hashed
4403 to use radix tree translation, and if clear, to use HPT translation.
4405 to be able to use the global TLB and SLB invalidation instructions;
4406 if clear, the guest may not use these instructions.
4414 ---------------------------
4421 -EFAULT if struct kvm_ppc_rmmu_info cannot be written,
4422 -EINVAL if no useful information can be returned
4451 --------------------------------
4460 -EFAULT if struct kvm_reinject_control cannot be read,
4461 -EINVAL if the supplied shift or flags are invalid,
4462 -ENOMEM if unable to allocate the new HPT,
4495 returns 0 (i.e. cancels any in-progress preparation).
4498 flags will result in an -EINVAL.
4505 -------------------------------
4512 -EFAULT if struct kvm_reinject_control cannot be read,
4513 -EINVAL if the supplied shift or flags are invalid,
4514 -ENXIO is there is no pending HPT, or the pending HPT doesn't
4516 -EBUSY if the pending HPT is not fully prepared,
4517 -ENOSPC if there was a hash collision when moving existing
4519 -EIO on other error conditions
4536 KVM_PPC_RESIZE_HPT_COMMIT will return an error (usually -ENXIO or
4537 -EBUSY, though others may be possible if the preparation was started,
4550 -----------------------------------
4556 :Returns: 0 on success, -1 on error
4563 -----------------------
4570 -EFAULT if u64 mcg_cap cannot be read,
4571 -EINVAL if the requested number of banks is invalid,
4572 -EINVAL if requested MCE capability is not supported.
4574 Initializes MCE support for use. The u64 mcg_cap parameter
4577 supported number of error-reporting banks can be retrieved when
4582 ---------------------
4589 -EFAULT if struct kvm_x86_mce cannot be read,
4590 -EINVAL if the bank number is invalid,
4591 -EINVAL if VAL bit is not set in status field.
4616 ----------------------------
4639 - During live migration to save the CMMA values. Live migration needs
4641 - To non-destructively peek at the CMMA values, with the flag
4672 KVM_S390_SKEYS_MAX. KVM_S390_SKEYS_MAX is re-used for consistency with
4717 ----------------------------
4727 the CMMA values, but there are no restrictions on its use.
4756 This ioctl can fail with -ENOMEM if not enough memory can be allocated to
4757 complete the task, with -ENXIO if CMMA is not enabled, with -EINVAL if
4759 if the flags field was not 0, with -EFAULT if the userspace address is
4765 --------------------------
4772 -EFAULT if struct kvm_ppc_cpu_char cannot be written
4777 CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754). The information is
4794 with preventing inadvertent information disclosure - specifically,
4795 whether there is an instruction to flash-invalidate the L1 data cache
4808 These fields use the same bit definitions as the new
4812 ---------------------------
4818 :Returns: 0 on success; -1 on error
4821 for issuing platform-specific memory encryption commands to manage those
4827 Documentation/virt/kvm/x86/amd-memory-encryption.rst and
4828 Documentation/virt/kvm/x86/intel-tdx.rst.
4831 -----------------------------------
4837 :Returns: 0 on success; -1 on error
4842 It is used in the SEV-enabled guest. When encryption is enabled, a guest
4855 -------------------------------------
4861 :Returns: 0 on success; -1 on error
4867 ------------------------
4875 the specified Hyper-V connection id through the SIGNAL_EVENT hypercall, without
4876 causing a user exit. SIGNAL_EVENT hypercall with non-zero event flag number
4877 (bits 24-31) still triggers a KVM_EXIT_HYPERV_HCALL user exit.
4897 -EINVAL if conn_id or flags is outside the allowed range,
4898 -ENOENT on deassign if the conn_id isn't registered,
4899 -EEXIST on assign if the conn_id is already registered
4902 --------------------------
4908 :Returns: 0 on success, -1 on error
4976 --------------------------
4982 :Returns: 0 on success, -1 on error
4988 -------------------------------------
5017 -------------------------
5023 :Returns: 0 on success, -1 on error
5045 in KVM's dirty bitmap, and dirty tracking is re-enabled for that page
5046 (for example via write-protection, or by clearing the dirty bit in
5049 If KVM_CAP_MULTI_ADDRESS_SPACE is available, bits 16-31 of slot field specifies
5059 --------------------------------
5065 :Returns: 0 on success, -1 on error
5086 This ioctl returns x86 cpuid features leaves related to Hyper-V emulation in
5087 KVM. Userspace can use the information returned by this ioctl to construct
5088 cpuid information presented to guests consuming Hyper-V enlightenments (e.g.
5089 Windows or Hyper-V guests).
5091 CPUID feature leaves returned by this ioctl are defined by Hyper-V Top Level
5098 - HYPERV_CPUID_VENDOR_AND_MAX_FUNCTIONS
5099 - HYPERV_CPUID_INTERFACE
5100 - HYPERV_CPUID_VERSION
5101 - HYPERV_CPUID_FEATURES
5102 - HYPERV_CPUID_ENLIGHTMENT_INFO
5103 - HYPERV_CPUID_IMPLEMENT_LIMITS
5104 - HYPERV_CPUID_NESTED_FEATURES
5105 - HYPERV_CPUID_SYNDBG_VENDOR_AND_MAX_FUNCTIONS
5106 - HYPERV_CPUID_SYNDBG_INTERFACE
5107 - HYPERV_CPUID_SYNDBG_PLATFORM_CAPABILITIES
5110 with the 'nent' field indicating the number of entries in the variable-size
5111 array 'entries'. If the number of entries is too low to describe all Hyper-V
5113 to the number of Hyper-V feature leaves, the 'nent' field is adjusted to the
5123 - HYPERV_CPUID_NESTED_FEATURES leaf and HV_X64_ENLIGHTENED_VMCS_RECOMMENDED
5126 - HV_STIMER_DIRECT_MODE_AVAILABLE bit is only exposed with in-kernel LAPIC.
5130 ---------------------------
5135 :Returns: 0 on success, -1 on error
5160 configured by use of ioctls such as KVM_SET_ONE_REG. The exact configuration
5161 that should be performed and how to do it are feature-dependent.
5165 -EPERM unless the feature has already been finalized by means of a
5172 ------------------------------
5178 :Returns: 0 on success, -1 on error
5212 To use this mode, clear the 'flags' field.
5224 exclude value. To encode a masked event use::
5231 ---- -----------
5260 When setting a new pmu event filter, -EINVAL will be returned if any of the
5272 Specifically, KVM follows the following pseudo-code when determining whether to
5273 allow the guest FixCtr[i] to count its pre-defined fixed event::
5288 ---------------------
5312 ---------------------------
5324 ----------------------------
5337 --------------------------
5351 -------------------------
5396 All registered VCPUs are converted back to non-protected ones. If a
5497 not succeed all other subcommands will fail with -EINVAL. This
5498 subcommand will return -EINVAL if a dump process has not yet been
5529 resume execution immediately as non-protected. There can be at most
5554 --------------------------
5600 Sets the ABI mode of the VM to 32-bit or 64-bit (long mode). This
5634 re-mapped in guest physical address space.
5640 This is the HVM-wide vector injected directly by the hypervisor
5662 the 32-bit version code returned to the guest when it invokes the
5664 Xen guests will often use this to as a dummy hypercall to trigger
5677 --------------------------
5690 ---------------------------
5775 other four times. The state field must be set to -1, or to a valid
5783 vCPU ID of the given vCPU, to allow timer-related VCPU operations to
5796 per-vCPU local APIC upcall vector, configured by a Xen guest with
5798 used by Windows guests, and is distinct from the HVM-wide upcall
5804 ---------------------------
5819 ---------------------------
5825 :Returns: number of bytes copied, < 0 on error (-EINVAL for incorrect
5826 arguments, -EFAULT if memory cannot be accessed).
5840 ``length`` must not be bigger than 2^31 - PAGE_SIZE bytes. The ``addr``
5857 --------------------
5863 :Returns: 0 on success, -1 on error
5890 --------------------
5896 :Returns: 0 on success, -1 on error
5903 ----------------------
5922 +-------------+
5924 +-------------+
5926 +-------------+
5928 +-------------+
5930 +-------------+
5939 only one time after retrieving the file descriptor, and then use ``pread`` or
6020 Bits 0-3 of ``flags`` encode the type:
6042 is [``hist_param``*(N-1), ``hist_param``*N), while the range of the last
6043 bucket is [``hist_param``*(``size``-1), +INF). (+INF means positive infinity
6048 [0, 1), while the range of the last bucket is [pow(2, ``size``-2), +INF).
6050 [pow(2, N-2), pow(2, N-1)).
6052 Bits 4-7 of ``flags`` encode the unit:
6075 Bits 8-11 of ``flags``, together with ``exponent``, encode the scale of the
6080 CPU clock cycles. For example, an exponent of -9 can be used with
6096 bucket in the unit expressed by bits 4-11 of ``flags`` together with ``exponent``.
6102 The Stats Data block contains an array of 64-bit values in the same order
6106 --------------------
6112 :Returns: 0 on success, -1 on error
6133 -----------------------------
6153 -----------------------------
6162 for vcpus. It re-uses the kvm_s390_pv_dmp struct and hence also shares
6178 ----------------------
6186 Used to manage hardware-assisted virtualization features for zPCI devices.
6225 --------------------------------
6233 This capability indicates that userspace is able to apply a single VM-wide
6254 (-EINVAL) being returned. This ioctl can also return -EBUSY if any vcpu
6265 ------------------------------------
6295 All other values are reserved for future use and KVM may return an error.
6297 The ``reserved[13]`` array is reserved for future use and should be 0, or
6304 op0==3, op1=={0, 1, 3}, CRn==0, CRm=={0-7}, op2=={0-7}.
6313 ---------------------------------
6319 :Returns: 0 on success, -1 on error
6328 bounds checks apply (use common sense).
6349 on-demand.
6360 Returns -EINVAL if the VM has the KVM_VM_S390_UCONTROL flag set.
6361 Returns -EINVAL if called on a protected VM.
6364 -------------------------------
6400 ----------------------------
6428 to host memory. This allows for use cases where multiple KVM structures are
6461 ---------------------------
6493 KVM_PRE_FAULT_MEMORY populates KVM's stage-2 page tables used to map memory
6495 stage-2 read page fault, e.g. faults in memory as needed, but doesn't break
6496 CoW. However, KVM does not mark any newly created stage-2 PTE as Accessed.
6545 This field is polled once when KVM_RUN starts; if non-zero, KVM_RUN
6546 exits immediately, returning -EINTR. In the common scenario where a
6550 a signal handler that sets run->immediate_exit to a non-zero value.
6576 The value of the current interrupt flag. Only valid if in-kernel
6583 More architecture-specific flags detailing state of the VCPU that may
6601 The value of the cr8 register. Only valid if in-kernel local APIC is
6608 The value of the APIC BASE msr. Only valid if in-kernel local
6620 reasons. Further architecture-specific information is available in
6632 to unknown reasons. Further architecture-specific information is
6685 executed a memory-mapped I/O instruction which could not be satisfied
6699 has re-entered the kernel with KVM_RUN. The kernel side will first finish
6704 completed before performing a live migration. Userspace can re-enter the
6720 It is strongly recommended that userspace use ``KVM_EXIT_IO`` (x86) or
6727 ----------
6734 expected to use the ``KVM_GET_ONE_REG`` ioctl to retrieve the call
6738 - ``KVM_HYPERCALL_EXIT_SMC``: Indicates that the guest used the SMC
6742 - ``KVM_HYPERCALL_EXIT_16BIT``: Indicates that the guest used a 16bit
6811 Deprecated - was used for 440 KVM.
6837 This is used on 64-bit PowerPC when emulating a pSeries partition,
6841 the arguments (from the guest R4 - R12). Userspace should put the
6903 a system-level event using some architecture specific mechanism (hypercall
6907 The 'type' field describes the system-level event type.
6910 - KVM_SYSTEM_EVENT_SHUTDOWN -- the guest has requested a shutdown of the
6914 - KVM_SYSTEM_EVENT_RESET -- the guest has requested a reset of the VM.
6917 - KVM_SYSTEM_EVENT_CRASH -- the guest crash occurred and the guest
6921 - KVM_SYSTEM_EVENT_SEV_TERM -- an AMD SEV guest requested termination.
6923 - KVM_SYSTEM_EVENT_TDX_FATAL -- a TDX guest reported a fatal error state.
6924 KVM doesn't do any parsing or conversion, it just dumps 16 general-purpose
6925 registers to userspace, in ascending order of the 4-bit indices for x86-64
6926 general-purpose registers in instruction encoding, as defined in the Intel
6928 - KVM_SYSTEM_EVENT_WAKEUP -- the exiting vCPU is in a suspended state and
6931 - KVM_SYSTEM_EVENT_SUSPEND -- the guest has requested a suspension of
6935 architecture specific information for the system-level event. Only
6938 - for arm64, data[0] is set to KVM_SYSTEM_EVENT_RESET_FLAG_PSCI_RESET2 if
6942 - for arm64, data[0] is set to KVM_SYSTEM_EVENT_SHUTDOWN_FLAG_PSCI_OFF2
6946 - for RISC-V, data[0] is set to the value of the second argument of the
6954 --------------
6964 the call parameters are left in-place in the vCPU registers.
6969 - Honor the guest request to suspend the VM. Userspace can request
6970 in-kernel emulation of suspension by setting the calling vCPU's
6973 the calling vCPU is resumed. See ARM DEN0022D.b 5.19.1 "Intended use"
6976 - Deny the guest request to suspend the VM. See ARM DEN0022D.b 5.19.2
6992 Indicates that the VCPU's in-kernel local APIC received an EOI for a
6993 level-triggered IOAPIC interrupt. This exit only triggers when the
7035 related to Hyper-V emulation.
7039 - KVM_EXIT_HYPERV_SYNIC -- synchronously notify user-space about
7041 Hyper-V SynIC state change. Notification is used to remap SynIC
7045 - KVM_EXIT_HYPERV_SYNDBG -- synchronously notify user-space about
7047 Hyper-V Synthetic debugger state change. Notification is used to either update
7066 the VM. KVM assumed that if the guest accessed non-memslot memory, it was
7096 __u8 error; /* user -> kernel */
7098 __u32 reason; /* kernel -> user */
7099 __u32 index; /* kernel -> user */
7100 __u64 data; /* kernel <-> user */
7158 - KVM_EXIT_XEN_HCALL -- synchronously notify user-space about Xen hypercall.
7173 done a SBI call which is not handled by KVM RISC-V kernel module. The details
7179 values of SBI call before resuming the VCPU. For more details on RISC-V SBI
7180 spec refer, https://github.com/riscv/riscv-sbi-doc.
7197 - KVM_MEMORY_EXIT_FLAG_PRIVATE - When set, indicates the memory fault occurred
7202 accompanies a return code of '-1', not '0'! errno will always be set to EFAULT
7215 enabled, a VM exit generated if no event window occurs in VM non-root mode
7223 - KVM_NOTIFY_CONTEXT_INVALID -- the VM context is corrupted and not valid
7255 on the Guest-Hypervisor Communication Interface (GHCI) specification;
7258 on re-entry.
7265 * ``TDVMCALL_GET_QUOTE``: the guest has requested to generate a TD-Quote
7266 signed by a service hosting TD-Quoting Enclave operating on the host.
7269 (without the shared bit set) and the size of a shared-memory buffer, in
7273 shared-memory area to check whether the Quote generation is completed or
7308 - ``ESR_EL2.EC``
7309 - ``ESR_EL2.IL``
7310 - ``ESR_EL2.FnV``
7311 - ``ESR_EL2.EA``
7312 - ``ESR_EL2.CM``
7313 - ``ESR_EL2.WNR``
7314 - ``ESR_EL2.FSC``
7315 - ``ESR_EL2.SET`` (when FEAT_RAS is implemented for the VM)
7352 Please note that the kernel is allowed to use the kvm_run structure as the
7353 primary storage for certain register types. Therefore, the kernel may use the
7376 whether this is a per-vcpu or per-vm capability.
7387 -------------------
7392 :Returns: 0 on success; -1 on error
7396 were invented by Mac-on-Linux to have a standardized communication mechanism
7403 --------------------
7408 :Returns: 0 on success; -1 on error
7424 ------------------
7429 :Returns: 0 on success; -1 on error
7442 addresses of mmu-type-specific data structures. The "array_len" field is an
7458 - The "params" field is of type "struct kvm_book3e_206_tlb_params".
7459 - The "array" field points to an array of type "struct
7461 - The array consists of all entries in the first TLB, followed by all
7463 - Within a TLB, entries are ordered first by increasing set number. Within a
7465 - The hash for determining set number in TLB0 is: (MAS2 >> 12) & (num_sets - 1)
7467 - The tsize field of mas1 shall be set to 4K on TLB0, even though the
7471 ----------------------------
7476 :Returns: 0 on success; -1 on error
7481 handled in-kernel, while the other I/O instructions are passed to userspace.
7486 Note that even though this capability is enabled per-vcpu, the complete
7490 -------------------
7495 :Returns: 0 on success; -1 on error
7509 --------------------
7515 This capability connects the vcpu to an in-kernel MPIC device.
7518 --------------------
7525 This capability connects the vcpu to an in-kernel XICS device.
7528 ------------------------
7534 This capability enables the in-kernel irqchip for s390. Please refer to
7538 --------------------
7542 :Parameters: args[0] is reserved for future use (should be 0).
7544 This capability allows the use of the host Floating Point Unit by the guest. It
7552 ---------------------
7556 :Parameters: args[0] is reserved for future use (should be 0).
7558 This capability allows the use of the MIPS SIMD Architecture (MSA) by the guest.
7559 It allows the Config3.MSAP bit to be set to enable the use of MSA by the guest.
7565 ----------------------
7570 :Returns: x86: KVM_CHECK_EXTENSION returns a bit-array indicating which register
7586 - the register sets to be copied out to kvm_run are selectable
7588 - vcpu_events are available in addition to regs and sregs.
7591 function as an input bit-array field set by userspace to indicate the
7611 -------------------------
7618 This capability connects the vcpu to an in-kernel XIVE device.
7621 -------------------------
7628 Hyper-V Synthetic interrupt controller(SynIC). Hyper-V SynIC is
7629 used to support Windows Hyper-V based guest paravirt drivers(VMBus).
7631 In order to use SynIC, it has to be activated by setting this
7633 will disable the use of APIC hardware virtualization even if supported
7634 by the CPU, as it's incompatible with SynIC auto-EOI behavior.
7637 --------------------------
7642 This capability enables a newer version of Hyper-V Synthetic interrupt
7648 -----------------------------------
7653 This capability indicates that KVM running on top of Hyper-V hypervisor
7655 hypercalls are handled by Level 0 hypervisor (Hyper-V) bypassing KVM.
7656 Due to the different ABI for hypercall parameters between Hyper-V and
7659 flush hypercalls by Hyper-V) so userspace should disable KVM identification
7660 in CPUID and only exposes Hyper-V identification. In this case, guest
7661 thinks it's running on Hyper-V and only use Hyper-V hypercalls.
7664 ---------------------------------
7669 When enabled, KVM will disable emulated Hyper-V features provided to the
7670 guest according to the bits Hyper-V CPUID feature leaves. Otherwise, all
7671 currently implemented Hyper-V features are provided unconditionally when
7672 Hyper-V identification is set in the HYPERV_CPUID_INTERFACE (0x40000001)
7676 -------------------------------------
7683 (0x40000001). Otherwise, a guest may use the paravirtual features
7714 ----------------------------
7718 args[1] is 0 to disable, 1 to enable in-kernel handling
7721 get handled by the kernel or not. Enabling or disabling in-kernel
7723 initial set of hcalls are enabled for in-kernel handling, which
7724 consists of those hcalls for which in-kernel handlers were implemented
7731 If the hcall number specified is not one that has an in-kernel
7736 --------------------------
7745 - SENSE
7746 - SENSE RUNNING
7747 - EXTERNAL CALL
7748 - EMERGENCY SIGNAL
7749 - CONDITIONAL EMERGENCY SIGNAL
7758 ---------------------------------
7764 Allows use of the vector registers introduced with z13 processor, and
7766 return -EINVAL if the machine does not support vectors.
7769 --------------------------
7774 This capability allows post-handlers for the STSI instruction. After
7779 vcpu->run::
7790 @addr - guest address of STSI SYSIB
7791 @fc - function code
7792 @sel1 - selector 1
7793 @sel2 - selector 2
7794 @ar - access register number
7796 KVM handlers should exit to userspace with rc = -EREMOTE.
7799 -------------------------
7802 :Parameters: args[0] - number of routes reserved for userspace IOAPICs
7803 :Returns: 0 on success, -1 on error
7820 -------------------
7825 Allows use of runtime-instrumentation introduced with zEC12 processor.
7826 Will return -EINVAL if the machine does not support runtime-instrumentation.
7827 Will return -EBUSY if a VCPU has already been created.
7830 ----------------------
7833 :Parameters: args[0] - features that should be enabled
7834 :Returns: 0 on success, -EINVAL when args[0] contains invalid features
7843 allowing the use of 32-bit APIC IDs. See KVM_CAP_X2APIC_API in their
7850 where 0xff represents CPUs 0-7 in cluster 0.
7853 ----------------------------
7859 be intercepted and forwarded to user space. User space can use this
7860 mechanism e.g. to realize 2-byte software breakpoints. The kernel will
7868 -------------------
7872 :Returns: 0 on success; -EINVAL if the machine does not support
7873 guarded storage; -EBUSY if a VCPU has already been created.
7875 Allows use of guarded storage for the KVM guest.
7878 ---------------------
7883 Allow use of adapter-interruption suppression.
7884 :Returns: 0 on success; -EBUSY if a VCPU has already been created.
7887 --------------------
7905 ----------------------
7917 ------------------------------
7921 :Returns: 0 on success, -EINVAL when args[0] contains invalid exits
7943 document strict usage conditions for these MSRs--emphasizing that only
7945 architecturally defined--simply passing through the MSRs can still
7953 4. C-states lower than C0 are emulated (e.g., via HLT interception).
7964 --------------------------
7968 :Returns: 0 on success, -EINVAL if hpage module parameter was not set
7976 hpage module parameter is not set to 1, -EINVAL is returned.
7982 ------------------------------
7992 --------------------------
7996 :Returns: 0 on success, -EINVAL when the implementation doesn't support
7997 nested-HV virtualization.
7999 HV-KVM on POWER9 and later systems allows for "nested-HV"
8001 can run using the CPU's supervisor mode (privileged non-hypervisor
8004 kvm-hv module parameter.
8007 ------------------------------
8013 emulated VM-exit when L1 intercepts a #PF exception that occurs in
8014 L2. Similarly, for kvm-intel only, DR6 will not be modified prior to
8015 the emulated VM-exit when L1 intercepts a #DB exception that occurs in
8021 exception.has_payload and to put the faulting address - or the new DR6
8022 bits\ [#]_ - in the exception_payload field.
8030 will clear DR6.RTM.
8033 --------------------------------------
8044 automatically clear and write-protect all pages that are returned as dirty.
8050 KVM_CLEAR_DIRTY_LOG ioctl can operate on a 64-page granularity rather
8070 it hard or impossible to use it correctly. The availability of
8072 Userspace should not try to use KVM_CAP_MANUAL_DIRTY_LOG_PROTECT.
8075 ------------------------------
8092 ----------------------
8097 :Returns: 0 on success; -1 on error
8100 maximum halt-polling time for all vCPUs in the target VM. This capability can
8102 maximum halt-polling time.
8104 See Documentation/virt/kvm/halt-polling.rst for more information on halt
8108 -------------------------------
8113 :Returns: 0 on success; -1 on error
8140 -------------------------------
8145 :Returns: 0 on success, -EINVAL when args[0] contains invalid bits
8155 the KVM_ENABLE_CAP. The supported modes are mutually-exclusive.
8158 guest, irrespective whether or not the host has enabled split-lock detection
8164 exit, although the host kernel's split-lock #AC detection still applies, if
8170 apply some other policy-based mitigation. When exiting to userspace, KVM sets
8171 KVM_RUN_X86_BUS_LOCK in vcpu-run->flags, and conditionally sets the exit_reason
8176 the next instruction, i.e. the exit is trap-like. On AMD hosts, RIP points at
8177 the offending instruction, i.e. the exit is fault-like.
8184 ----------------------
8188 :Returns: 0 on success, -EINVAL when CPU doesn't support 2nd DAWR
8195 -------------------------------------
8205 This is intended to support in-guest workloads scheduled by the host. This
8206 allows the in-guest workload to maintain its own NPTs and keeps the two vms
8211 --------------------------
8216 :Returns: 0 on success, -EINVAL if the file handle is invalid or if a requested
8225 additional security for an uncompromised kernel, e.g. use of the PROVISIONKEY
8234 --------------------------------------
8243 failure. When these exits to userspace occur use the emulation_failure struct
8252 --------------------
8269 ``MAP_ANONYMOUS`` or with a RAM-based file mapping (``tmpfs``, ``memfd``),
8271 -EINVAL return.
8273 When enabled the VMM may make use of the ``KVM_ARM_MTE_COPY_TAGS`` ioctl to
8277 -------------------------------------
8287 This is intended to support intra-host migration of VMs between userspace VMMs,
8291 ----------------------------
8293 :Parameters: args[0] - set of KVM quirks to disable
8329 KVM_X86_QUIRK_OUT_7E_INC_RIP By default, KVM pre-increments %rip before
8332 KVM does not pre-increment %rip before
8401 self-snoop, KVM always ignores guest PAT and
8404 when a VM has non-coherent DMA devices
8408 (e.g. ICX, SPR) where self-snoop feature is
8410 issues with some older guests that use
8420 ------------------------
8424 :Parameters: args[0] - maximum APIC ID value set for current VM
8425 :Returns: 0 on success, -EINVAL if args[0] is beyond KVM_MAX_VCPU_IDS
8441 ------------------------------
8446 :Returns: 0 on success, -EINVAL if args[0] contains invalid flags or notify
8456 in per-VM scope during VM creation. Notify VM exit is disabled by default.
8459 a VM exit if no event window occurs in VM non-root mode for a specified of
8470 -----------------------------------
8475 :Returns: 0 on success, -EINVAL if args[0] contains an invalid value for the
8476 frequency or if any vCPUs have been created, -ENXIO if a virtual
8479 This capability sets the VM's APIC bus clock frequency, used by KVM's in-kernel
8484 core crystal clock frequency, if a non-zero CPUID 0x15 is exposed to the guest.
8487 ----------------------------------------------------------
8491 :Parameters: args[0] - size of the dirty log ring
8531 00 -----------> 01 -------------> 1X -------+
8534 +------------------------------------------+
8548 using load-acquire/store-release accessors when available, or any
8576 Architecture with TSO-like ordering (such as x86) are allowed to
8582 ring structures can be backed by per-slot bitmaps. With this capability
8590 use of the ring and bitmap combination is only beneficial if there is
8592 context. Otherwise, the stand-alone per-slot bitmap mechanism needs to
8595 To collect dirty bits in the backup bitmap, userspace can use the same
8605 KVM device "kvm-arm-vgic-its". (2) restore vgic/its tables through
8607 "kvm-arm-vgic-its". VGICv3 LPI pending status is restored. (3) save
8609 command on KVM device "kvm-arm-vgic-v3".
8612 ---------------------------
8617 :Returns: 0 on success, -EINVAL when arg[0] contains invalid bits
8633 -------------------------------------
8638 :Returns: 0 on success, -EPERM if the userspace process does not
8639 have CAP_SYS_BOOT, -EINVAL if args[0] is not 0 or any vCPUs have been
8649 ---------------------------------------
8654 :Returns: 0 on success, -EINVAL if any memslot was already created.
8658 Eager Page Splitting improves the performance of dirty-logging (used
8659 in live migrations) when guest memory is backed by huge-pages. It
8660 avoids splitting huge-pages (into PAGE_SIZE pages) on fault, by doing
8671 64-bit bitmap (each bit describing a block size). The default value is
8675 ---------------------------
8693 -------------------------------
8702 -------------------------------------
8707 :Returns: 0 on success, -EINVAL if vCPUs have been created before enabling this
8720 ---------------------------------
8725 :Returns: 0 on success, -EINVAL if arg[0] is not zero
8731 -------------------------------------------
8742 ----------------------------
8747 :Returns: 0 on success, -EINVAL if unsupported.
8754 -------------------------------
8775 ---------------------
8781 H_RANDOM hypercall backed by a hardware random-number generator.
8782 If present, the kernel H_RANDOM handler can be enabled for guest use
8786 -------------------------
8796 ---------------------------
8803 the POWER9 processor), including in-memory segment tables.
8806 -------------------
8812 of the hardware are available for use through KVM. An appropriate
8827 0 The trap & emulate implementation is in use to run guest code in user
8831 1 The MIPS VZ ASE is in use, providing full hardware assisted
8836 ----------------------
8850 Both registers and addresses are 32-bits wide.
8851 It will only be possible to run 32-bit guest code.
8853 1 MIPS64 or microMIPS64 with access only to 32-bit compatibility segments.
8854 Registers are 64-bits wide, but addresses are 32-bits wide.
8855 64-bit guest code may run but cannot access MIPS64 memory segments.
8856 It will also be possible to run 32-bit guest code.
8859 Both registers and addresses are 64-bits wide.
8860 It will be possible to run 64-bit or 32-bit guest code.
8864 ------------------------
8869 that if userspace creates a VM without an in-kernel interrupt controller, it
8870 will be notified of changes to the output level of in-kernel emulated devices,
8873 updates the vcpu's run->s.regs.device_irq_level field to represent the actual
8879 userspace can always sample the device output level and re-compute the state of
8881 of run->s.regs.device_irq_level on every kvm exit.
8882 The value in run->s.regs.device_irq_level can represent both level and edge
8884 signals will exit to userspace with the bit in run->s.regs.device_irq_level
8887 The field run->s.regs.device_irq_level is available independent of
8888 run->kvm_valid_regs or run->kvm_dirty_regs bits.
8892 and thereby which bits in run->s.regs.device_irq_level can signal values.
8898 KVM_ARM_DEV_EL1_VTIMER - EL1 virtual timer
8899 KVM_ARM_DEV_EL1_PTIMER - EL1 physical timer
8900 KVM_ARM_DEV_PMU - ARM PMU overflow interrupt signal
8907 -----------------------------
8917 ----------------------------
8927 -------------------------------
8936 ---------------------
8943 ----------------------
8952 ---------------------
8957 use copy-on-write semantics as well as dirty pages tracking via read-only page
8961 ---------------------
8970 ----------------------------
8974 This capability indicates that KVM supports paravirtualized Hyper-V TLB Flush
8980 ----------------------------------
8995 ----------------------------
8999 This capability indicates that KVM supports paravirtualized Hyper-V IPI send
9004 -----------------------------
9012 ---------------------------
9023 -----------------------
9029 architecture-specific interfaces. This capability and the architecture-
9036 -------------------------
9046 an 8-byte value consisting of a one-byte Control Program Name Code (CPNC) and
9047 a 7-byte Control Program Version Code (CPVC). The CPNC determines what
9056 -------------------------------
9067 ---------------------------
9081 --------------------
9111 The KVM_XEN_HVM_CONFIG_RUNSTATE flag indicates that the runstate-related
9145 ---------------------------
9157 In order to enable H_PUT_TCE_INDIRECT and H_STUFF_TCE use in the guest,
9159 IBM pSeries (sPAPR) guest starts using them if "hcall-multi-tce" is
9160 present in the "ibm,hypertas-functions" device-tree property.
9170 --------------------
9179 --------------------------------
9191 ------------------------------
9211 When getting the Modified Change Topology Report value, the attr->addr
9215 ---------------------
9220 This capability returns a bitmap of support VM types. The 1-setting of bit @n
9229 Do not use KVM_X86_SW_PROTECTED_VM for "real" VMs, and especially not in
9230 production. The behavior and effective ABI for software-protected VMs is
9234 -------------------------------
9241 In order to enable the use of H_RPT_INVALIDATE in the guest,
9243 IBM pSeries (sPAPR) guest starts using it if "hcall-rpt-invalidate" is
9244 present in the "ibm,hypertas-functions" device-tree property.
9250 ---------------------------
9258 This capability allows a guest kernel to use a better-performance mode for
9262 ------------------------------
9267 kvm_run.memory_fault if KVM cannot resolve a guest page fault VM-Exit, e.g. if
9282 ---------------------------
9305 --------
9319 ``KVM_ENABLE_CAP(KVM_CAP_IRQCHIP_SPLIT)`` are used to enable in-kernel emulation of
9326 is present and the kernel has enabled in-kernel emulation of the local APIC.
9347 available. Use ``KVM_CHECK_EXTENSION(KVM_CAP_DISABLE_QUIRKS2)`` instead if