| /linux/arch/s390/kvm/ |
| H A D | gaccess.h | 3 * access guest memory
20 * kvm_s390_real_to_abs - convert guest real address to guest absolute address
21 * @prefix - guest prefix
22 * @gra - guest real address
24 * Returns the guest absolute address that corresponds to the passed guest real
37 * kvm_s390_real_to_abs - convert guest real address to guest absolute address
38 * @vcpu - guest virtual cpu
39 * @gra - guest real address
41 * Returns the guest absolute address that corresponds to the passed guest real
42 * address @gra of a virtual guest cpu by applying its prefix.
[all …]
|
| /linux/Documentation/virt/kvm/x86/ |
| H A D | mmu.rst | 8 for presenting a standard x86 mmu to the guest, while translating guest
14 the guest should not be able to determine that it is running
19 the guest must not be able to touch host memory not assigned
28 Linux memory management code must be in control of guest memory
32 report writes to guest memory to enable live migration
47 gfn guest frame number
48 gpa guest physical address
49 gva guest virtual address
50 ngpa nested guest physical address
51 ngva nested guest virtual address
[all …]
|
| H A D | running-nested-guests.rst | 7 A nested guest is the ability to run a guest inside another guest (it
9 example is a KVM guest that in turn runs on a KVM guest (the rest of
15 | (Nested Guest) | | (Nested Guest) |
19 | L1 (Guest Hypervisor) |
33 - L1 – level-1 guest; a VM running on L0; also called the "guest
36 - L2 – level-2 guest; a VM running on L1, this is the "nested guest"
46 (guest hypervisor), L3 (nested guest).
61 Provider, using nested KVM lets you rent a large enough "guest
62 hypervisor" (level-1 guest). This in turn allows you to create
66 - Live migration of "guest hypervisors" and their nested guests, for
[all …]
|
| H A D | amd-memory-encryption.rst | 98 __u16 ghcb_version; /* maximum guest GHCB version allowed */
108 requests. If ``ghcb_version`` is 0 for any other guest type, then the maximum
109 allowed guest GHCB protocol will default to version 2.
133 context. To create the encryption context, user must provide a guest policy,
144 __u32 policy; /* guest's policy */
146 … __u64 dh_uaddr; /* userspace address pointing to the guest owner's PDH key */
149 … __u64 session_addr; /* userspace address which points to the guest session information */
164 of the memory contents that can be sent to the guest owner as an attestation
184 data encrypted by the KVM_SEV_LAUNCH_UPDATE_DATA command. The guest owner may
185 wait to provide the guest with confidential information until it can verify the
[all …]
|
| H A D | msr.rst | 25 in guest RAM. This memory is expected to hold a copy of the following
40 guest has to check version before and after grabbing
64 guest RAM, plus an enable bit in bit 0. This memory is expected to hold
87 guest has to check version before and after grabbing
127 coordinated between the guest and the hypervisor. Availability
139 | | | guest vcpu has been paused by |
196 which must be in guest RAM. This memory is expected to hold the
220 a token that will be used to notify the guest when missing page becomes
224 is currently supported, when set, it indicates that the guest is dealing
226 'flags' is '0' it means that this is regular page fault. Guest is
[all …]
|
| H A D | hypercalls.rst | 54 :Purpose: Trigger guest exit so that the host can check for pending
70 :Purpose: Expose hypercall availability to the guest. On x86 platforms, cpuid
81 :Purpose: To enable communication between the hypervisor and guest there is a
83 The guest can map this shared page to access its supervisor register
93 A vcpu of a paravirtualized guest that is busywaiting in guest
98 same guest can wakeup the sleeping vcpu by issuing KVM_HC_KICK_CPU hypercall,
107 :Purpose: Hypercall used to synchronize host and guest clocks.
111 a0: guest physical address where host copies
130 * tsc: guest TSC value used to calculate sec/nsec pair
133 The hypercall lets a guest compute a precise timestamp across
[all …]
|
| /linux/Documentation/virt/hyperv/ |
| H A D | coco.rst | 25 * AMD processor with SEV-SNP. Hyper-V does not run guest VMs with AMD SME,
40 * Fully-enlightened mode. In this mode, the guest operating system is
43 * Paravisor mode. In this mode, a paravisor layer between the guest and the
44 host provides some operations needed to run as a CoCo VM. The guest operating
49 points on a spectrum spanning the degree of guest enlightenment needed to run
53 guest OS with no knowledge of memory encryption or other aspects of CoCo VMs
56 aspects of CoCo VMs are handled by the Hyper-V paravisor while the guest OS
59 paravisor, and there is no standardized mechanism for a guest OS to query the
61 the paravisor provides is hard-coded in the guest OS.
64 a limited paravisor to provide services to the guest such as a virtual TPM.
[all …]
|
| H A D | vpci.rst | 5 In a Hyper-V guest VM, PCI pass-thru devices (also called
8 Guest device drivers can interact directly with the hardware
12 hypervisor. The device should appear to the guest just as it
24 and produces the same benefits by allowing a guest device
55 do not appear in the Linux guest's ACPI tables. vPCI devices
68 in the guest, or if the vPCI device is removed from
95 hv_pci_probe() allocates a guest MMIO range to be used as PCI
99 hv_pci_enter_d0(). When the guest subsequently accesses this
118 guest VM at any time during the life of the VM. The removal
120 is not under the control of the guest OS.
[all …]
|
| /linux/Documentation/security/ |
| H A D | snp-tdx-threat-model.rst | 46 integrity for the VM's guest memory and execution state (vCPU registers),
47 more tightly controlled guest interrupt injection, as well as some
48 additional mechanisms to control guest-host page mapping. More details on
53 The basic CoCo guest layout includes the host, guest, the interfaces that
54 communicate guest and host, a platform capable of supporting CoCo VMs, and
55 a trusted intermediary between the guest VM and the underlying platform
58 is still in charge of the guest lifecycle, i.e. create or destroy a CoCo
65 the rest of the components (data flow for guest, host, hardware) ::
68 | CoCo guest VM |<---->| |
136 (in contrast to a remote network attacker) and has control over the guest
[all …]
|
| /linux/tools/virtio/ringtest/ |
| H A D | virtio_ring_0_9.c | 41 struct guest { struct
52 } guest; argument
78 guest.avail_idx = 0; in alloc_ring()
79 guest.kicked_avail_idx = -1; in alloc_ring()
80 guest.last_used_idx = 0; in alloc_ring()
83 guest.free_head = 0; in alloc_ring()
89 guest.num_free = ring_size; in alloc_ring()
98 /* guest side */
107 if (!guest.num_free) in add_inbuf()
111 head = (ring_size - 1) & (guest.avail_idx++); in add_inbuf()
[all …]
|
| H A D | ring.c | 27 * Guest adds descriptors with unique index values and DESC_HW in flags.
59 struct guest { struct
65 } guest; argument
92 guest.avail_idx = 0; in alloc_ring()
93 guest.kicked_avail_idx = -1; in alloc_ring()
94 guest.last_used_idx = 0; in alloc_ring()
103 guest.num_free = ring_size; in alloc_ring()
111 /* guest side */
116 if (!guest.num_free) in add_inbuf()
119 guest.num_free--; in add_inbuf()
[all …]
|
| /linux/arch/mips/kvm/ |
| H A D | tlb.c | 92 * Sets the root GuestID to match the current guest GuestID, for TLB operation
121 /* Set root GuestID for root probe and write of guest TLB entry */ in kvm_vz_host_tlb_inv()
153 * kvm_vz_guest_tlb_lookup() - Lookup a guest VZ TLB mapping.
155 * @gpa: Guest virtual address in a TLB mapped guest segment.
156 * @gpa: Pointer to output guest physical address it maps to.
158 * Converts a guest virtual address in a guest TLB mapped segment to a guest
159 * physical address, by probing the guest TLB.
161 * Returns: 0 if guest TLB mapping exists for @gva. *@gpa will have been
163 * -EFAULT if no guest TLB mapping exists for @gva. *@gpa may not
175 /* Probe the guest TLB for a mapping */ in kvm_vz_guest_tlb_lookup()
[all …]
|
| H A D | vz.c | 44 * Number of guest VTLB entries to use, so we can catch inconsistency between
75 * These Config bits may be writable by the guest:
119 * Permit guest FPU mode changes if FPU is enabled and the relevant in kvm_vz_config5_guest_wrmask()
199 /* VZ guest has already converted gva to gpa */ in kvm_vz_gva_to_gpa_cb()
218 * timer expiry is asynchronous to vcpu execution therefore defer guest in kvm_vz_queue_timer_int_cb()
227 * timer expiry is asynchronous to vcpu execution therefore defer guest in kvm_vz_dequeue_timer_int_cb()
239 * interrupts are asynchronous to vcpu execution therefore defer guest in kvm_vz_queue_io_int_cb()
251 * interrupts are asynchronous to vcpu execution therefore defer guest in kvm_vz_dequeue_io_int_cb()
329 * VZ guest timer handling.
333 * kvm_vz_should_use_htimer() - Find whether to use the VZ hard guest timer.
[all …]
|
| /linux/Documentation/arch/x86/ |
| H A D | tdx.rst | 7 Intel's Trust Domain Extensions (TDX) protect confidential guest VMs from
8 the host and physical attacks by isolating the guest register state and by
9 encrypting the guest memory. In TDX, a special module running in a special
10 mode sits between the host and the guest and manages the guest/host
196 TDX Guest Support
198 Since the host cannot directly access guest registers or memory, much
199 normal functionality of a hypervisor must be moved into the guest. This is
201 guest kernel. A #VE is handled entirely inside the guest kernel, but some
205 guest to the hypervisor or the TDX module.
249 indicates a bug in the guest. The guest may try to handle the #GP with a
[all …]
|
| /linux/Documentation/virt/kvm/s390/ |
| H A D | s390-pv.rst | 10 access VM state like guest memory or guest registers. Instead, the
15 Each guest starts in non-protected mode and then may make a request to
16 transition into protected mode. On transition, KVM registers the guest
20 The Ultravisor will secure and decrypt the guest's boot memory
22 starts/stops and injected interrupts while the guest is running.
24 As access to the guest's state, such as the SIE state description, is
29 reduce exposed guest state.
40 field (offset 0x54). If the guest cpu is not enabled for the interrupt
50 access to the guest memory.
72 Secure Interception General Register Save Area. Guest GRs and most of
[all …]
|
| /linux/Documentation/arch/s390/ |
| H A D | vfio-ap.rst | 122 Let's now take a look at how AP instructions executed on a guest are interpreted
128 control domains assigned to the KVM guest:
131 to the KVM guest. Each bit in the mask, from left to right, corresponds to
133 use by the KVM guest.
136 assigned to the KVM guest. Each bit in the mask, from left to right,
138 corresponding queue is valid for use by the KVM guest.
141 assigned to the KVM guest. The ADM bit mask controls which domains can be
143 guest. Each bit in the mask, from left to right, corresponds to a domain from
153 adapters 1 and 2 and usage domains 5 and 6 are assigned to a guest, the APQNs
154 (1,5), (1,6), (2,5) and (2,6) will be valid for the guest.
[all …]
|
| /linux/drivers/misc/vmw_vmci/ |
| H A D | vmci_route.c | 34 * guest. in vmci_route()
49 * If this message already came from a guest then we in vmci_route()
57 * We must be acting as a guest in order to send to in vmci_route()
87 * If it is not from a guest but we are acting as a in vmci_route()
88 * guest, then we need to send it down to the host. in vmci_route()
100 * an "outer host" through the guest device. in vmci_route()
122 * Otherwise we already received it from a guest and in vmci_route()
132 * If it came from a guest then it must have a in vmci_route()
149 * a guest. in vmci_route()
152 /* It will have a context if it is meant for a guest. */ in vmci_route()
[all …]
|
| /linux/arch/powerpc/kvm/ |
| H A D | book3s_64_entry.S | 25 * reflected to the PR guest kernel, so registers may be set up for
28 * and CR0, so PR-KVM can not support a guest kernel that preserves
53 * guest R9-R13, CTR, CFAR, PPR saved in PACA EX_xxx save area
54 * guest (H)DAR, (H)DSISR are also in the save area for relevant interrupts
55 * guest R13 also saved in SCRATCH0
59 * R9 = guest CR
105 * R12 = (guest CR << 32) | interrupt vector
107 * guest R12 saved in shadow HSTATE_SCRATCH0
108 * guest R13 saved in SPRN_SCRATCH0
127 * the faulting instruction in guest memory from the hypervisor without
[all …]
|
| H A D | book3s_segment.S | 54 * R4 = guest shadow MSR
57 * LR = highmem guest exit code
59 * SVCPU[CR] = guest CR
60 * SVCPU[XER] = guest XER
61 * SVCPU[CTR] = guest CTR
62 * SVCPU[LR] = guest LR
68 /* Save guest exit handler address and MSR */
77 /* Activate guest mode, so faults get handled by KVM */
81 /* Switch to guest segment. This is subarch specific. */
89 /* Set FSCR during guest execution */
[all …]
|
| /linux/tools/perf/Documentation/ |
| H A D | guest-files.txt | 4 Guest OS /proc/kallsyms file copy. perf reads it to get guest
5 kernel symbols. Users copy it out from guest OS.
8 Guest OS /proc/modules file copy. perf reads it to get guest
9 kernel module information. Users copy it out from guest OS.
12 Guest OS kernel vmlinux.
14 --guest-code::
15 Indicate that guest code can be found in the hypervisor process,
|
| H A D | perf-kvm.txt | 6 perf-kvm - Tool to trace/measure kvm guest os
11 'perf kvm' [--host] [--guest] [--guestmount=<path>
14 'perf kvm' [--host] [--guest] [--guestkallsyms=<path> --guestmodules=<path>
23 a performance counter profile of guest os in realtime
28 default behavior of perf kvm as --guest, so if neither --host nor --guest
29 is input, the perf data file name is perf.data.guest. If --host is input,
31 perf.data.host, please input --host --no-guest. The behaviors are shown as
33 Default('') -> perf.data.guest
35 --guest -> perf.data.guest
36 --host --guest -> perf.data.kvm
[all …]
|
| /linux/Documentation/virt/kvm/ |
| H A D | vcpu-requests.rst | 48 The goal of a VCPU kick is to bring a VCPU thread out of guest mode in
50 a guest mode exit. However, a VCPU thread may not be in guest mode at the
55 1) Send an IPI. This forces a guest mode exit.
56 2) Waking a sleeping VCPU. Sleeping VCPUs are VCPU threads outside guest
60 3) Nothing. When the VCPU is not in guest mode and the VCPU thread is not
67 guest is running in guest mode or not, as well as some specific
68 outside guest mode states. The architecture may use ``vcpu->mode`` to
76 The VCPU thread is outside guest mode.
80 The VCPU thread is in guest mode.
89 The VCPU thread is outside guest mode, but it wants the sender of
[all …]
|
| /linux/Documentation/virt/coco/ |
| H A D | sev-guest.rst | 4 The Definitive SEV Guest API Documentation
10 The SEV API is a set of ioctls that are used by the guest or hypervisor
17 - Guest ioctls: These query and set attributes of the SEV virtual machine.
22 This section describes ioctls that is used for querying the SEV guest report
30 hypervisor or guest. The ioctl can be used inside the guest or the
40 The guest ioctl should be issued on a file descriptor of the /dev/sev-guest
47 the guests message sequence counter. If guest driver fails to increment message
91 :Type: guest ioctl
106 :Type: guest ioctl
111 The derived key can be used by the guest for any purpose, such as sealing keys
[all …]
|
| /linux/drivers/virt/vboxguest/ |
| H A D | vmmdev.h | 3 * Virtual Device for Guest <-> VMM/Host communication interface
19 /** Layout of VMMDEV RAM region that contains information for guest. */
37 /** Mask of events the guest wants, set by guest. */
57 /* The guest has been restored. */
123 /* The guest can (== wants to) handle absolute coordinates. */
131 * The guest can *NOT* switch to software cursor and therefore depends on the
134 * When guest additions are installed and the host has promised to display the
135 * cursor itself, the guest installs a hardware mouse driver. Don't ask the
136 * guest to switch to a software cursor then.
141 /* The guest can read VMMDev events to find out about pointer movement */
[all …]
|
| /linux/arch/arm64/kvm/hyp/ |
| H A D | entry.S | 27 // x29: guest context
39 // defer the guest entry. The DSB isn't necessary before v8.2 as any
64 // ptrauth_switch_to_guest(guest cxt, tmp1, tmp2, tmp3)
65 // The below macro to restore guest keys is not implemented in C code
70 // Restore the guest's sp_el0
73 // Restore guest regs x0-x17
84 // Restore guest regs x18-x29, lr
113 // current state is saved to the guest context but it will only be
114 // accurate if the guest had been completely restored.
131 // Store the guest regs x2 and x3
[all …]
|