- Dec 23, 2020
-
-
Alexandru Elisei authored
The API documentation states that general error codes are not detailed, but errors with specific meanings are. On arm64, KVM_RUN can return error numbers with a different meaning than what is described by POSIX or the C99 standard (as taken from man 3 errno). Absent from the newly documented error codes is ERANGE which can be returned when making a change to the EL2 stage 1 tables if the address is larger than the largest supported input address. Assuming no bugs in the implementation, that is not possible because the input addresses which are mapped are the result of applying the macro kern_hyp_va() on kernel virtual addresses. CC: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by:
Alexandru Elisei <alexandru.elisei@arm.com> Signed-off-by:
Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20201201150157.223625-2-alexandru.elisei@arm.com
-
- Dec 03, 2020
-
-
Keqian Zhu authored
Rename PV_FEATURES to PV_TIME_FEATURES. Signed-off-by:
Keqian Zhu <zhukeqian1@huawei.com> Signed-off-by:
Andrew Jones <drjones@redhat.com> Reviewed-by:
Steven Price <steven.price@arm.com> Link: https://lore.kernel.org/r/20200817110728.12196-2-zhukeqian1@huawei.com
-
- Nov 08, 2020
-
-
Peter Xu authored
Should be squashed into 66570e96. Signed-off-by:
Peter Xu <peterx@redhat.com> Message-Id: <20201023183358.50607-3-peterx@redhat.com> Signed-off-by:
Paolo Bonzini <pbonzini@redhat.com>
-
Peter Xu authored
It should be an accident when rebase, since we've already have section 8.25 (which is KVM_CAP_S390_DIAG318). Fix the number. Signed-off-by:
-
- Oct 28, 2020
-
-
David Woodhouse authored
No functional change; just reserve the feature bit for now so that VMMs can start to implement it. This will allow the host to indicate that MSI emulation supports 15-bit destination IDs, allowing up to 32768 CPUs without interrupt remapping. cf. https://patchwork.kernel.org/patch/11816693/ for qemu Signed-off-by:
David Woodhouse <dwmw@amazon.co.uk> Acked-by:
-
- Oct 21, 2020
-
-
Oliver Upton authored
Reviewed-by:
Jim Mattson <jmattson@google.com> Reviewed-by:
Peter Shier <pshier@google.com> Signed-off-by:
Oliver Upton <oupton@google.com> Change-Id: I0c6355b09fedf8f9cc4cc5f51be418e2c1c82b7b Message-Id: <20200818152429.1923996-5-oupton@google.com> Signed-off-by:
-
Oliver Upton authored
KVM unconditionally provides PV features to the guest, regardless of the configured CPUID. An unwitting guest that doesn't check KVM_CPUID_FEATURES before use could access paravirt features that userspace did not intend to provide. Fix this by checking the guest's CPUID before performing any paravirtual operations. Introduce a capability, KVM_CAP_ENFORCE_PV_FEATURE_CPUID, to gate the aforementioned enforcement. Migrating a VM from a host w/o this patch to a host with this patch could silently change the ABI exposed to the guest, warranting that we default to the old behavior and opt-in for the new one. Reviewed-by:
Wanpeng Li <wanpengli@tencent.com> Signed-off-by:
-
Li Qiang authored
Fixes: e287d6de ("Documentation: kvm: Convert cpuid.txt to .rst") Signed-off-by:
Li Qiang <liq3ea@163.com> Message-Id: <20201001095333.7611-1-liq3ea@163.com> Signed-off-by:
-
Paolo Bonzini authored
Allowing userspace to intercept reads to x2APIC MSRs when APICV is fully enabled for the guest simply can't work. But more in general, the LAPIC could be set to in-kernel after the MSR filter is setup and allowing accesses by userspace would be very confusing. We could in principle allow userspace to intercept reads and writes to TPR, and writes to EOI and SELF_IPI, but while that could be made it work, it would still be silly. Cc: Alexander Graf <graf@amazon.com> Cc: Aaron Lewis <aaronlewis@google.com> Cc: Peter Xu <peterx@redhat.com> Cc: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: -
Sean Christopherson authored
Rework the resetting of the MSR bitmap for x2APIC MSRs to ignore userspace filtering. Allowing userspace to intercept reads to x2APIC MSRs when APICV is fully enabled for the guest simply can't work; the LAPIC and thus virtual APIC is in-kernel and cannot be directly accessed by userspace. To keep things simple we will in fact forbid intercepting x2APIC MSRs altogether, independent of the default_allow setting. Cc: Alexander Graf <graf@amazon.com> Cc: Aaron Lewis <aaronlewis@google.com> Cc: Peter Xu <peterx@redhat.com> Signed-off-by:
Sean Christopherson <sean.j.christopherson@intel.com> Message-Id: <20201005195532.8674-3-sean.j.christopherson@intel.com> [Modified to operate even if APICv is disabled, adjust documentation. - Paolo] Signed-off-by:
-
- Oct 16, 2020
-
-
Mauro Carvalho Chehab authored
There's a missing new line for a literal block: .../Documentation/virt/uml/user_mode_linux_howto_v2.rst:682: WARNING: Unexpected indentation. Fixes: 04301bf5 ("docs: replace the old User Mode Linux HowTo with a new one") Signed-off-by:
Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
-
- Oct 05, 2020
-
-
Li Qiang authored
Fixes: 9824c83f ("Documentation: kvm: document CPUID bit for MSR_KVM_POLL_CONTROL") Signed-off-by:
Jonathan Corbet <corbet@lwn.net>
-
- Oct 02, 2020
-
-
Mauro Carvalho Chehab authored
As warned with make htmldocs: .../Documentation/virt/kvm/devices/vcpu.rst:70: WARNING: Malformed table. Text in column margin in table line 2. ======= ====================================================== -ENODEV: PMUv3 not supported or GIC not initialized -ENXIO: PMUv3 not properly configured or in-kernel irqchip not configured as required prior to calling this attribute -EBUSY: PMUv3 already initialized -EINVAL: Invalid filter range ======= ====================================================== The ':' character for two lines are above the size of the column. Besides that, other tables at the file doesn't use ':', so just drop them. While here, also fix this warning also introduced at the same patch: .../Documentation/virt/kvm/devices/vcpu.rst:88: WARNING: Block quote ends without a blank line; unexpected unindent. By marking the C code as a literal block. Fixes: 8be86a5e ("KVM: arm64: Document PMU filtering API") Signed-off-by:
-
- Sep 29, 2020
-
-
Alexandru Elisei authored
Update the description of the PMU KVM_{GET, SET}_DEVICE_ATTR error codes to be a better match for the code that returns them. Signed-off-by: -
Alexandru Elisei authored
KVM_ARM_VCPU_PMU_V3_IRQ returns -EFAULT if get_user() fails when reading the interrupt number from kvm_device_attr.addr. KVM_ARM_VCPU_PMU_V3_INIT returns the error value from kvm_vgic_set_owner(). kvm_arm_pmu_v3_init() checks that the vgic has been initialized and the interrupt number is valid, but kvm_vgic_set_owner() can still return the error code -EEXIST if another device has already claimed the interrupt. Signed-off-by:
-
Marc Zyngier authored
Add a small blurb describing how the event filtering API gets used. Reviewed-by:
-
- Sep 28, 2020
-
-
Alexander Graf authored
It's not desireable to have all MSRs always handled by KVM kernel space. Some MSRs would be useful to handle in user space to either emulate behavior (like uCode updates) or differentiate whether they are valid based on the CPU model. To allow user space to specify which MSRs it wants to see handled by KVM, this patch introduces a new ioctl to push filter rules with bitmaps into KVM. Based on these bitmaps, KVM can then decide whether to reject MSR access. With the addition of KVM_CAP_X86_USER_SPACE_MSR it can also deflect the denied MSR events to user space to operate on. If no filter is populated, MSR handling stays identical to before. Signed-off-by:
Alexander Graf <graf@amazon.com> Message-Id: <20200925143422.21718-8-graf@amazon.com> Signed-off-by:
-
Alexander Graf authored
MSRs are weird. Some of them are normal control registers, such as EFER. Some however are registers that really are model specific, not very interesting to virtualization workloads, and not performance critical. Others again are really just windows into package configuration. Out of these MSRs, only the first category is necessary to implement in kernel space. Rarely accessed MSRs, MSRs that should be fine tunes against certain CPU models and MSRs that contain information on the package level are much better suited for user space to process. However, over time we have accumulated a lot of MSRs that are not the first category, but still handled by in-kernel KVM code. This patch adds a generic interface to handle WRMSR and RDMSR from user space. With this, any future MSR that is part of the latter categories can be handled in user space. Furthermore, it allows us to replace the existing "ignore_msrs" logic with something that applies per-VM rather than on the full system. That way you can run productive VMs in parallel to experimental ones where you don't care about proper MSR handling. Signed-off-by:
-
Vitaly Kuznetsov authored
We forgot to update KVM_GET_SUPPORTED_HV_CPUID's documentation in api.rst when SynDBG leaves were added. While on it, fix 'KVM_GET_SUPPORTED_CPUID' copy-paste error. Fixes: f97f5a56 ("x86/kvm/hyper-v: Add support for synthetic debugger interface") Signed-off-by:
Vitaly Kuznetsov <vkuznets@redhat.com> Message-Id: <20200924145757.1035782-2-vkuznets@redhat.com> Signed-off-by:
-
- Sep 24, 2020
-
-
Anton Ivanov authored
The new HowTo migrates the portions of the old howto which are still relevant to a new document, updates them to linux 5.x and adds documentation for vector transports and other new features. Signed-off-by:
Anton Ivanov <anton.ivanov@cambridgegreys.com> Link: https://lore.kernel.org/r/20200917103557.26063-1-anton.ivanov@cambridgegreys.com Signed-off-by:
-
- Sep 22, 2020
-
-
Andra Paraschiv authored
Add documentation on the overview of Nitro Enclaves. Include it in the virtualization specific directory. Changelog v9 -> v10 * Update commit message to include the changelog before the SoB tag(s). v8 -> v9 * Move the Nitro Enclaves documentation to the "virt" directory and add an entry for it in the corresponding index file. v7 -> v8 * Add info about the primary / parent VM CID value. * Update reference link for huge pages. * Add reference link for the x86 boot protocol. * Add license mention and update doc title / chapter formatting. v6 -> v7 * No changes. v5 -> v6 * No changes. v4 -> v5 * No changes. v3 -> v4 * Update doc type from .txt to .rst. * Update documentation based on the changes from v4. v2 -> v3 * No changes. v1 -> v2 * New in v2. Reviewed-by:
Andra Paraschiv <andraprs@amazon.com> Link: https://lore.kernel.org/r/20200921121732.44291-18-andraprs@amazon.com Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
- Sep 14, 2020
-
-
Collin Walling authored
Documentation for the s390 DIAGNOSE 0x318 instruction handling. Signed-off-by:
Collin Walling <walling@linux.ibm.com> Reviewed-by:
Cornelia Huck <cohuck@redhat.com> Reviewed-by:
David Hildenbrand <david@redhat.com> Link: https://lore.kernel.org/kvm/20200625150724.10021-2-walling@linux.ibm.com/ Message-Id: <20200625150724.10021-2-walling@linux.ibm.com> Signed-off-by:
Christian Borntraeger <borntraeger@de.ibm.com>
-
- Sep 11, 2020
-
-
Pingfan Liu authored
Besides disabling MMU, HVC_SOFT_RESTART also clears I+D bits. These behaviors are what kexec-reboot expects, so describe it more precisely. Signed-off-by:
Pingfan Liu <kernelfans@gmail.com> Cc: James Morse <james.morse@arm.com> Cc: Marc Zyngier <maz@kernel.org> Cc: Geoff Levand <geoff@infradead.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will@kernel.org> Cc: Julien Thierry <julien.thierry.kdev@gmail.com> Cc: Suzuki K Poulose <suzuki.poulose@arm.com> Cc: linux-doc@vger.kernel.org Cc: kvmarm@lists.cs.columbia.edu Link: https://lore.kernel.org/r/1598621998-20563-2-git-send-email-kernelfans@gmail.com To: linux-arm-kernel@lists.infradead.org Signed-off-by:
Will Deacon <will@kernel.org>
-
- Sep 10, 2020
-
-
Mauro Carvalho Chehab authored
There are some warnings: Documentation/virt/kvm/api.rst:4354: WARNING: Definition list ends without a blank line; unexpected unindent. Documentation/virt/kvm/api.rst:4358: WARNING: Definition list ends without a blank line; unexpected unindent. Documentation/virt/kvm/api.rst:4363: WARNING: Definition list ends without a blank line; unexpected unindent. Produced by the lack of identation on a single line. That caused the literal block to end prematurely. Signed-off-by:
-
- Sep 09, 2020
-
-
Connor Kuehl authored
The actual symbol that is exported and usable is 'KVM_MEMORY_ENCRYPT_OP', not 'KVM_MEM_ENCRYPT_OP' $ git grep -l KVM_MEM_ENCRYPT_OP Documentation/virt/kvm/amd-memory-encryption.rst $ git grep -l KVM_MEMORY_ENCRYPT_OP Documentation/virt/kvm/api.rst arch/x86/kvm/x86.c include/uapi/linux/kvm.h tools/include/uapi/linux/kvm.h While we're in there, update the KVM API category for KVM_MEMORY_ENCRYPT_OP. It is called on a VM file descriptor. Signed-off-by:
Connor Kuehl <ckuehl@redhat.com> Link: https://lore.kernel.org/r/20200819211952.251984-1-ckuehl@redhat.com Signed-off-by:
-
- Aug 21, 2020
-
-
Andrew Jones authored
arm64 requires a vcpu fd (KVM_HAS_DEVICE_ATTR vcpu ioctl) to probe support for steal-time. However this is unnecessary, as only a KVM fd is required, and it complicates userspace (userspace may prefer delaying vcpu creation until after feature probing). Introduce a cap that can be checked instead. While x86 can already probe steal-time support with a kvm fd (KVM_GET_SUPPORTED_CPUID), we add the cap there too for consistency. Signed-off-by:
-
Andrew Jones authored
In preparation for documenting a new capability let's fix up the formatting of the current ones. Signed-off-by:
-
- Jul 22, 2020
-
-
Athira Rajeev authored
Power ISA v3.1 has added new performance monitoring unit (PMU) special purpose registers (SPRs). They are: Monitor Mode Control Register 3 (MMCR3) Sampled Instruction Event Register A (SIER2) Sampled Instruction Event Register B (SIER3) Add support to save/restore these new SPRs while entering/exiting guest. Also include changes to support KVM_REG_PPC_MMCR3/SIER2/SIER3. Add new SPRs to KVM API documentation. Signed-off-by:
Athira Rajeev <atrajeev@linux.vnet.ibm.com> Signed-off-by:
Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/1594996707-3727-6-git-send-email-atrajeev@linux.vnet.ibm.com
-
- Jul 13, 2020
-
-
Randy Dunlap authored
Drop the duplicated word "struct". Signed-off-by:
Randy Dunlap <rdunlap@infradead.org> Cc: Jonathan Corbet <corbet@lwn.net> Cc: linux-doc@vger.kernel.org Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: kvm@vger.kernel.org Link: https://lore.kernel.org/r/20200707180414.10467-21-rdunlap@infradead.org Signed-off-by:
-
Alexander A. Klimov authored
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by:Alexander A. Klimov <grandmaster@al2klimov.de> Link: https://lore.kernel.org/r/20200713114719.33839-1-grandmaster@al2klimov.de Signed-off-by:
-
- Jul 10, 2020
-
-
Paolo Bonzini authored
Commit 850448f3 ("KVM: nVMX: Fix VMX preemption timer migration", 2020-06-01) accidentally broke nVMX live migration from older version by changing the userspace ABI. Restore it and, while at it, ensure that vmx->nested.has_preemption_timer_deadline is always initialized according to the KVM_STATE_VMX_PREEMPTION_TIMER_DEADLINE flag. Cc: Makarand Sonare <makarandsonare@google.com> Fixes: 850448f3 ("KVM: nVMX: Fix VMX preemption timer migration") Reviewed-by:
-
- Jul 08, 2020
-
-
Xiaoyao Li authored
Current implementation keeps userspace input of CPUID configuration and cpuid->nent even if kvm_update_cpuid() fails. Reset vcpu->arch.cpuid_nent to 0 for the case of failure as a simple fix. Besides, update the doc to explicitly state that if IOCTL SET_CPUID* fail KVM gives no gurantee that previous valid CPUID configuration is kept. Signed-off-by:
Xiaoyao Li <xiaoyao.li@intel.com> Message-Id: <20200708065054.19713-2-xiaoyao.li@intel.com> Signed-off-by:
-
Jim Mattson authored
More often than not, a failed VM-entry in an x86 production environment is induced by a defective CPU. To help identify the bad hardware, include the id of the last logical CPU to run a vCPU in the information provided to userspace on a KVM exit for failed VM-entry or for KVM internal errors not associated with emulation. The presence of this additional information is indicated by a new capability, KVM_CAP_LAST_CPU. Signed-off-by:
-
- Jul 05, 2020
-
-
Randy Dunlap authored
Drop the doubled word "the". Signed-off-by:
-
Randy Dunlap authored
Drop multiple doubled words. Signed-off-by:
-
- Jun 01, 2020
-
-
Jon Doron authored
Add support for Hyper-V synthetic debugger (syndbg) interface. The syndbg interface is using MSRs to emulate a way to send/recv packets data. The debug transport dll (kdvm/kdnet) will identify if Hyper-V is enabled and if it supports the synthetic debugger interface it will attempt to use it, instead of trying to initialize a network adapter. Reviewed-by:
Jon Doron <arilou@gmail.com> Message-Id: <20200529134543.1127440-4-arilou@gmail.com> Signed-off-by:
-
Peter Shier authored
Add new field to hold preemption timer expiration deadline appended to struct kvm_vmx_nested_state_hdr. This is to prevent the first VM-Enter after migration from incorrectly restarting the timer with the full timer value instead of partially decayed timer value. KVM_SET_NESTED_STATE restarts timer using migrated state regardless of whether L1 sets VM_EXIT_SAVE_VMX_PREEMPTION_TIMER. Fixes: cf8b84f4 ("kvm: nVMX: Prepare for checkpointing L2 state") Signed-off-by:
Makarand Sonare <makarandsonare@google.com> Message-Id: <20200526215107.205814-2-makarandsonare@google.com> Signed-off-by:
-
Jon Doron authored
The problem the patch is trying to address is the fact that 'struct kvm_hyperv_exit' has different layout on when compiling in 32 and 64 bit modes. In 64-bit mode the default alignment boundary is 64 bits thus forcing extra gaps after 'type' and 'msr' but in 32-bit mode the boundary is at 32 bits thus no extra gaps. This is an issue as even when the kernel is 64 bit, the userspace using the interface can be both 32 and 64 bit but the same 32 bit userspace has to work with 32 bit kernel. The issue is fixed by forcing the 64 bit layout, this leads to ABI change for 32 bit builds and while we are obviously breaking '32 bit userspace with 32 bit kernel' case, we're fixing the '32 bit userspace with 64 bit kernel' one. As the interface has no (known) users and 32 bit KVM is rather baroque nowadays, this seems like a reasonable decision. Reviewed-by:
Roman Kagan <rvkagan@yandex-team.ru> Signed-off-by:
-
Vitaly Kuznetsov authored
Introduce new capability to indicate that KVM supports interrupt based delivery of 'page ready' APF events. This includes support for both MSR_KVM_ASYNC_PF_INT and MSR_KVM_ASYNC_PF_ACK. Signed-off-by:
-
Vitaly Kuznetsov authored
If two page ready notifications happen back to back the second one is not delivered and the only mechanism we currently have is kvm_check_async_pf_completion() check in vcpu_run() loop. The check will only be performed with the next vmexit when it happens and in some cases it may take a while. With interrupt based page ready notification delivery the situation is even worse: unlike exceptions, interrupts are not handled immediately so we must check if the slot is empty. This is slow and unnecessary. Introduce dedicated MSR_KVM_ASYNC_PF_ACK MSR to communicate the fact that the slot is free and host should check its notification queue. Mandate using it for interrupt based 'page ready' APF event delivery. As kvm_check_async_pf_completion() is going away from vcpu_run() we need a way to communicate the fact that vcpu->async_pf.done queue has transitioned from empty to non-empty state. Introduce kvm_arch_async_page_present_queued() and KVM_REQ_APF_READY to do the job. Signed-off-by:
-
