Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

KVM_CAP_S390_UCONTROL and use the flag KVM_VM_S390_UCONTROL as

privileged user (CAP_SYS_ADMIN).

To use hardware assisted virtualization on MIPS (VZ ASE) rather than

the default trap & emulate implementation (which changes the virtual

memory layout to fit in user mode), check KVM_CAP_MIPS_VZ and use the

flag KVM_VM_MIPS_VZ.

On arm64, the physical address size for a VM (IPA Size limit) is limited

to 40bits by default. The limit can be configured if the host supports the

extension KVM_CAP_ARM_VM_IPA_SIZE. When supported, use

and their behavior depends on the ``X2APIC_ENABLE`` bit of the APIC base

register.

.. warning::

   MSR accesses coming from nested vmentry/vmexit are not filtered.

   This includes both writes to individual VMCS fields and reads/writes

   through the MSR lists pointed to by the VMCS.

If a bit is within one of the defined ranges, read and write accesses are

guarded by the bitmap's value for the MSR index if the kind of access

is included in the ``struct kvm_msr_filter_range`` flags.  If no range

KVM_XEN_VCPU_ATTR_TYPE_VCPU_INFO

  Sets the guest physical address of the vcpu_info for a given vCPU.

  As with the shared_info page for the VM, the corresponding page may be

  dirtied at any time if event channel interrupt delivery is enabled, so

  userspace should always assume that the page is dirty without relying

  on dirty logging.

KVM_XEN_VCPU_ATTR_TYPE_VCPU_TIME_INFO

  Sets the guest physical address of an additional pvclock structure

At this time, KVM_PMU_CAP_DISABLE is the only capability.  Setting

this capability will disable PMU virtualization for that VM.  Usermode

should adjust CPUID leaf 0xA to reflect that the PMU is disabled.

9. Known KVM API problems

=========================

In some cases, KVM's API has some inconsistencies or common pitfalls

that userspace need to be aware of.  This section details some of

these issues.

Most of them are architecture specific, so the section is split by

architecture.

9.1. x86

--------

``KVM_GET_SUPPORTED_CPUID`` issues

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

In general, ``KVM_GET_SUPPORTED_CPUID`` is designed so that it is possible

to take its result and pass it directly to ``KVM_SET_CPUID2``.  This section

documents some cases in which that requires some care.

Local APIC features

~~~~~~~~~~~~~~~~~~~

CPU[EAX=1]:ECX[21] (X2APIC) is reported by ``KVM_GET_SUPPORTED_CPUID``,

but it can only be enabled if ``KVM_CREATE_IRQCHIP`` or

``KVM_ENABLE_CAP(KVM_CAP_IRQCHIP_SPLIT)`` are used to enable in-kernel emulation of

the local APIC.

The same is true for the ``KVM_FEATURE_PV_UNHALT`` paravirtualized feature.

CPU[EAX=1]:ECX[24] (TSC_DEADLINE) is not reported by ``KVM_GET_SUPPORTED_CPUID``.

It can be enabled if ``KVM_CAP_TSC_DEADLINE_TIMER`` is present and the kernel

has enabled in-kernel emulation of the local APIC.

Obsolete ioctls and capabilities

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

KVM_CAP_DISABLE_QUIRKS does not let userspace know which quirks are actually

available.  Use ``KVM_CHECK_EXTENSION(KVM_CAP_DISABLE_QUIRKS2)`` instead if

available.

Ordering of KVM_GET_*/KVM_SET_* ioctls

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

TBD

   :maxdepth: 2

   api

   amd-memory-encryption

   cpuid

   halt-polling

   hypercalls

   locking

   mmu

   msr

   nested-vmx

   ppc-pv

   s390-diag

   s390-pv

   s390-pv-boot

   timekeeping

   vcpu-requests

   review-checklist

   devices/index

   arm/index

   s390/index

   ppc-pv

   x86/index

   devices/index

   running-nested-guests

   locking

   vcpu-requests

   review-checklist

3. Reference

------------

:Name:		kvm_lock

``kvm_lock``

^^^^^^^^^^^^

:Type:		mutex

:Arch:		any

:Protects:	- vm_list

:Name:		kvm_count_lock

``kvm_count_lock``

^^^^^^^^^^^^^^^^^^

:Type:		raw_spinlock_t

:Arch:		any

:Protects:	- hardware virtualization enable/disable

:Comment:	'raw' because hardware enabling/disabling must be atomic /wrt

		migration.

:Name:		kvm_arch::tsc_write_lock

:Type:		raw_spinlock

``kvm->mn_invalidate_lock``

^^^^^^^^^^^^^^^^^^^^^^^^^^^

:Type:          spinlock_t

:Arch:          any

:Protects:      mn_active_invalidate_count, mn_memslots_update_rcuwait

``kvm_arch::tsc_write_lock``

^^^^^^^^^^^^^^^^^^^^^^^^^^^^

:Type:		raw_spinlock_t

:Arch:		x86

:Protects:	- kvm_arch::{last_tsc_write,last_tsc_nsec,last_tsc_offset}

		- tsc offset in vmcb

:Comment:	'raw' because updating the tsc offsets must not be preempted.

:Name:		kvm->mmu_lock

:Type:		spinlock_t

``kvm->mmu_lock``

^^^^^^^^^^^^^^^^^

:Type:		spinlock_t or rwlock_t

:Arch:		any

:Protects:	-shadow page/shadow tlb entry

:Comment:	it is a spinlock since it is used in mmu notifier.

:Name:		kvm->srcu

``kvm->srcu``

^^^^^^^^^^^^^

:Type:		srcu lock

:Arch:		any

:Protects:	- kvm->memslots

		The srcu index can be stored in kvm_vcpu->srcu_idx per vcpu

		if it is needed by multiple functions.

:Name:		blocked_vcpu_on_cpu_lock

``kvm->slots_arch_lock``

^^^^^^^^^^^^^^^^^^^^^^^^

:Type:          mutex

:Arch:          any (only needed on x86 though)

:Protects:      any arch-specific fields of memslots that have to be modified

                in a ``kvm->srcu`` read-side critical section.

:Comment:       must be held before reading the pointer to the current memslots,

                until after all changes to the memslots are complete

``wakeup_vcpus_on_cpu_lock``

^^^^^^^^^^^^^^^^^^^^^^^^^^^^

:Type:		spinlock_t

:Arch:		x86

:Protects:	blocked_vcpu_on_cpu

:Protects:	wakeup_vcpus_on_cpu

:Comment:	This is a per-CPU lock and it is used for VT-d posted-interrupts.

		When VT-d posted-interrupts is supported and the VM has assigned

		devices, we put the blocked vCPU on the list blocked_vcpu_on_cpu

.. SPDX-License-Identifier: GPL-2.0

====================

KVM for s390 systems

====================

.. toctree::

   :maxdepth: 2

   s390-diag

   s390-pv

   s390-pv-boot