From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: [patch 01/12] [PATCH] kvm-s390: add parameter for KVM_CREATE_VM
Date: Mon, 12 Dec 2011 11:13:12 +0200
Message-ID: <4EE5C5A8.2080608@redhat.com>
References: <20111210123529.379102332@de.ibm.com> <20111210123706.579373373@de.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Marcelo Tossati <mtosatti@redhat.com>,
	Christian Borntraeger <borntraeger@de.ibm.com>,
	Heiko Carstens <heiko.carstens@de.ibm.com>,
	Martin Schwidefsky <schwidefsky@de.ibm.com>,
	Cornelia Huck <cornelia.huck@de.ibm.com>,
	KVM <kvm@vger.kernel.org>,
	Joachim von Buttlar <joachim_von_buttlar@de.ibm.com>,
	Jens Freimann <jfrei@de.ibm.com>,
	Constantin Werner <constantin.werner@de.ibm.com>,
	agraf@suse.de, Xiantao Zhang <xiantao.zhang@intel.com>
To: Carsten Otte <cotte@de.ibm.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:35908 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1750748Ab1LLJNY (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 12 Dec 2011 04:13:24 -0500
In-Reply-To: <20111210123706.579373373@de.ibm.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 12/10/2011 02:35 PM, Carsten Otte wrote:
> This patch introduces a new config option for user controlled kernel
> virtual machines. It introduces an optional parameter to
> KVM_CREATE_VM in order to create a user controlled virtual machine.
> The parameter is passed to kvm_arch_init_vm for all architectures.
> Valid values for the new parameter are KVM_VM_REGULAR (defined to 0
> for backward compatibility to old KVM_CREATE_VM) and
> KVM_VM_UCONTROL for s390 only.
> Note that the user controlled virtual machines require CAP_SYS_ADMIN
> privileges.
>
> @@ -103,6 +103,11 @@ will access the virtual machine's physic
>  corresponds to guest physical address zero.  Use of mmap() on a VM fd
>  is discouraged if userspace memory allocation (KVM_CAP_USER_MEMORY) is
>  available.
> +You most certainly want to use KVM_VM_REGULAR as machine type.
> +
> +In order to create user controlled virtual machines on S390, check
> +KVM_CAP_UCONTROL and use KVM_VM_UCONTROL as machine type as
> +privileged user (CAP_SYS_ADMIN).

Old kernels don't expose KVM_VM_REGULAR, so if people follow the
recommendations, their userspace won't build.  Normal guests must be 0.

We can pretend we planned this all along by making the argument a flags
mask, and claiming bit 0 for UCONTROL.

>  
>  
> +config KVM_UCONTROL
> +	bool "Userspace controlled virtual machines"
> +	depends on KVM
> +	---help---
> +	  Allow CAP_SYS_ADMIN users to create KVM virtual machines that are
> +	  controlled by userspace.
> +

SYS_ADMIN is not really a good match for this, but no better idea.

-- 
error compiling committee.c: too many arguments to function