From mboxrd@z Thu Jan  1 00:00:00 1970
From: Carsten Otte <cotte@de.ibm.com>
Subject: [patch 01/12] [PATCH] kvm-s390: ioctl to switch to user controlled virtual machines
Date: Thu, 01 Dec 2011 13:57:33 +0100
Message-ID: <20111201130408.897496445@de.ibm.com>
References: <20111201125732.085553111@de.ibm.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>,
	Heiko Carstens <heiko.carstens@de.ibm.com>,
	Martin Schwidefsky <schwidefsky@de.ibm.com>,
	Cornelia Huck <cornelia.huck@de.ibm.com>,
	KVM <kvm@vger.kernel.org>,
	Joachim von Buttlar <joachim_von_buttlar@de.ibm.com>,
	Jens Freimann <jfrei@de.ibm.com>,
	Constantin Werner <constantin.werner@de.ibm.com>
To: Avi Kivity <avi@redhat.com>, Marcelo Tossati <mtosatti@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from e06smtp10.uk.ibm.com ([195.75.94.106]:41257 "EHLO
	e06smtp10.uk.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753992Ab1LANEO (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 1 Dec 2011 08:04:14 -0500
Received: from /spool/local
	by e06smtp10.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
	for <kvm@vger.kernel.org> from <cotte@de.ibm.com>;
	Thu, 1 Dec 2011 13:04:13 -0000
Received: from d06av02.portsmouth.uk.ibm.com (d06av02.portsmouth.uk.ibm.com [9.149.37.228])
	by d06nrmr1307.portsmouth.uk.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id pB1D49Rq2560224
	for <kvm@vger.kernel.org>; Thu, 1 Dec 2011 13:04:09 GMT
Received: from d06av02.portsmouth.uk.ibm.com (loopback [127.0.0.1])
	by d06av02.portsmouth.uk.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id pB1D49Av023052
	for <kvm@vger.kernel.org>; Thu, 1 Dec 2011 06:04:09 -0700
Content-Disposition: inline; filename=enable-ucontrol.patch
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

This patch introduces a new config option for user controlled kernel
virtual machines. It introduces a new ioctl named
KVM_S390_ENABLE_UCONTROL on the kvm file descriptor which allows for
a one way transition from a regular kernel virtual machine to a
user controlled virtual machine. The virtual machine must not have
any memory slots installed, and no virtual cpus defined.
Note that the user controlled virtual machines require CAP_SYS_ADMIN
privileges.

Signed-off-by: Carsten Otte <cotte@de.ibm.com>
---
---
 arch/s390/kvm/Kconfig    |    9 +++++++++
 arch/s390/kvm/kvm-s390.c |   30 ++++++++++++++++++++++++++++++
 arch/s390/kvm/kvm-s390.h |   10 ++++++++++
 include/linux/kvm.h      |    3 +++
 4 files changed, 52 insertions(+)

--- a/arch/s390/kvm/Kconfig
+++ b/arch/s390/kvm/Kconfig
@@ -34,6 +34,15 @@ config KVM
 
 	  If unsure, say N.
 
+config KVM_UCONTROL
+	bool "Userspace controlled virtual machines"
+	depends on KVM
+	---help---
+	  Allow CAP_SYS_ADMIN users to create KVM virtual machines that are
+	  controlled by userspace.
+
+	  If unsure, say N.
+
 # OK, it's a little counter-intuitive to do this, but it puts it neatly under
 # the virtualization menu.
 source drivers/vhost/Kconfig
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -147,6 +147,32 @@ int kvm_vm_ioctl_get_dirty_log(struct kv
 	return 0;
 }
 
+int kvm_s390_enable_ucontrol(struct kvm *kvm)
+{
+#ifdef CONFIG_KVM_UCONTROL
+	int i;
+
+	if (!capable(CAP_SYS_ADMIN))
+		return -EPERM;
+
+	for (i = 0; i < KVM_MAX_VCPUS; i++)
+		if (kvm->vcpus[i])
+			return -EINVAL;
+
+	if (kvm->memslots->nmemslots)
+		return -EPERM;
+
+	if (kvm->arch.gmap)
+		gmap_free(kvm->arch.gmap);
+
+	kvm->arch.gmap = NULL;
+
+	return 0;
+#else
+	return -ENOTTY;
+#endif
+}
+
 long kvm_arch_vm_ioctl(struct file *filp,
 		       unsigned int ioctl, unsigned long arg)
 {
@@ -164,6 +190,10 @@ long kvm_arch_vm_ioctl(struct file *filp
 		r = kvm_s390_inject_vm(kvm, &s390int);
 		break;
 	}
+	case KVM_S390_ENABLE_UCONTROL: {
+		r = kvm_s390_enable_ucontrol(kvm);
+		break;
+	}
 	default:
 		r = -ENOTTY;
 	}
--- a/arch/s390/kvm/kvm-s390.h
+++ b/arch/s390/kvm/kvm-s390.h
@@ -47,6 +47,16 @@ static inline int __cpu_is_stopped(struc
 	return atomic_read(&vcpu->arch.sie_block->cpuflags) & CPUSTAT_STOP_INT;
 }
 
+static inline int kvm_is_ucontrol(struct kvm *kvm)
+{
+#ifdef CONFIG_KVM_UCONTROL
+	if (kvm->arch.gmap)
+		return 0;
+	return 1;
+#else
+	return 0;
+#endif
+}
 int kvm_s390_handle_wait(struct kvm_vcpu *vcpu);
 enum hrtimer_restart kvm_s390_idle_wakeup(struct hrtimer *timer);
 void kvm_s390_tasklet(unsigned long parm);
--- a/include/linux/kvm.h
+++ b/include/linux/kvm.h
@@ -654,6 +654,9 @@ struct kvm_clock_data {
 					struct kvm_userspace_memory_region)
 #define KVM_SET_TSS_ADDR          _IO(KVMIO,   0x47)
 #define KVM_SET_IDENTITY_MAP_ADDR _IOW(KVMIO,  0x48, __u64)
+/* enable ucontrol for s390 */
+#define KVM_S390_ENABLE_UCONTROL  _IO(KVMIO,  0x49)
+
 /* Device model IOC */
 #define KVM_CREATE_IRQCHIP        _IO(KVMIO,   0x60)
 #define KVM_IRQ_LINE              _IOW(KVMIO,  0x61, struct kvm_irq_level)