From mboxrd@z Thu Jan  1 00:00:00 1970
From: Carsten Otte <cotte@de.ibm.com>
Subject: [patch 01/12] [PATCH] kvm-s390: add parameter for KVM_CREATE_VM
Date: Sat, 10 Dec 2011 13:35:30 +0100
Message-ID: <20111210123706.579373373@de.ibm.com>
References: <20111210123529.379102332@de.ibm.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>,
	Heiko Carstens <heiko.carstens@de.ibm.com>,
	Martin Schwidefsky <schwidefsky@de.ibm.com>,
	Cornelia Huck <cornelia.huck@de.ibm.com>,
	KVM <kvm@vger.kernel.org>,
	Joachim von Buttlar <joachim_von_buttlar@de.ibm.com>,
	Jens Freimann <jfrei@de.ibm.com>,
	Constantin Werner <constantin.werner@de.ibm.com>,
	agraf@suse.de, Xiantao Zhang <xiantao.zhang@intel.com>
To: Avi Kivity <avi@redhat.com>, Marcelo Tossati <mtosatti@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from e06smtp17.uk.ibm.com ([195.75.94.113]:42057 "EHLO
	e06smtp17.uk.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750746Ab1LJMhK (ORCPT <rfc822;kvm@vger.kernel.org>);
	Sat, 10 Dec 2011 07:37:10 -0500
Received: from /spool/local
	by e06smtp17.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
	for <kvm@vger.kernel.org> from <cotte@de.ibm.com>;
	Sat, 10 Dec 2011 12:37:09 -0000
Received: from d06av02.portsmouth.uk.ibm.com (d06av02.portsmouth.uk.ibm.com [9.149.37.228])
	by d06nrmr1806.portsmouth.uk.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id pBACb7OW2863284
	for <kvm@vger.kernel.org>; Sat, 10 Dec 2011 12:37:07 GMT
Received: from d06av02.portsmouth.uk.ibm.com (loopback [127.0.0.1])
	by d06av02.portsmouth.uk.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id pBACb628024497
	for <kvm@vger.kernel.org>; Sat, 10 Dec 2011 05:37:07 -0700
Content-Disposition: inline; filename=enable-ucontrol.patch
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

This patch introduces a new config option for user controlled kernel
virtual machines. It introduces an optional parameter to
KVM_CREATE_VM in order to create a user controlled virtual machine.
The parameter is passed to kvm_arch_init_vm for all architectures.
Valid values for the new parameter are KVM_VM_REGULAR (defined to 0
for backward compatibility to old KVM_CREATE_VM) and
KVM_VM_UCONTROL for s390 only.
Note that the user controlled virtual machines require CAP_SYS_ADMIN
privileges.

Signed-off-by: Carsten Otte <cotte@de.ibm.com>
---
---
 Documentation/virtual/kvm/api.txt |    7 ++++++-
 arch/ia64/kvm/kvm-ia64.c          |    5 ++++-
 arch/powerpc/kvm/powerpc.c        |    5 ++++-
 arch/s390/kvm/Kconfig             |    9 +++++++++
 arch/s390/kvm/kvm-s390.c          |   30 +++++++++++++++++++++++++-----
 arch/s390/kvm/kvm-s390.h          |   10 ++++++++++
 arch/x86/kvm/x86.c                |    5 ++++-
 include/linux/kvm.h               |    3 +++
 include/linux/kvm_host.h          |    2 +-
 virt/kvm/kvm_main.c               |   19 +++++++++++++------
 10 files changed, 79 insertions(+), 16 deletions(-)

--- a/Documentation/virtual/kvm/api.txt
+++ b/Documentation/virtual/kvm/api.txt
@@ -95,7 +95,7 @@ described as 'basic' will be available.
 Capability: basic
 Architectures: all
 Type: system ioctl
-Parameters: none
+Parameters: machine type identifier (KVM_VM_*)
 Returns: a VM fd that can be used to control the new virtual machine.
 
 The new VM has no virtual cpus and no memory.  An mmap() of a VM fd
@@ -103,6 +103,11 @@ will access the virtual machine's physic
 corresponds to guest physical address zero.  Use of mmap() on a VM fd
 is discouraged if userspace memory allocation (KVM_CAP_USER_MEMORY) is
 available.
+You most certainly want to use KVM_VM_REGULAR as machine type.
+
+In order to create user controlled virtual machines on S390, check
+KVM_CAP_UCONTROL and use KVM_VM_UCONTROL as machine type as
+privileged user (CAP_SYS_ADMIN).
 
 4.3 KVM_GET_MSR_INDEX_LIST
 
--- a/arch/ia64/kvm/kvm-ia64.c
+++ b/arch/ia64/kvm/kvm-ia64.c
@@ -809,10 +809,13 @@ static void kvm_build_io_pmt(struct kvm
 #define GUEST_PHYSICAL_RR4	0x2739
 #define VMM_INIT_RR		0x1660
 
-int kvm_arch_init_vm(struct kvm *kvm)
+int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 {
 	BUG_ON(!kvm);
 
+	if (type != KVM_VM_REGULAR)
+		return -EINVAL;
+
 	kvm->arch.is_sn2 = ia64_platform_is("sn2");
 
 	kvm->arch.metaphysical_rr0 = GUEST_PHYSICAL_RR0;
--- a/arch/powerpc/kvm/powerpc.c
+++ b/arch/powerpc/kvm/powerpc.c
@@ -171,8 +171,11 @@ void kvm_arch_check_processor_compat(voi
 	*(int *)rtn = kvmppc_core_check_processor_compat();
 }
 
-int kvm_arch_init_vm(struct kvm *kvm)
+int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 {
+	if (type != KVM_VM_REGULAR)
+		return -EINVAL;
+
 	return kvmppc_core_init_vm(kvm);
 }
 
--- a/arch/s390/kvm/Kconfig
+++ b/arch/s390/kvm/Kconfig
@@ -34,6 +34,15 @@ config KVM
 
 	  If unsure, say N.
 
+config KVM_UCONTROL
+	bool "Userspace controlled virtual machines"
+	depends on KVM
+	---help---
+	  Allow CAP_SYS_ADMIN users to create KVM virtual machines that are
+	  controlled by userspace.
+
+	  If unsure, say N.
+
 # OK, it's a little counter-intuitive to do this, but it puts it neatly under
 # the virtualization menu.
 source drivers/vhost/Kconfig
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -171,11 +171,28 @@ long kvm_arch_vm_ioctl(struct file *filp
 	return r;
 }
 
-int kvm_arch_init_vm(struct kvm *kvm)
+int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 {
 	int rc;
 	char debug_name[16];
 
+	rc = -EINVAL;
+#ifdef CONFIG_KVM_UCONTROL
+	switch (type) {
+	case KVM_VM_REGULAR:
+		break;
+	case KVM_VM_UCONTROL:
+		if (!capable(CAP_SYS_ADMIN))
+			goto out_err;
+		break;
+	default:
+		goto out_err;
+	}
+#else
+	if (type != KVM_VM_REGULAR)
+		goto out_err;
+#endif
+
 	rc = s390_enable_sie();
 	if (rc)
 		goto out_err;
@@ -198,10 +215,13 @@ int kvm_arch_init_vm(struct kvm *kvm)
 	debug_register_view(kvm->arch.dbf, &debug_sprintf_view);
 	VM_EVENT(kvm, 3, "%s", "vm created");
 
-	kvm->arch.gmap = gmap_alloc(current->mm);
-	if (!kvm->arch.gmap)
-		goto out_nogmap;
-
+	if (type == KVM_VM_REGULAR) {
+		kvm->arch.gmap = gmap_alloc(current->mm);
+		if (!kvm->arch.gmap)
+			goto out_nogmap;
+	} else {
+		kvm->arch.gmap = NULL;
+	}
 	return 0;
 out_nogmap:
 	debug_unregister(kvm->arch.dbf);
--- a/arch/s390/kvm/kvm-s390.h
+++ b/arch/s390/kvm/kvm-s390.h
@@ -47,6 +47,16 @@ static inline int __cpu_is_stopped(struc
 	return atomic_read(&vcpu->arch.sie_block->cpuflags) & CPUSTAT_STOP_INT;
 }
 
+static inline int kvm_is_ucontrol(struct kvm *kvm)
+{
+#ifdef CONFIG_KVM_UCONTROL
+	if (kvm->arch.gmap)
+		return 0;
+	return 1;
+#else
+	return 0;
+#endif
+}
 int kvm_s390_handle_wait(struct kvm_vcpu *vcpu);
 enum hrtimer_restart kvm_s390_idle_wakeup(struct hrtimer *timer);
 void kvm_s390_tasklet(unsigned long parm);
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -5969,8 +5969,11 @@ void kvm_arch_vcpu_uninit(struct kvm_vcp
 	free_page((unsigned long)vcpu->arch.pio_data);
 }
 
-int kvm_arch_init_vm(struct kvm *kvm)
+int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
 {
+	if (type != KVM_VM_REGULAR)
+		return -EINVAL;
+
 	INIT_LIST_HEAD(&kvm->arch.active_mmu_pages);
 	INIT_LIST_HEAD(&kvm->arch.assigned_dev_head);
 
--- a/include/linux/kvm.h
+++ b/include/linux/kvm.h
@@ -431,6 +431,9 @@ struct kvm_ppc_pvinfo {
 
 #define KVMIO 0xAE
 
+#define KVM_VM_REGULAR  0
+#define KVM_VM_UCONTROL	1
+
 /*
  * ioctls for /dev/kvm fds:
  */
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -519,7 +519,7 @@ static inline void kvm_arch_free_vm(stru
 }
 #endif
 
-int kvm_arch_init_vm(struct kvm *kvm);
+int kvm_arch_init_vm(struct kvm *kvm, unsigned long type);
 void kvm_arch_destroy_vm(struct kvm *kvm);
 void kvm_free_all_assigned_devices(struct kvm *kvm);
 void kvm_arch_sync_events(struct kvm *kvm);
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -449,7 +449,7 @@ static void kvm_init_memslots_id(struct
 		slots->id_to_index[i] = slots->memslots[i].id = i;
 }
 
-static struct kvm *kvm_create_vm(void)
+static struct kvm *kvm_create_vm(unsigned long type)
 {
 	int r, i;
 	struct kvm *kvm = kvm_arch_alloc_vm();
@@ -457,7 +457,7 @@ static struct kvm *kvm_create_vm(void)
 	if (!kvm)
 		return ERR_PTR(-ENOMEM);
 
-	r = kvm_arch_init_vm(kvm);
+	r = kvm_arch_init_vm(kvm, type);
 	if (r)
 		goto out_err_nodisable;
 
@@ -2207,12 +2207,12 @@ static struct file_operations kvm_vm_fop
 	.llseek		= noop_llseek,
 };
 
-static int kvm_dev_ioctl_create_vm(void)
+static int kvm_dev_ioctl_create_vm(unsigned long type)
 {
 	int r;
 	struct kvm *kvm;
 
-	kvm = kvm_create_vm();
+	kvm = kvm_create_vm(type);
 	if (IS_ERR(kvm))
 		return PTR_ERR(kvm);
 #ifdef KVM_COALESCED_MMIO_PAGE_OFFSET
@@ -2264,9 +2264,16 @@ static long kvm_dev_ioctl(struct file *f
 		break;
 	case KVM_CREATE_VM:
 		r = -EINVAL;
-		if (arg)
+		switch (arg) {
+		case KVM_VM_REGULAR:
+#ifdef CONFIG_KVM_UCONTROL
+		case KVM_VM_UCONTROL:
+#endif
+			r = kvm_dev_ioctl_create_vm(arg);
+			break;
+		default:
 			goto out;
-		r = kvm_dev_ioctl_create_vm();
+		}
 		break;
 	case KVM_CHECK_EXTENSION:
 		r = kvm_dev_ioctl_check_extension_generic(arg);