From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: VMCALL to KVM userspace?
Date: Tue, 13 Aug 2013 17:43:13 +0200
Message-ID: <520A5411.9060706@redhat.com>
References: <520A43CD.1040809@tu-dresden.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
Cc: kvm-devel <kvm@vger.kernel.org>
To: Florian Pester <florian.pester@tu-dresden.de>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-wg0-f48.google.com ([74.125.82.48]:39828 "EHLO
	mail-wg0-f48.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1758453Ab3HMPny (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 13 Aug 2013 11:43:54 -0400
Received: by mail-wg0-f48.google.com with SMTP id f12so6737979wgh.27
        for <kvm@vger.kernel.org>; Tue, 13 Aug 2013 08:43:53 -0700 (PDT)
In-Reply-To: <520A43CD.1040809@tu-dresden.de>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Il 13/08/2013 16:33, Florian Pester ha scritto:
> Hi,
> 
> for a uni project I'm trying to write a userspace for KVM that can run
> ELF binaries without a full blown OS in the guest. The idea is to handle
> any syscalls made by the binary running inside the guest in the
> userspace of the host. In the simplest case you could forward them to
> the host Linux kernel.
> 
> In any case, I've gotten pretty far, setting up IDTs, the VCPU, Page
> Tables and whatnot, but right now I'm stuck. I setup my syscall handler
> to do a VMCALL, which according to the Intel manual is supposed to
> return control to the host. However this seems to be handled by KVM
> without an exit into userspace?

Yes, this is correct.

> If this is correct, is there any way to make a call to the host VMM,
> that will be transfered to userspace by KVM?

You could patch kvm_emulate_hypercall to return to userspace on an
unknown VMCALL.  The simplest implementation could be something like

	vcpu->run->exit_reason = KVM_EXIT_HYPERCALL;
	return 0;

in vmx.c's handle_vmcall and similarly for svm.c's vmmcall_interception.
 If you want to make a patch for upstream, it is a bit more complicated
because of backwards-compatibility.  You will need a new capability and
you will need to enable it with KVM_ENABLE_CAP, which right now is only
used by PowerPC KVM.

However, this "hypercall to userspace" functionality used to be there
and was removed, so it is unlikely to resurrect...  I suggest you use
simply an "out" to an otherwise unused port.

Paolo