10 files changed, 193 insertions, 2 deletions
diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt
index 0fe36497642c..5c54d196f4c8 100644
--- a/Documentation/virtual/kvm/api.txt
+++ b/Documentation/virtual/kvm/api.txt
@@ -2863,8 +2863,8 @@ The fields in each entry are defined as follows:
         this function/index combination
-6. Capabilities that can be enabled
+6. Capabilities that can be enabled on vCPUs
-----------------------------------
+--------------------------------------------
 There are certain capabilities that change the behavior of the virtual CPU when
 enabled. To enable them, please see section 4.37. Below you can find a list of
@@ -3002,3 +3002,40 @@ Parameters: args[0] is the XICS device fd
            args[1] is the XICS CPU number (server ID) for this vcpu
 This capability connects the vcpu to an in-kernel XICS device.
+7. Capabilities that can be enabled on VMs
+------------------------------------------
+There are certain capabilities that change the behavior of the virtual
+machine when enabled. To enable them, please see section 4.37. Below
+you can find a list of capabilities and what their effect on the VM
+is when enabling them.
+The following information is provided along with the description:
+  Architectures: which instruction set architectures provide this ioctl.
+      x86 includes both i386 and x86_64.
+  Parameters: what parameters are accepted by the capability.
+  Returns: the return value.  General error numbers (EBADF, ENOMEM, EINVAL)
+      are not detailed, but errors with specific meanings are.
+7.1 KVM_CAP_PPC_ENABLE_HCALL
+Architectures: ppc
+Parameters: args[0] is the sPAPR hcall number
+            args[1] is 0 to disable, 1 to enable in-kernel handling
+This capability controls whether individual sPAPR hypercalls (hcalls)
+get handled by the kernel or not.  Enabling or disabling in-kernel
+handling of an hcall is effective across the VM.  On creation, an
+initial set of hcalls are enabled for in-kernel handling, which
+consists of those hcalls for which in-kernel handlers were implemented
+before this capability was implemented.  If disabled, the kernel will
+not to attempt to handle the hcall, but will always exit to userspace
+to handle it.  Note that it may not make sense to enable some and
+disable others of a group of related hcalls, but KVM does not prevent
+userspace from doing that.
diff --git a/arch/powerpc/include/asm/kvm_book3s.h b/arch/powerpc/include/asm/kvm_book3s.h
index a20cc0bbd048..052ab2ad49b5 100644
--- a/arch/powerpc/include/asm/kvm_book3s.h
+++ b/arch/powerpc/include/asm/kvm_book3s.h
@@ -187,6 +187,7 @@ extern void kvmppc_hv_entry_trampoline(void);
 extern u32 kvmppc_alignment_dsisr(struct kvm_vcpu *vcpu, unsigned int inst);
 extern ulong kvmppc_alignment_dar(struct kvm_vcpu *vcpu, unsigned int inst);
 extern int kvmppc_h_pr(struct kvm_vcpu *vcpu, unsigned long cmd);
+extern void kvmppc_pr_init_default_hcalls(struct kvm *kvm);
 extern void kvmppc_copy_to_svcpu(struct kvmppc_book3s_shadow_vcpu *svcpu,
                                 struct kvm_vcpu *vcpu);
 extern void kvmppc_copy_from_svcpu(struct kvm_vcpu *vcpu,
diff --git a/arch/powerpc/include/asm/kvm_host.h b/arch/powerpc/include/asm/kvm_host.h
index f9ae69682ce1..62b2cee450a5 100644
--- a/arch/powerpc/include/asm/kvm_host.h
+++ b/arch/powerpc/include/asm/kvm_host.h
@@ -34,6 +34,7 @@
 #include <asm/processor.h>
 #include <asm/page.h>
 #include <asm/cacheflush.h>
+#include <asm/hvcall.h>
 #define KVM_MAX_VCPUS           NR_CPUS
 #define KVM_MAX_VCORES          NR_CPUS
@@ -263,6 +264,7 @@ struct kvm_arch {
 #ifdef CONFIG_PPC_BOOK3S_64
        struct list_head spapr_tce_tables;
        struct list_head rtas_tokens;
+        DECLARE_BITMAP(enabled_hcalls, MAX_HCALL_OPCODE/4 + 1);
 #endif
 #ifdef CONFIG_KVM_MPIC
        struct openpic *mpic;
diff --git a/arch/powerpc/kernel/asm-offsets.c b/arch/powerpc/kernel/asm-offsets.c
index f5995a912213..17ffcb4f27f9 100644
--- a/arch/powerpc/kernel/asm-offsets.c
+++ b/arch/powerpc/kernel/asm-offsets.c
@@ -493,6 +493,7 @@ int main(void)
        DEFINE(KVM_HOST_SDR1, offsetof(struct kvm, arch.host_sdr1));
        DEFINE(KVM_TLBIE_LOCK, offsetof(struct kvm, arch.tlbie_lock));
        DEFINE(KVM_NEED_FLUSH, offsetof(struct kvm, arch.need_tlb_flush.bits));
+        DEFINE(KVM_ENABLED_HCALLS, offsetof(struct kvm, arch.enabled_hcalls));
        DEFINE(KVM_LPCR, offsetof(struct kvm, arch.lpcr));
        DEFINE(KVM_RMOR, offsetof(struct kvm, arch.rmor));
        DEFINE(KVM_VRMA_SLB_V, offsetof(struct kvm, arch.vrma_slb_v));
diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c
index 1562acfa05bf..cf445d22570f 100644
--- a/arch/powerpc/kvm/book3s_hv.c
+++ b/arch/powerpc/kvm/book3s_hv.c
@@ -67,6 +67,8 @@
 /* Used as a "null" value for timebase values */
 #define TB_NIL  (~(u64)0)
+static DECLARE_BITMAP(default_enabled_hcalls, MAX_HCALL_OPCODE/4 + 1);
 static void kvmppc_end_cede(struct kvm_vcpu *vcpu);
 static int kvmppc_hv_setup_htab_rma(struct kvm_vcpu *vcpu);
@@ -562,6 +564,10 @@ int kvmppc_pseries_do_hcall(struct kvm_vcpu *vcpu)
        struct kvm_vcpu *tvcpu;
        int idx, rc;
+        if (req <= MAX_HCALL_OPCODE &&
+            !test_bit(req/4, vcpu->kvm->arch.enabled_hcalls))
+                return RESUME_HOST;
        switch (req) {
        case H_ENTER:
                idx = srcu_read_lock(&vcpu->kvm->srcu);
@@ -2269,6 +2275,10 @@ static int kvmppc_core_init_vm_hv(struct kvm *kvm)
         */
        cpumask_setall(&kvm->arch.need_tlb_flush);
+        /* Start out with the default set of hcalls enabled */
+        memcpy(kvm->arch.enabled_hcalls, default_enabled_hcalls,
+               sizeof(kvm->arch.enabled_hcalls));
        kvm->arch.rma = NULL;
        kvm->arch.host_sdr1 = mfspr(SPRN_SDR1);
@@ -2407,6 +2417,45 @@ static long kvm_arch_vm_ioctl_hv(struct file *filp,
        return r;
 }
+/*
+ * List of hcall numbers to enable by default.
+ * For compatibility with old userspace, we enable by default
+ * all hcalls that were implemented before the hcall-enabling
+ * facility was added.  Note this list should not include H_RTAS.
+ */
+static unsigned int default_hcall_list[] = {
+        H_REMOVE,
+        H_ENTER,
+        H_READ,
+        H_PROTECT,
+        H_BULK_REMOVE,
+        H_GET_TCE,
+        H_PUT_TCE,
+        H_SET_DABR,
+        H_SET_XDABR,
+        H_CEDE,
+        H_PROD,
+        H_CONFER,
+        H_REGISTER_VPA,
+#ifdef CONFIG_KVM_XICS
+        H_EOI,
+        H_CPPR,
+        H_IPI,
+        H_IPOLL,
+        H_XIRR,
+        H_XIRR_X,
+#endif
+        0
+};
+static void init_default_hcalls(void)
+{
+        int i;
+        for (i = 0; default_hcall_list[i]; ++i)
+                __set_bit(default_hcall_list[i] / 4, default_enabled_hcalls);
+}
 static struct kvmppc_ops kvm_ops_hv = {
        .get_sregs = kvm_arch_vcpu_ioctl_get_sregs_hv,
        .set_sregs = kvm_arch_vcpu_ioctl_set_sregs_hv,
@@ -2454,6 +2503,8 @@ static int kvmppc_book3s_init_hv(void)
        kvm_ops_hv.owner = THIS_MODULE;
        kvmppc_hv_ops = &kvm_ops_hv;
+        init_default_hcalls();
        r = kvmppc_mmu_hv_init();
        return r;
 }
diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
index 64ac56f6c3fe..33aaadef7139 100644
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -1909,6 +1909,17 @@ hcall_try_real_mode:
        clrrdi  r3,r3,2
        cmpldi  r3,hcall_real_table_end - hcall_real_table
        bge     guest_exit_cont
+        /* See if this hcall is enabled for in-kernel handling */
+        ld      r4, VCPU_KVM(r9)
+        srdi    r0, r3, 8       /* r0 = (r3 / 4) >> 6 */
+        sldi    r0, r0, 3       /* index into kvm->arch.enabled_hcalls[] */
+        add     r4, r4, r0
+        ld      r0, KVM_ENABLED_HCALLS(r4)
+        rlwinm  r4, r3, 32-2, 0x3f      /* r4 = (r3 / 4) & 0x3f */
+        srd     r0, r0, r4
+        andi.   r0, r0, 1
+        beq     guest_exit_cont
+        /* Get pointer to handler, if any, and call it */
        LOAD_REG_ADDR(r4, hcall_real_table)
        lwax    r3,r3,r4
        cmpwi   r3,0
diff --git a/arch/powerpc/kvm/book3s_pr.c b/arch/powerpc/kvm/book3s_pr.c
index 3b82e8616dfa..123ac7dc5e1f 100644
--- a/arch/powerpc/kvm/book3s_pr.c
+++ b/arch/powerpc/kvm/book3s_pr.c
@@ -1597,6 +1597,11 @@ static int kvmppc_core_init_vm_pr(struct kvm *kvm)
 {
        mutex_init(&kvm->arch.hpt_mutex);
+#ifdef CONFIG_PPC_BOOK3S_64
+        /* Start out with the default set of hcalls enabled */
+        kvmppc_pr_init_default_hcalls(kvm);
+#endif
        if (firmware_has_feature(FW_FEATURE_SET_MODE)) {
                spin_lock(&kvm_global_user_count_lock);
                if (++kvm_global_user_count == 1)
diff --git a/arch/powerpc/kvm/book3s_pr_papr.c b/arch/powerpc/kvm/book3s_pr_papr.c
index f7c25c625a5b..eacaa6e4876e 100644
--- a/arch/powerpc/kvm/book3s_pr_papr.c
+++ b/arch/powerpc/kvm/book3s_pr_papr.c
@@ -267,6 +267,10 @@ static int kvmppc_h_pr_xics_hcall(struct kvm_vcpu *vcpu, u32 cmd)
 int kvmppc_h_pr(struct kvm_vcpu *vcpu, unsigned long cmd)
 {
+        if (cmd <= MAX_HCALL_OPCODE &&
+            !test_bit(cmd/4, vcpu->kvm->arch.enabled_hcalls))
+                return EMULATE_FAIL;
        switch (cmd) {
        case H_ENTER:
                return kvmppc_h_pr_enter(vcpu);
@@ -304,3 +308,36 @@ int kvmppc_h_pr(struct kvm_vcpu *vcpu, unsigned long cmd)
        return EMULATE_FAIL;
 }
+/*
+ * List of hcall numbers to enable by default.
+ * For compatibility with old userspace, we enable by default
+ * all hcalls that were implemented before the hcall-enabling
+ * facility was added.  Note this list should not include H_RTAS.
+ */
+static unsigned int default_hcall_list[] = {
+        H_ENTER,
+        H_REMOVE,
+        H_PROTECT,
+        H_BULK_REMOVE,
+        H_PUT_TCE,
+        H_CEDE,
+#ifdef CONFIG_KVM_XICS
+        H_XIRR,
+        H_CPPR,
+        H_EOI,
+        H_IPI,
+        H_IPOLL,
+        H_XIRR_X,
+#endif
+        0
+};
+void kvmppc_pr_init_default_hcalls(struct kvm *kvm)
+{
+        int i;
+        for (i = 0; default_hcall_list[i]; ++i)
+                __set_bit(default_hcall_list[i] / 4, kvm->arch.enabled_hcalls);
+}
diff --git a/arch/powerpc/kvm/powerpc.c b/arch/powerpc/kvm/powerpc.c
index 61c738ab1283..3222a4d08a6f 100644
--- a/arch/powerpc/kvm/powerpc.c
+++ b/arch/powerpc/kvm/powerpc.c
@@ -387,6 +387,7 @@ int kvm_dev_ioctl_check_extension(long ext)
        case KVM_CAP_PPC_UNSET_IRQ:
        case KVM_CAP_PPC_IRQ_LEVEL:
        case KVM_CAP_ENABLE_CAP:
+        case KVM_CAP_ENABLE_CAP_VM:
        case KVM_CAP_ONE_REG:
        case KVM_CAP_IOEVENTFD:
        case KVM_CAP_DEVICE_CTRL:
@@ -417,6 +418,7 @@ int kvm_dev_ioctl_check_extension(long ext)
        case KVM_CAP_PPC_ALLOC_HTAB:
        case KVM_CAP_PPC_RTAS:
        case KVM_CAP_PPC_FIXUP_HCALL:
+        case KVM_CAP_PPC_ENABLE_HCALL:
 #ifdef CONFIG_KVM_XICS
        case KVM_CAP_IRQ_XICS:
 #endif
@@ -1099,6 +1101,40 @@ int kvm_vm_ioctl_irq_line(struct kvm *kvm, struct kvm_irq_level *irq_event,
        return 0;
 }
+static int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
+                                   struct kvm_enable_cap *cap)
+{
+        int r;
+        if (cap->flags)
+                return -EINVAL;
+        switch (cap->cap) {
+#ifdef CONFIG_KVM_BOOK3S_64_HANDLER
+        case KVM_CAP_PPC_ENABLE_HCALL: {
+                unsigned long hcall = cap->args[0];
+                r = -EINVAL;
+                if (hcall > MAX_HCALL_OPCODE || (hcall & 3) ||
+                    cap->args[1] > 1)
+                        break;
+                if (cap->args[1])
+                        set_bit(hcall / 4, kvm->arch.enabled_hcalls);
+                else
+                        clear_bit(hcall / 4, kvm->arch.enabled_hcalls);
+                r = 0;
+                break;
+        }
+#endif
+        default:
+                r = -EINVAL;
+                break;
+        }
+        return r;
+}
 long kvm_arch_vm_ioctl(struct file *filp,
                       unsigned int ioctl, unsigned long arg)
 {
@@ -1118,6 +1154,15 @@ long kvm_arch_vm_ioctl(struct file *filp,
                break;
        }
+        case KVM_ENABLE_CAP:
+        {
+                struct kvm_enable_cap cap;
+                r = -EFAULT;
+                if (copy_from_user(&cap, argp, sizeof(cap)))
+                        goto out;
+                r = kvm_vm_ioctl_enable_cap(kvm, &cap);
+                break;
+        }
 #ifdef CONFIG_PPC_BOOK3S_64
        case KVM_CREATE_SPAPR_TCE: {
                struct kvm_create_spapr_tce create_tce;
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index e11d8f170a62..0418b746cb68 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -758,6 +758,7 @@ struct kvm_ppc_smmu_info {
 #define KVM_CAP_VM_ATTRIBUTES 101
 #define KVM_CAP_ARM_PSCI_0_2 102
 #define KVM_CAP_PPC_FIXUP_HCALL 103
+#define KVM_CAP_PPC_ENABLE_HCALL 104
 #ifdef KVM_CAP_IRQ_ROUTING

diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt index 0fe36497642c..5c54d196f4c8 100644 --- a/Documentation/virtual/kvm/api.txt +++ b/Documentation/virtual/kvm/api.txt
@@ -2863,8 +2863,8 @@ The fields in each entry are defined as follows:
2863	this function/index combination	2863	this function/index combination
2864		2864
2865		2865
2866	6. Capabilities that can be enabled	2866	6. Capabilities that can be enabled on vCPUs
2867	-----------------------------------	2867	--------------------------------------------
2868		2868
2869	There are certain capabilities that change the behavior of the virtual CPU when	2869	There are certain capabilities that change the behavior of the virtual CPU when
2870	enabled. To enable them, please see section 4.37. Below you can find a list of	2870	enabled. To enable them, please see section 4.37. Below you can find a list of
@@ -3002,3 +3002,40 @@ Parameters: args[0] is the XICS device fd
3002	args[1] is the XICS CPU number (server ID) for this vcpu	3002	args[1] is the XICS CPU number (server ID) for this vcpu
3003		3003
3004	This capability connects the vcpu to an in-kernel XICS device.	3004	This capability connects the vcpu to an in-kernel XICS device.
		3005
		3006
		3007	7. Capabilities that can be enabled on VMs
		3008	------------------------------------------
		3009
		3010	There are certain capabilities that change the behavior of the virtual
		3011	machine when enabled. To enable them, please see section 4.37. Below
		3012	you can find a list of capabilities and what their effect on the VM
		3013	is when enabling them.
		3014
		3015	The following information is provided along with the description:
		3016
		3017	Architectures: which instruction set architectures provide this ioctl.
		3018	x86 includes both i386 and x86_64.
		3019
		3020	Parameters: what parameters are accepted by the capability.
		3021
		3022	Returns: the return value. General error numbers (EBADF, ENOMEM, EINVAL)
		3023	are not detailed, but errors with specific meanings are.
		3024
		3025
		3026	7.1 KVM_CAP_PPC_ENABLE_HCALL
		3027
		3028	Architectures: ppc
		3029	Parameters: args[0] is the sPAPR hcall number
		3030	args[1] is 0 to disable, 1 to enable in-kernel handling
		3031
		3032	This capability controls whether individual sPAPR hypercalls (hcalls)
		3033	get handled by the kernel or not. Enabling or disabling in-kernel
		3034	handling of an hcall is effective across the VM. On creation, an
		3035	initial set of hcalls are enabled for in-kernel handling, which
		3036	consists of those hcalls for which in-kernel handlers were implemented
		3037	before this capability was implemented. If disabled, the kernel will
		3038	not to attempt to handle the hcall, but will always exit to userspace
		3039	to handle it. Note that it may not make sense to enable some and
		3040	disable others of a group of related hcalls, but KVM does not prevent
		3041	userspace from doing that.


diff --git a/arch/powerpc/include/asm/kvm_book3s.h b/arch/powerpc/include/asm/kvm_book3s.h index a20cc0bbd048..052ab2ad49b5 100644 --- a/arch/powerpc/include/asm/kvm_book3s.h +++ b/arch/powerpc/include/asm/kvm_book3s.h
@@ -187,6 +187,7 @@ extern void kvmppc_hv_entry_trampoline(void);
187	extern u32 kvmppc_alignment_dsisr(struct kvm_vcpu *vcpu, unsigned int inst);	187	extern u32 kvmppc_alignment_dsisr(struct kvm_vcpu *vcpu, unsigned int inst);
188	extern ulong kvmppc_alignment_dar(struct kvm_vcpu *vcpu, unsigned int inst);	188	extern ulong kvmppc_alignment_dar(struct kvm_vcpu *vcpu, unsigned int inst);
189	extern int kvmppc_h_pr(struct kvm_vcpu *vcpu, unsigned long cmd);	189	extern int kvmppc_h_pr(struct kvm_vcpu *vcpu, unsigned long cmd);
		190	extern void kvmppc_pr_init_default_hcalls(struct kvm *kvm);
190	extern void kvmppc_copy_to_svcpu(struct kvmppc_book3s_shadow_vcpu *svcpu,	191	extern void kvmppc_copy_to_svcpu(struct kvmppc_book3s_shadow_vcpu *svcpu,
191	struct kvm_vcpu *vcpu);	192	struct kvm_vcpu *vcpu);
192	extern void kvmppc_copy_from_svcpu(struct kvm_vcpu *vcpu,	193	extern void kvmppc_copy_from_svcpu(struct kvm_vcpu *vcpu,


diff --git a/arch/powerpc/include/asm/kvm_host.h b/arch/powerpc/include/asm/kvm_host.h index f9ae69682ce1..62b2cee450a5 100644 --- a/arch/powerpc/include/asm/kvm_host.h +++ b/arch/powerpc/include/asm/kvm_host.h
@@ -34,6 +34,7 @@
34	#include <asm/processor.h>	34	#include <asm/processor.h>
35	#include <asm/page.h>	35	#include <asm/page.h>
36	#include <asm/cacheflush.h>	36	#include <asm/cacheflush.h>
		37	#include <asm/hvcall.h>
37		38
38	#define KVM_MAX_VCPUS NR_CPUS	39	#define KVM_MAX_VCPUS NR_CPUS
39	#define KVM_MAX_VCORES NR_CPUS	40	#define KVM_MAX_VCORES NR_CPUS
@@ -263,6 +264,7 @@ struct kvm_arch {
263	#ifdef CONFIG_PPC_BOOK3S_64	264	#ifdef CONFIG_PPC_BOOK3S_64
264	struct list_head spapr_tce_tables;	265	struct list_head spapr_tce_tables;
265	struct list_head rtas_tokens;	266	struct list_head rtas_tokens;
		267	DECLARE_BITMAP(enabled_hcalls, MAX_HCALL_OPCODE/4 + 1);
266	#endif	268	#endif
267	#ifdef CONFIG_KVM_MPIC	269	#ifdef CONFIG_KVM_MPIC
268	struct openpic *mpic;	270	struct openpic *mpic;


diff --git a/arch/powerpc/kernel/asm-offsets.c b/arch/powerpc/kernel/asm-offsets.c index f5995a912213..17ffcb4f27f9 100644 --- a/arch/powerpc/kernel/asm-offsets.c +++ b/arch/powerpc/kernel/asm-offsets.c
@@ -493,6 +493,7 @@ int main(void)
493	DEFINE(KVM_HOST_SDR1, offsetof(struct kvm, arch.host_sdr1));	493	DEFINE(KVM_HOST_SDR1, offsetof(struct kvm, arch.host_sdr1));
494	DEFINE(KVM_TLBIE_LOCK, offsetof(struct kvm, arch.tlbie_lock));	494	DEFINE(KVM_TLBIE_LOCK, offsetof(struct kvm, arch.tlbie_lock));
495	DEFINE(KVM_NEED_FLUSH, offsetof(struct kvm, arch.need_tlb_flush.bits));	495	DEFINE(KVM_NEED_FLUSH, offsetof(struct kvm, arch.need_tlb_flush.bits));
		496	DEFINE(KVM_ENABLED_HCALLS, offsetof(struct kvm, arch.enabled_hcalls));
496	DEFINE(KVM_LPCR, offsetof(struct kvm, arch.lpcr));	497	DEFINE(KVM_LPCR, offsetof(struct kvm, arch.lpcr));
497	DEFINE(KVM_RMOR, offsetof(struct kvm, arch.rmor));	498	DEFINE(KVM_RMOR, offsetof(struct kvm, arch.rmor));
498	DEFINE(KVM_VRMA_SLB_V, offsetof(struct kvm, arch.vrma_slb_v));	499	DEFINE(KVM_VRMA_SLB_V, offsetof(struct kvm, arch.vrma_slb_v));


diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index 1562acfa05bf..cf445d22570f 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c
@@ -67,6 +67,8 @@
67	/* Used as a "null" value for timebase values */	67	/* Used as a "null" value for timebase values */
68	#define TB_NIL (~(u64)0)	68	#define TB_NIL (~(u64)0)
69		69
		70	static DECLARE_BITMAP(default_enabled_hcalls, MAX_HCALL_OPCODE/4 + 1);
		71
70	static void kvmppc_end_cede(struct kvm_vcpu *vcpu);	72	static void kvmppc_end_cede(struct kvm_vcpu *vcpu);
71	static int kvmppc_hv_setup_htab_rma(struct kvm_vcpu *vcpu);	73	static int kvmppc_hv_setup_htab_rma(struct kvm_vcpu *vcpu);
72		74
@@ -562,6 +564,10 @@ int kvmppc_pseries_do_hcall(struct kvm_vcpu *vcpu)
562	struct kvm_vcpu *tvcpu;	564	struct kvm_vcpu *tvcpu;
563	int idx, rc;	565	int idx, rc;
564		566
		567	if (req <= MAX_HCALL_OPCODE &&
		568	!test_bit(req/4, vcpu->kvm->arch.enabled_hcalls))
		569	return RESUME_HOST;
		570
565	switch (req) {	571	switch (req) {
566	case H_ENTER:	572	case H_ENTER:
567	idx = srcu_read_lock(&vcpu->kvm->srcu);	573	idx = srcu_read_lock(&vcpu->kvm->srcu);
@@ -2269,6 +2275,10 @@ static int kvmppc_core_init_vm_hv(struct kvm *kvm)
2269	*/	2275	*/
2270	cpumask_setall(&kvm->arch.need_tlb_flush);	2276	cpumask_setall(&kvm->arch.need_tlb_flush);
2271		2277
		2278	/* Start out with the default set of hcalls enabled */
		2279	memcpy(kvm->arch.enabled_hcalls, default_enabled_hcalls,
		2280	sizeof(kvm->arch.enabled_hcalls));
		2281
2272	kvm->arch.rma = NULL;	2282	kvm->arch.rma = NULL;
2273		2283
2274	kvm->arch.host_sdr1 = mfspr(SPRN_SDR1);	2284	kvm->arch.host_sdr1 = mfspr(SPRN_SDR1);
@@ -2407,6 +2417,45 @@ static long kvm_arch_vm_ioctl_hv(struct file *filp,
2407	return r;	2417	return r;
2408	}	2418	}
2409		2419
		2420	/*
		2421	* List of hcall numbers to enable by default.
		2422	* For compatibility with old userspace, we enable by default
		2423	* all hcalls that were implemented before the hcall-enabling
		2424	* facility was added. Note this list should not include H_RTAS.
		2425	*/
		2426	static unsigned int default_hcall_list[] = {
		2427	H_REMOVE,
		2428	H_ENTER,
		2429	H_READ,
		2430	H_PROTECT,
		2431	H_BULK_REMOVE,
		2432	H_GET_TCE,
		2433	H_PUT_TCE,
		2434	H_SET_DABR,
		2435	H_SET_XDABR,
		2436	H_CEDE,
		2437	H_PROD,
		2438	H_CONFER,
		2439	H_REGISTER_VPA,
		2440	#ifdef CONFIG_KVM_XICS
		2441	H_EOI,
		2442	H_CPPR,
		2443	H_IPI,
		2444	H_IPOLL,
		2445	H_XIRR,
		2446	H_XIRR_X,
		2447	#endif
		2448	0
		2449	};
		2450
		2451	static void init_default_hcalls(void)
		2452	{
		2453	int i;
		2454
		2455	for (i = 0; default_hcall_list[i]; ++i)
		2456	__set_bit(default_hcall_list[i] / 4, default_enabled_hcalls);
		2457	}
		2458
2410	static struct kvmppc_ops kvm_ops_hv = {	2459	static struct kvmppc_ops kvm_ops_hv = {
2411	.get_sregs = kvm_arch_vcpu_ioctl_get_sregs_hv,	2460	.get_sregs = kvm_arch_vcpu_ioctl_get_sregs_hv,
2412	.set_sregs = kvm_arch_vcpu_ioctl_set_sregs_hv,	2461	.set_sregs = kvm_arch_vcpu_ioctl_set_sregs_hv,
@@ -2454,6 +2503,8 @@ static int kvmppc_book3s_init_hv(void)
2454	kvm_ops_hv.owner = THIS_MODULE;	2503	kvm_ops_hv.owner = THIS_MODULE;
2455	kvmppc_hv_ops = &kvm_ops_hv;	2504	kvmppc_hv_ops = &kvm_ops_hv;
2456		2505
		2506	init_default_hcalls();
		2507
2457	r = kvmppc_mmu_hv_init();	2508	r = kvmppc_mmu_hv_init();
2458	return r;	2509	return r;
2459	}	2510	}


diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S index 64ac56f6c3fe..33aaadef7139 100644 --- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S +++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -1909,6 +1909,17 @@ hcall_try_real_mode:
1909	clrrdi r3,r3,2	1909	clrrdi r3,r3,2
1910	cmpldi r3,hcall_real_table_end - hcall_real_table	1910	cmpldi r3,hcall_real_table_end - hcall_real_table
1911	bge guest_exit_cont	1911	bge guest_exit_cont
		1912	/* See if this hcall is enabled for in-kernel handling */
		1913	ld r4, VCPU_KVM(r9)
		1914	srdi r0, r3, 8 /* r0 = (r3 / 4) >> 6 */
		1915	sldi r0, r0, 3 /* index into kvm->arch.enabled_hcalls[] */
		1916	add r4, r4, r0
		1917	ld r0, KVM_ENABLED_HCALLS(r4)
		1918	rlwinm r4, r3, 32-2, 0x3f /* r4 = (r3 / 4) & 0x3f */
		1919	srd r0, r0, r4
		1920	andi. r0, r0, 1
		1921	beq guest_exit_cont
		1922	/* Get pointer to handler, if any, and call it */
1912	LOAD_REG_ADDR(r4, hcall_real_table)	1923	LOAD_REG_ADDR(r4, hcall_real_table)
1913	lwax r3,r3,r4	1924	lwax r3,r3,r4
1914	cmpwi r3,0	1925	cmpwi r3,0


diff --git a/arch/powerpc/kvm/book3s_pr.c b/arch/powerpc/kvm/book3s_pr.c index 3b82e8616dfa..123ac7dc5e1f 100644 --- a/arch/powerpc/kvm/book3s_pr.c +++ b/arch/powerpc/kvm/book3s_pr.c
@@ -1597,6 +1597,11 @@ static int kvmppc_core_init_vm_pr(struct kvm *kvm)
1597	{	1597	{
1598	mutex_init(&kvm->arch.hpt_mutex);	1598	mutex_init(&kvm->arch.hpt_mutex);
1599		1599
		1600	#ifdef CONFIG_PPC_BOOK3S_64
		1601	/* Start out with the default set of hcalls enabled */
		1602	kvmppc_pr_init_default_hcalls(kvm);
		1603	#endif
		1604
1600	if (firmware_has_feature(FW_FEATURE_SET_MODE)) {	1605	if (firmware_has_feature(FW_FEATURE_SET_MODE)) {
1601	spin_lock(&kvm_global_user_count_lock);	1606	spin_lock(&kvm_global_user_count_lock);
1602	if (++kvm_global_user_count == 1)	1607	if (++kvm_global_user_count == 1)


diff --git a/arch/powerpc/kvm/book3s_pr_papr.c b/arch/powerpc/kvm/book3s_pr_papr.c index f7c25c625a5b..eacaa6e4876e 100644 --- a/arch/powerpc/kvm/book3s_pr_papr.c +++ b/arch/powerpc/kvm/book3s_pr_papr.c
@@ -267,6 +267,10 @@ static int kvmppc_h_pr_xics_hcall(struct kvm_vcpu *vcpu, u32 cmd)
267		267
268	int kvmppc_h_pr(struct kvm_vcpu *vcpu, unsigned long cmd)	268	int kvmppc_h_pr(struct kvm_vcpu *vcpu, unsigned long cmd)
269	{	269	{
		270	if (cmd <= MAX_HCALL_OPCODE &&
		271	!test_bit(cmd/4, vcpu->kvm->arch.enabled_hcalls))
		272	return EMULATE_FAIL;
		273
270	switch (cmd) {	274	switch (cmd) {
271	case H_ENTER:	275	case H_ENTER:
272	return kvmppc_h_pr_enter(vcpu);	276	return kvmppc_h_pr_enter(vcpu);
@@ -304,3 +308,36 @@ int kvmppc_h_pr(struct kvm_vcpu *vcpu, unsigned long cmd)
304		308
305	return EMULATE_FAIL;	309	return EMULATE_FAIL;
306	}	310	}
		311
		312
		313	/*
		314	* List of hcall numbers to enable by default.
		315	* For compatibility with old userspace, we enable by default
		316	* all hcalls that were implemented before the hcall-enabling
		317	* facility was added. Note this list should not include H_RTAS.
		318	*/
		319	static unsigned int default_hcall_list[] = {
		320	H_ENTER,
		321	H_REMOVE,
		322	H_PROTECT,
		323	H_BULK_REMOVE,
		324	H_PUT_TCE,
		325	H_CEDE,
		326	#ifdef CONFIG_KVM_XICS
		327	H_XIRR,
		328	H_CPPR,
		329	H_EOI,
		330	H_IPI,
		331	H_IPOLL,
		332	H_XIRR_X,
		333	#endif
		334	0
		335	};
		336
		337	void kvmppc_pr_init_default_hcalls(struct kvm *kvm)
		338	{
		339	int i;
		340
		341	for (i = 0; default_hcall_list[i]; ++i)
		342	__set_bit(default_hcall_list[i] / 4, kvm->arch.enabled_hcalls);
		343	}


diff --git a/arch/powerpc/kvm/powerpc.c b/arch/powerpc/kvm/powerpc.c index 61c738ab1283..3222a4d08a6f 100644 --- a/arch/powerpc/kvm/powerpc.c +++ b/arch/powerpc/kvm/powerpc.c
@@ -387,6 +387,7 @@ int kvm_dev_ioctl_check_extension(long ext)
387	case KVM_CAP_PPC_UNSET_IRQ:	387	case KVM_CAP_PPC_UNSET_IRQ:
388	case KVM_CAP_PPC_IRQ_LEVEL:	388	case KVM_CAP_PPC_IRQ_LEVEL:
389	case KVM_CAP_ENABLE_CAP:	389	case KVM_CAP_ENABLE_CAP:
		390	case KVM_CAP_ENABLE_CAP_VM:
390	case KVM_CAP_ONE_REG:	391	case KVM_CAP_ONE_REG:
391	case KVM_CAP_IOEVENTFD:	392	case KVM_CAP_IOEVENTFD:
392	case KVM_CAP_DEVICE_CTRL:	393	case KVM_CAP_DEVICE_CTRL:
@@ -417,6 +418,7 @@ int kvm_dev_ioctl_check_extension(long ext)
417	case KVM_CAP_PPC_ALLOC_HTAB:	418	case KVM_CAP_PPC_ALLOC_HTAB:
418	case KVM_CAP_PPC_RTAS:	419	case KVM_CAP_PPC_RTAS:
419	case KVM_CAP_PPC_FIXUP_HCALL:	420	case KVM_CAP_PPC_FIXUP_HCALL:
		421	case KVM_CAP_PPC_ENABLE_HCALL:
420	#ifdef CONFIG_KVM_XICS	422	#ifdef CONFIG_KVM_XICS
421	case KVM_CAP_IRQ_XICS:	423	case KVM_CAP_IRQ_XICS:
422	#endif	424	#endif
@@ -1099,6 +1101,40 @@ int kvm_vm_ioctl_irq_line(struct kvm kvm, struct kvm_irq_level irq_event,
1099	return 0;	1101	return 0;
1100	}	1102	}
1101		1103
		1104
		1105	static int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
		1106	struct kvm_enable_cap *cap)
		1107	{
		1108	int r;
		1109
		1110	if (cap->flags)
		1111	return -EINVAL;
		1112
		1113	switch (cap->cap) {
		1114	#ifdef CONFIG_KVM_BOOK3S_64_HANDLER
		1115	case KVM_CAP_PPC_ENABLE_HCALL: {
		1116	unsigned long hcall = cap->args[0];
		1117
		1118	r = -EINVAL;
		1119	if (hcall > MAX_HCALL_OPCODE \|\| (hcall & 3) \|\|
		1120	cap->args[1] > 1)
		1121	break;
		1122	if (cap->args[1])
		1123	set_bit(hcall / 4, kvm->arch.enabled_hcalls);
		1124	else
		1125	clear_bit(hcall / 4, kvm->arch.enabled_hcalls);
		1126	r = 0;
		1127	break;
		1128	}
		1129	#endif
		1130	default:
		1131	r = -EINVAL;
		1132	break;
		1133	}
		1134
		1135	return r;
		1136	}
		1137
1102	long kvm_arch_vm_ioctl(struct file *filp,	1138	long kvm_arch_vm_ioctl(struct file *filp,
1103	unsigned int ioctl, unsigned long arg)	1139	unsigned int ioctl, unsigned long arg)
1104	{	1140	{
@@ -1118,6 +1154,15 @@ long kvm_arch_vm_ioctl(struct file *filp,
1118		1154
1119	break;	1155	break;
1120	}	1156	}
		1157	case KVM_ENABLE_CAP:
		1158	{
		1159	struct kvm_enable_cap cap;
		1160	r = -EFAULT;
		1161	if (copy_from_user(&cap, argp, sizeof(cap)))
		1162	goto out;
		1163	r = kvm_vm_ioctl_enable_cap(kvm, &cap);
		1164	break;
		1165	}
1121	#ifdef CONFIG_PPC_BOOK3S_64	1166	#ifdef CONFIG_PPC_BOOK3S_64
1122	case KVM_CREATE_SPAPR_TCE: {	1167	case KVM_CREATE_SPAPR_TCE: {
1123	struct kvm_create_spapr_tce create_tce;	1168	struct kvm_create_spapr_tce create_tce;


diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index e11d8f170a62..0418b746cb68 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h
@@ -758,6 +758,7 @@ struct kvm_ppc_smmu_info {
758	#define KVM_CAP_VM_ATTRIBUTES 101	758	#define KVM_CAP_VM_ATTRIBUTES 101
759	#define KVM_CAP_ARM_PSCI_0_2 102	759	#define KVM_CAP_ARM_PSCI_0_2 102
760	#define KVM_CAP_PPC_FIXUP_HCALL 103	760	#define KVM_CAP_PPC_FIXUP_HCALL 103
		761	#define KVM_CAP_PPC_ENABLE_HCALL 104
761		762
762	#ifdef KVM_CAP_IRQ_ROUTING	763	#ifdef KVM_CAP_IRQ_ROUTING
763		764