S2E
diff --git a/‎accel/kvm/kvm-all.c
Copy file name to clipboardExpand all lines: accel/kvm/kvm-all.c
+112Lines changed: 112 additions & 0 deletions b/‎accel/kvm/kvm-all.c
Copy file name to clipboardExpand all lines: accel/kvm/kvm-all.c
+112Lines changed: 112 additions & 0 deletions
diff --git a/‎linux-headers/linux/kvm.h
Copy file name to clipboardExpand all lines: linux-headers/linux/kvm.h
+19Lines changed: 19 additions & 0 deletions b/‎linux-headers/linux/kvm.h
Copy file name to clipboardExpand all lines: linux-headers/linux/kvm.h
+19Lines changed: 19 additions & 0 deletions
@@ -39,6 +39,8 @@
 #include "trace.h"
 #include "hw/irq.h"
 #include "sysemu/sev.h"
+#include "migration/qemu-memfile.h"
+#include "migration/savevm.h"
 
 #include "hw/boards.h"
 
@@ -145,6 +147,10 @@ static bool kvm_has_mem_rw_flag;
 static bool kvm_has_disk_rw_flag;
 #endif
 
+#ifdef KVM_CAP_DEV_SNAPSHOT
+static bool kvm_dev_snapshot;
+#endif
+
 static const KVMCapabilityInfo kvm_required_capabilites[] = {
     KVM_CAP_INFO(USER_MEMORY),
     KVM_CAP_INFO(DESTROY_MEMORY_REGION_WORKS),
@@ -1522,6 +1528,7 @@ int kvm_has_mem_rw(void)
 {
     return kvm_has_mem_rw_flag;
 }
+
 int kvm_mem_rw(void *dest, const void *source, uint64_t size, int is_write)
 {
     struct kvm_mem_rw rw;
@@ -1536,6 +1543,7 @@ int kvm_has_mem_rw(void)
 {
     return 0;
 }
+
 int kvm_mem_rw(void *dest, const void *source, uint64_t size, int is_write)
 {
     return -1;
@@ -1547,6 +1555,7 @@ int kvm_has_disk_rw(void)
 {
     return kvm_has_disk_rw_flag;
 }
+
 int kvm_disk_rw(void *buffer, uint64_t sector, int count, int is_write)
 {
     int ret;
@@ -1566,12 +1575,94 @@ int kvm_has_disk_rw(void)
 {
     return 0;
 }
+
 int kvm_disk_rw(void *buffer, uint64_t sector, int count, int is_write)
 {
     return -1;
 }
 #endif
 
+#ifdef KVM_CAP_DEV_SNAPSHOT
+
+static int kvm_dev_save_snapshot(void)
+{
+    static bool unregistered = false;
+    int ret = -1;
+    struct kvm_dev_snapshot s;
+    size_t ssize;
+    Error *err = NULL;
+    QEMUFile *f = qemu_memfile_open();
+
+    if (kvm_dev_snapshot && !unregistered) {
+        vmstate_unregister_blacklisted_devices();
+        unregistered = true;
+    }
+
+    if (qemu_savevm_state(f, &err) < 0) {
+        if (err) {
+            error_report_err(err);
+            abort();
+        }
+    }
+
+    s.buffer = (uint64_t) qemu_file_get_internal_storage(f, &ssize);
+    if (!s.buffer) {
+        fprintf(stderr, "could not get internal storage\n");
+        abort();
+    }
+    s.size = (uint32_t) ssize;
+
+    s.is_write = 1;
+
+    ret = kvm_vm_ioctl(kvm_state, KVM_DEV_SNAPSHOT, &s);
+
+    if (ret < 0) {
+        fprintf(stderr, "Could not save device snapshot\n");
+        abort();
+    }
+
+    qemu_fclose(f);
+    return ret;
+}
+
+static int kvm_dev_restore_snapshot_cb(void *buffer, size_t pos, size_t size)
+{
+    struct kvm_dev_snapshot s;
+    s.buffer = (uintptr_t) buffer;
+    s.size = size;
+    s.is_write = 0;
+    s.pos = pos;
+
+    return kvm_vm_ioctl(kvm_state, KVM_DEV_SNAPSHOT, &s);
+}
+
+static int kvm_dev_restore_snapshot(void)
+{
+    QEMUFile *f = qemu_memfile_open_ro(kvm_dev_restore_snapshot_cb);
+    if (!f) {
+        return -1;
+    }
+
+    if (qemu_loadvm_state(f) < 0) {
+        error_report("Could not restore device state");
+        abort();
+    }
+
+    qemu_fclose(f);
+    return 0;
+}
+#else
+static int kvm_dev_save_snapshot(void)
+{
+    return -1;
+}
+
+static int kvm_dev_restore_snapshot(void)
+{
+    return -1;
+}
+#endif
+
 
 static int kvm_init(MachineState *ms)
 {
@@ -1768,6 +1859,10 @@ static int kvm_init(MachineState *ms)
     kvm_has_disk_rw_flag = kvm_check_extension(s, KVM_CAP_DISK_RW);
 #endif
 
+#ifdef KVM_CAP_DEV_SNAPSHOT
+    kvm_dev_snapshot = kvm_check_extension(s, KVM_CAP_DEV_SNAPSHOT);
+#endif
+
     kvm_state = s;
 
     /*
@@ -2144,6 +2239,23 @@ int kvm_cpu_exec(CPUState *cpu)
                 break;
             }
             break;
+        case KVM_EXIT_FLUSH_DISK:
+            bdrv_drain_all_begin();
+            bdrv_flush_all();
+            ret = 0;
+            break;
+        case KVM_EXIT_SAVE_DEV_STATE:
+            qemu_mutex_lock_iothread();
+            kvm_dev_save_snapshot();
+            qemu_mutex_unlock_iothread();
+            ret = 0;
+            break;
+        case KVM_EXIT_RESTORE_DEV_STATE:
+            qemu_mutex_lock_iothread();
+            kvm_dev_restore_snapshot();
+            qemu_mutex_unlock_iothread();
+            ret = 0;
+            break;
         default:
             DPRINTF("kvm_arch_handle_exit\n");
             ret = kvm_arch_handle_exit(cpu, run);
 
@@ -236,6 +236,11 @@ struct kvm_hyperv_exit {
 #define KVM_EXIT_IOAPIC_EOI       26
 #define KVM_EXIT_HYPERV           27
 
+/* Symbolic execution exit codes */
+#define KVM_EXIT_FLUSH_DISK       100
+#define KVM_EXIT_SAVE_DEV_STATE   101
+#define KVM_EXIT_RESTORE_DEV_STATE   102
+
 /* For KVM_EXIT_INTERNAL_ERROR */
 /* Emulate instruction failed. */
 #define KVM_INTERNAL_ERROR_EMULATION	1
@@ -964,6 +969,9 @@ struct kvm_ppc_resize_hpt {
 /* Indicates presence of in-kvm disk support */
 #define KVM_CAP_DISK_RW 257
 
+/* Indicates presence of device snapshots */
+#define KVM_CAP_DEV_SNAPSHOT 258
+
 #define KVM_CAP_MEM_RW 1021
 
 /****************************************/
@@ -1445,6 +1453,17 @@ struct kvm_disk_rw {
 };
 #define KVM_DISK_RW   _IOWR(KVMIO,  0xf6, struct kvm_disk_rw)
 
+/* Available with KVM_CAP_DEV_SNAPSHOT */
+struct kvm_dev_snapshot {
+    __u64 buffer;
+    /* If is_write == 0, indicates expected size in case of error */
+    __u32 size;
+    /* Only when is_write == 0, indicates the position from which reading the state */
+    __u32 pos;
+    __u8 is_write;
+};
+#define KVM_DEV_SNAPSHOT   _IOWR(KVMIO,  0xf7, struct kvm_dev_snapshot)
+
 /* Secure Encrypted Virtualization command */
 enum sev_cmd_id {
 	/* Guest initialization commands */