I want a user process in guest machine call a custom hypercall and qemu receives it. I don't want to make any modification of a guest kernel.
From this answer and other materials, I know that vmcall instruction will cause VMEXIT and VMM will receive the its exit reason and arguments.
According to Intel® 64 and IA-32 Architectures Software Developer’s Manual p.1201, vmcall instruction will trigger an exception when CPL > 0.
So I conclude that I need a (guest) kernel interface to invoke a hypercall.
I found that arch/x86/include/asm/kvm_para.h in Linux kernel has kvm_hypercallx functions (where x is a number of arguments). But I can't find a call site of these functions.
Is it possible to invoke a hypercall without any modification of a guest kernel? If so, how to do it? If not, is there any alternative?
VMCALL causes a VM exit at any CPL level when in a guest (VMX non-root mode). The check for CPL is done only if it is in VMX root mode.
Another way to cause an unconditional VM exit is with the CPUID instruction. The VMM can distinguish a hypercall from a regular CPUID invocation by the value in EAX.