1 files changed, 17 insertions, 0 deletions

diff --git a/executor/common_kvm_ppc64.h b/executor/common_kvm_ppc64.h
index a000cb3b5..287d7a7b3 100644
--- a/executor/common_kvm_ppc64.h
+++ b/executor/common_kvm_ppc64.h
@@ -90,6 +90,16 @@ struct kvm_text {
 	uintptr_t size;
 };
 
+static int kvmppc_define_rtas_kernel_token(int vmfd, unsigned token, const char* func)
+{
+	struct kvm_rtas_token_args args;
+
+	args.token = token;
+	strncpy(args.name, func, sizeof(args.name) - 1);
+
+	return ioctl(vmfd, KVM_PPC_RTAS_DEFINE_TOKEN, &args);
+}
+
 static int kvmppc_get_one_reg(int cpufd, uint64 id, void* target)
 {
 	struct kvm_one_reg reg = {.id = id, .addr = (uintptr_t)target};
@@ -373,6 +383,13 @@ static long syz_kvm_setup_cpu(volatile long a0, volatile long a1, volatile long
 		ioctl(vmfd, KVM_ENABLE_CAP, &cap);
 	}
 
+	// Only a few of many RTAS calls are actually in the KVM and the rest
+	// are handled in QEMU, enable the KVM handling for those 4 here.
+	kvmppc_define_rtas_kernel_token(vmfd, 1, "ibm,set-xive");
+	kvmppc_define_rtas_kernel_token(vmfd, 2, "ibm,get-xive");
+	kvmppc_define_rtas_kernel_token(vmfd, 3, "ibm,int-on");
+	kvmppc_define_rtas_kernel_token(vmfd, 4, "ibm,int-off");
+
 	dump_text(host_mem, regs.pc, 8, debug_inst_opcode);
 	dump_text(host_mem, BOOK3S_INTERRUPT_DECREMENTER, 16, debug_inst_opcode);