From patchwork Wed Dec 4 21:12:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pierrick Bouvier X-Patchwork-Id: 847347 Delivered-To: patch@linaro.org Received: by 2002:a5d:434d:0:b0:385:e875:8a9e with SMTP id u13csp546284wrr; Wed, 4 Dec 2024 13:13:54 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCW6RixsrrA9Rdcb/Uz7nuDuMnddg5Sr6nXh26BH4upFtcu8NN1b3Qzzz/XW8bJk8zT8UpTaSQ==@linaro.org X-Google-Smtp-Source: AGHT+IG4LnZrRDm66pItNJ37F6btfNIt0MYrswaLykfazwbmvP56+KFXEDCd6WZbhqJYcrQBDcL9 X-Received: by 2002:a05:600c:4586:b0:431:559d:4103 with SMTP id 5b1f17b1804b1-434d928feaemr6773355e9.7.1733346834374; Wed, 04 Dec 2024 13:13:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1733346834; cv=none; d=google.com; s=arc-20240605; b=IYfZEKf+LyVbLWXKKFRdQPop8LiE42wkQ80fzTt0q9i5vc9ePF6Ghkru30XSYo9/Y1 vG8R1vSPZLqCcAxNtzEp/lHnxW6u4icqW3bGOzL3WdaG3m9zfnDu7u83+MrSPEc1IL+P 8Qd6WxKn8kNkcW5ar9QH+KX9/WpkrS1plFO1KQnvcwQCzqJ46NNOUIib65GtxjqoJmxI bf1kNIIn2QrItlPS1ob0Hq44lEKY2oUyMC0cp44od1orwDWiqtUkY8IDr4pztUQlTmsR IaO7ZVQ2d1oqP3J7xyMe6s0zTfHUvYpjyb/Bwld6QIH9IiZN90tonOHeadGLr7wMKpNa qEkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=Qe8Fwjt3cZmqYIi+Ypk/U57pACJEEsU9bKkurpvi7fE=; fh=YYVb3eWio+ub+JYS7PshdpCqVcFGuXbY9LdWytDHIwY=; b=B0JMcCD5KyQo5MjIvG8bDb7zgr60iBXWTG4XHa9khBr+tiq5Aa0L2RndTzXi4DyY3w fie7kcp/KOfY8a+0h6mtUPHN3bSXtRR3uk9H1wq/xD9eWfbUtiQ74ubN+1c3edEA9Xsq MrvfGOM8sh5Kay6usZInvqs8sj1YfLJNmnSaK4OX4Fs3I941+gJGVIg4TMccC+E4VF6Z aY05TfHSnDNfxOHR6kTMJPq3LOUiT7D6RktEYF787KtZZiO5b6bsTGJuRhp5XPWzLx8/ OBtGPRtFX2RIs3RFX5tjenSteM5+Q2p2dUcpAjQlcD0PJ0WwO9blwvOCIOkBQPvpd5py dHrQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="W/TsJ2W9"; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 5b1f17b1804b1-434d527facdsi14439065e9.84.2024.12.04.13.13.54 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 04 Dec 2024 13:13:54 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="W/TsJ2W9"; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tIwgA-0006Tq-R9; Wed, 04 Dec 2024 16:13:05 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tIwg2-0006O5-JH for qemu-devel@nongnu.org; Wed, 04 Dec 2024 16:12:54 -0500 Received: from mail-pf1-x434.google.com ([2607:f8b0:4864:20::434]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tIwg0-0007l8-Pk for qemu-devel@nongnu.org; Wed, 04 Dec 2024 16:12:54 -0500 Received: by mail-pf1-x434.google.com with SMTP id d2e1a72fcca58-7258cf2975fso250374b3a.0 for ; Wed, 04 Dec 2024 13:12:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1733346771; x=1733951571; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Qe8Fwjt3cZmqYIi+Ypk/U57pACJEEsU9bKkurpvi7fE=; b=W/TsJ2W9pCwBXOmRctFooKw6w7b9E4ht9tKE8fgkw9xSxO9P7we4nlxQaCO2U77qDZ /1cNVveX5W7u2Qp/Q2jbCiQQFpYwND9bvAycipsOYAT8NznrZCxQwlf8flFBcHeO4JQv clGyqGn+OX2l7wSzD/lag00qxewaUZAcN/4CRvkxFGGV/7X7fxnEl7aX6zZhAiVESMSp i8I8/LEWVcMF4PN5i7BpyK6s/n4HdGxwR91yjQCjrxsfGoQ5AlcH0XO9XYLrMOIm9bp+ exnPXGNJlo3kVCMVilthFpeb/H0dPZsGPPXR8q1ypspdZJCewnZDXdCzISvNQlrrW9u5 Vt2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733346771; x=1733951571; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Qe8Fwjt3cZmqYIi+Ypk/U57pACJEEsU9bKkurpvi7fE=; b=arJyOSil+R9IGRISj8Y9bo+wG3MttP+B/0q0RcHELrgMsuf2tFxQQbuhVKE/zdUavG cbbBvV2v0rgSaVU2e2NXMzHetpT0f3AXaLER5nnUyecWf9GJJnyQsvLixHvO8gOr6Q+O 3xnSPCGUO6C9+VzQQlbvRTWZQWlqrhLb2hXSyOZtSW2FRH3SM8WGxvDOyiUD60E0LtYz 4lUk+Zl0KZPjCb+q5TEnj4h9r8GJpjiQ18tFIdC2skJKYoqK5SzlgBgScMEiOfRe++O0 Ao41AF0OTHPeCboaS4VwP0TlRwQyKDZtul8+6CVDeuWPpq2gzjZEsRFhjWSetlJ+sCZm 8wAQ== X-Gm-Message-State: AOJu0YxpOElj3fjn3jhgG7oaLoU14eVe37HA89jJiOcYfJHVxoOmr/dA h+D/yAaKFCUYwr2g0xIeOf2+nW60Lij1mMPZDQegq6GfI0l4naIk6HyWrFCRpBG73w5G2fGZ4bS PNIQ= X-Gm-Gg: ASbGncukAB3yj9YSX7UeN7T+jajG7zDG+UGJ/43WseDOKbsBLlNl7KEANTqjX4uqA0v 1u9K5Plm7KLjSQ+H9pf1KX+lvfZPxTCv6RaXVSdQEFhX1y7gS22mYDplql0ZhDA1RNLc/hqsrah ieZY0gBIsa3UC32jQKg7mNIdCzzNcy3tfw3ofCLi2erWlV91A94e/HkROHbIcmOISWaAWhZRalo WAcFfk3sNnmUuakD63IJtUeohh50c3XAhLsx5wwmein1K9I3XdGDe8mTdFAThJa/ZIU75Mtu0lf nWQLyPUr X-Received: by 2002:a17:90b:394f:b0:2ee:4b8f:a5b1 with SMTP id 98e67ed59e1d1-2ef0126210dmr11045969a91.24.1733346766435; Wed, 04 Dec 2024 13:12:46 -0800 (PST) Received: from pc.. (216-180-64-156.dyn.novuscom.net. [216.180.64.156]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2ef270089b8sm1905830a91.14.2024.12.04.13.12.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 04 Dec 2024 13:12:45 -0800 (PST) From: Pierrick Bouvier To: qemu-devel@nongnu.org Cc: Laurent Vivier , Paolo Bonzini , alex.bennee@linaro.org, Fabiano Rosas , qemu-arm@nongnu.org, Peter Maydell , Pierrick Bouvier Subject: [PATCH 1/2] target/arm: add new property to select pauth-qarma5 Date: Wed, 4 Dec 2024 13:12:33 -0800 Message-Id: <20241204211234.3077434-2-pierrick.bouvier@linaro.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241204211234.3077434-1-pierrick.bouvier@linaro.org> References: <20241204211234.3077434-1-pierrick.bouvier@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::434; envelope-from=pierrick.bouvier@linaro.org; helo=mail-pf1-x434.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Before changing default pauth algorithm, we need to make sure current default one (QARMA5) can still be selected. $ qemu-system-aarch64 -cpu max,pauth-qarma5=on ... Signed-off-by: Pierrick Bouvier --- docs/system/arm/cpu-features.rst | 5 ++++- target/arm/cpu.h | 1 + target/arm/arm-qmp-cmds.c | 2 +- target/arm/cpu64.c | 20 ++++++++++++++------ tests/qtest/arm-cpu-features.c | 15 +++++++++++---- 5 files changed, 31 insertions(+), 12 deletions(-) diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst index a5fb929243c..d69ebc2b852 100644 --- a/docs/system/arm/cpu-features.rst +++ b/docs/system/arm/cpu-features.rst @@ -219,7 +219,10 @@ Below is the list of TCG VCPU features and their descriptions. ``pauth-qarma3`` When ``pauth`` is enabled, select the architected QARMA3 algorithm. -Without either ``pauth-impdef`` or ``pauth-qarma3`` enabled, +``pauth-qarma5`` + When ``pauth`` is enabled, select the architected QARMA5 algorithm. + +Without ``pauth-impdef``, ``pauth-qarma3`` or ``pauth-qarma5`` enabled, the architected QARMA5 algorithm is used. The architected QARMA5 and QARMA3 algorithms have good cryptographic properties, but can be quite slow to emulate. The impdef algorithm used by QEMU is diff --git a/target/arm/cpu.h b/target/arm/cpu.h index d86e641280d..b7500bebd7f 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1062,6 +1062,7 @@ struct ArchCPU { bool prop_pauth; bool prop_pauth_impdef; bool prop_pauth_qarma3; + bool prop_pauth_qarma5; bool prop_lpa2; /* DCZ blocksize, in log_2(words), ie low 4 bits of DCZID_EL0 */ diff --git a/target/arm/arm-qmp-cmds.c b/target/arm/arm-qmp-cmds.c index 3cc8cc738bb..33cea080d11 100644 --- a/target/arm/arm-qmp-cmds.c +++ b/target/arm/arm-qmp-cmds.c @@ -94,7 +94,7 @@ static const char *cpu_model_advertised_features[] = { "sve640", "sve768", "sve896", "sve1024", "sve1152", "sve1280", "sve1408", "sve1536", "sve1664", "sve1792", "sve1920", "sve2048", "kvm-no-adjvtime", "kvm-steal-time", - "pauth", "pauth-impdef", "pauth-qarma3", + "pauth", "pauth-impdef", "pauth-qarma3", "pauth-qarma5", NULL }; diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index 458d1cee012..34ef46d148f 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -520,9 +520,12 @@ void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp) } if (cpu->prop_pauth) { - if (cpu->prop_pauth_impdef && cpu->prop_pauth_qarma3) { + if ((cpu->prop_pauth_impdef && cpu->prop_pauth_qarma3) || + (cpu->prop_pauth_impdef && cpu->prop_pauth_qarma5) || + (cpu->prop_pauth_qarma3 && cpu->prop_pauth_qarma5)) { error_setg(errp, - "cannot enable both pauth-impdef and pauth-qarma3"); + "cannot enable pauth-impdef, pauth-qarma3 and " + "pauth-qarma5 at the same time"); return; } @@ -532,13 +535,15 @@ void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp) } else if (cpu->prop_pauth_qarma3) { isar2 = FIELD_DP64(isar2, ID_AA64ISAR2, APA3, features); isar2 = FIELD_DP64(isar2, ID_AA64ISAR2, GPA3, 1); - } else { + } else { /* default is pauth-qarma5 */ isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, APA, features); isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPA, 1); } - } else if (cpu->prop_pauth_impdef || cpu->prop_pauth_qarma3) { - error_setg(errp, "cannot enable pauth-impdef or " - "pauth-qarma3 without pauth"); + } else if (cpu->prop_pauth_impdef || + cpu->prop_pauth_qarma3 || + cpu->prop_pauth_qarma5) { + error_setg(errp, "cannot enable pauth-impdef, pauth-qarma3 or " + "pauth-qarma5 without pauth"); error_append_hint(errp, "Add pauth=on to the CPU property list.\n"); } } @@ -553,6 +558,8 @@ static Property arm_cpu_pauth_impdef_property = DEFINE_PROP_BOOL("pauth-impdef", ARMCPU, prop_pauth_impdef, false); static Property arm_cpu_pauth_qarma3_property = DEFINE_PROP_BOOL("pauth-qarma3", ARMCPU, prop_pauth_qarma3, false); +static Property arm_cpu_pauth_qarma5_property = + DEFINE_PROP_BOOL("pauth-qarma5", ARMCPU, prop_pauth_qarma5, false); void aarch64_add_pauth_properties(Object *obj) { @@ -573,6 +580,7 @@ void aarch64_add_pauth_properties(Object *obj) } else { qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_impdef_property); qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_qarma3_property); + qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_qarma5_property); } } diff --git a/tests/qtest/arm-cpu-features.c b/tests/qtest/arm-cpu-features.c index cfd6f773535..98d6c970ea5 100644 --- a/tests/qtest/arm-cpu-features.c +++ b/tests/qtest/arm-cpu-features.c @@ -419,21 +419,28 @@ static void pauth_tests_default(QTestState *qts, const char *cpu_type) assert_has_feature_enabled(qts, cpu_type, "pauth"); assert_has_feature_disabled(qts, cpu_type, "pauth-impdef"); assert_has_feature_disabled(qts, cpu_type, "pauth-qarma3"); + assert_has_feature_disabled(qts, cpu_type, "pauth-qarma5"); assert_set_feature(qts, cpu_type, "pauth", false); assert_set_feature(qts, cpu_type, "pauth", true); assert_set_feature(qts, cpu_type, "pauth-impdef", true); assert_set_feature(qts, cpu_type, "pauth-impdef", false); assert_set_feature(qts, cpu_type, "pauth-qarma3", true); assert_set_feature(qts, cpu_type, "pauth-qarma3", false); + assert_set_feature(qts, cpu_type, "pauth-qarma5", true); + assert_set_feature(qts, cpu_type, "pauth-qarma5", false); assert_error(qts, cpu_type, - "cannot enable pauth-impdef or pauth-qarma3 without pauth", + "cannot enable pauth-impdef, pauth-qarma3 or pauth-qarma5 without pauth", "{ 'pauth': false, 'pauth-impdef': true }"); assert_error(qts, cpu_type, - "cannot enable pauth-impdef or pauth-qarma3 without pauth", + "cannot enable pauth-impdef, pauth-qarma3 or pauth-qarma5 without pauth", "{ 'pauth': false, 'pauth-qarma3': true }"); assert_error(qts, cpu_type, - "cannot enable both pauth-impdef and pauth-qarma3", - "{ 'pauth': true, 'pauth-impdef': true, 'pauth-qarma3': true }"); + "cannot enable pauth-impdef, pauth-qarma3 or pauth-qarma5 without pauth", + "{ 'pauth': false, 'pauth-qarma5': true }"); + assert_error(qts, cpu_type, + "cannot enable pauth-impdef, pauth-qarma3 and pauth-qarma5 at the same time", + "{ 'pauth': true, 'pauth-impdef': true, 'pauth-qarma3': true," + " 'pauth-qarma5': true }"); } static void test_query_cpu_model_expansion(const void *data) From patchwork Wed Dec 4 21:12:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pierrick Bouvier X-Patchwork-Id: 847346 Delivered-To: patch@linaro.org Received: by 2002:a5d:434d:0:b0:385:e875:8a9e with SMTP id u13csp546278wrr; Wed, 4 Dec 2024 13:13:53 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWCQMOUG1PhfXMO4/gWVnMcsvuRCMMupz9sp9ywqTMYpt+6UU4nx93TvjjMC2kfs4P/W7jReQ==@linaro.org X-Google-Smtp-Source: AGHT+IFLXr8mx/9Ux/GuAuul6CK2qB3wRxqHrI+MdFS0aWuKr9RwRhhqAcpu8Z07AfwyCBU7F82q X-Received: by 2002:a5d:5f8d:0:b0:385:fb59:8358 with SMTP id ffacd0b85a97d-385fd54dddemr6831348f8f.53.1733346833622; Wed, 04 Dec 2024 13:13:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1733346833; cv=none; d=google.com; s=arc-20240605; b=eRFbTZMtIsbIliGo2BOEAdJTYchvq17IEIYrBTVHQfmWikDT8xQMahhiRwNfCwYcrB W4uL6rsMR8eLadoIjPAq+NgbuHZFiM2lr3z/tz9/+mx7VrEDx11X+9n2uRidXq8ZSiaF aFz3vMoYhJ8LwOgNppyfRs1Jx3kWndZO4vRY4BNC6B8kZtwM2tnIvE/iluWq8ma93k46 pEApl2qSc9VlgbRLiIapolB/f/bE+K2BElt28LfZa7IaIrwzAMXeEmuoUVLzhsInag1b GBq4a1s6HkDrnvS76TujuLpgt9LkEo+6QuTzxc3p5Nvm1UMf5eIDtWBfUqV1JROyGW5K B5BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=okXND1T4OJuVtkNA/GEh6VGd1mAgkVoLXbl0XLbMi40=; fh=YYVb3eWio+ub+JYS7PshdpCqVcFGuXbY9LdWytDHIwY=; b=dofO/j/tubo7QpZadSMPW2xVsYoPsB0vMz4GI8NdyxnSPKUTku1FQMLsES1EaK3u7Q 8+Rp5iTXkaB9JjREvCIKhCqBytS06OMnj1rif5n89WX5dHnYFzaRfPhWrc97UPzS7nXb 7rB0kYKRG1ksMS795YEqwD1fcY1rMas1JRKMI+JYrIQ1lN9qDs9ZsoMXDE4NOiIYnpN5 YuRz3AaXnGvGAc5S1YT13Jhz01CgqPAUkm5uNHMUMdq8OswAMjxX36+J4Vkbdzt1fuQY PayrwlGS9rj+5HOh9eAkjTz+JPtsLB0O6CbRbrfRBNOE1V4PN2fcNTOT5VGxkFvRsBBa KNSQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=r1AlSc5g; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 4fb4d7f45d1cf-5d10c294b60si3173587a12.411.2024.12.04.13.13.53 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 04 Dec 2024 13:13:53 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=r1AlSc5g; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tIwgT-0006m5-Qu; Wed, 04 Dec 2024 16:13:22 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tIwg4-0006Ts-IN for qemu-devel@nongnu.org; Wed, 04 Dec 2024 16:13:01 -0500 Received: from mail-pf1-x432.google.com ([2607:f8b0:4864:20::432]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tIwg1-0007lD-Mh for qemu-devel@nongnu.org; Wed, 04 Dec 2024 16:12:55 -0500 Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-724f74d6457so308370b3a.0 for ; Wed, 04 Dec 2024 13:12:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1733346772; x=1733951572; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=okXND1T4OJuVtkNA/GEh6VGd1mAgkVoLXbl0XLbMi40=; b=r1AlSc5gHSRDWbP7vh6LzhhPXu3ZK0xtw1oPLNRxYDMbky2iIXf39cUeIVOL01eih/ JIvAegVjGL8JLM7b81KQgntqDfyIRh7pHGY6fyrCnPpjVWxwk9jIdCC4+96S7lSYSn3I 54wniYzuDtCXuB7HsppVHPms7ptl4R/nHHQ5TYqTenkb7Zy7QjrSTXpcbAtVXk+NDK1y U+IfDhzSCm7qPAft/v6oHPIoLOCRtXgkrjULZSaJx+m/tsjT6wSTXNHQIPlIsoVMSyAA sQFV+3712UDT+nNXsPgacRJ2Hcy0I4+DvXe9RBCk6xWXZdyYR8aXZjP+FPPIzNBe9WSQ wavg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733346772; x=1733951572; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=okXND1T4OJuVtkNA/GEh6VGd1mAgkVoLXbl0XLbMi40=; b=gVv44awxanX6IjgaNyersMF3GrL9p71GMKCSV48omyWs4QE0q96PCVloOb96nax1f5 EQm6q6b8uNwv7Qy/VkqDQhRSG3pnkxYibYJ7Ok5kBFzghX2lP7KHEC8Z8yBrtzoOjaJN vu8+9DefQH3DjEw0omTU9jKTgLql8zVBurt/S24g+s06Nz4c/kyMX+SOI193lRdFm6ap uWakOWhv7noCvnZvCnUcKVC9mnUglG8WidtiiSt1FJLTNUTo8N0LwidHzR9IQr3e9ACH 2s9gXr5P1Zug2RbrUPj0FjaLtTKPBcmZdvMZXRi9KZqDYCHGN7FHSJ/RdyJ6qJtgTR+g LwGQ== X-Gm-Message-State: AOJu0YwO+66lbSGEqqXm+QhI5pl9xwEOeJwiNzXhO+3YbMpluJ9NXpg1 l1/+QV3UKYFW8ARcLqeAIM4vpu5rSgpupMb6faboL3Rb2+kNrxwOxpEh9UKRs+lkMWnZgiXBnT+ 5Zj4= X-Gm-Gg: ASbGncsdAsXauhgAQEaSiLkPsIlEgbP4kDOCro+YZ85VyjJfcmrtf2cpeJf57ZDb0hF zcbJV+E8JAPUj7WqGDNJ8QSCkw2PdPABEnYyqV3FSR8KuLPxsjZ1QawZKWHKEOHlXp6XbLVmDFa w/gUQwT31xZM3pjDqDqQLRN7eEc0ENrvU1V+A5EyXITGleo7G+xpFahPKrmYIHeA66Ba3RmBKR8 JLy3DEtFVnsi9/BEdqm7WwrWALs26PS1BwDNxyuBdFKGyw8t4/4tD5fxo2CPW4/UkZqjvnwuoto G/wAP/2F X-Received: by 2002:a17:90b:3b4f:b0:2ee:d63f:d77 with SMTP id 98e67ed59e1d1-2ef011fb85bmr11125389a91.9.1733346767525; Wed, 04 Dec 2024 13:12:47 -0800 (PST) Received: from pc.. (216-180-64-156.dyn.novuscom.net. [216.180.64.156]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2ef270089b8sm1905830a91.14.2024.12.04.13.12.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 04 Dec 2024 13:12:46 -0800 (PST) From: Pierrick Bouvier To: qemu-devel@nongnu.org Cc: Laurent Vivier , Paolo Bonzini , alex.bennee@linaro.org, Fabiano Rosas , qemu-arm@nongnu.org, Peter Maydell , Pierrick Bouvier Subject: [PATCH 2/2] target/arm: change default pauth algorithm to impdef Date: Wed, 4 Dec 2024 13:12:34 -0800 Message-Id: <20241204211234.3077434-3-pierrick.bouvier@linaro.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241204211234.3077434-1-pierrick.bouvier@linaro.org> References: <20241204211234.3077434-1-pierrick.bouvier@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::432; envelope-from=pierrick.bouvier@linaro.org; helo=mail-pf1-x432.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Pointer authentication on aarch64 is pretty expensive (up to 50% of execution time) when running a virtual machine with tcg and -cpu max (which enables pauth=on). The advice is always: use pauth-impdef=on. Our documentation even mentions it "by default" in docs/system/introduction.rst. Thus, we change the default to use impdef by default. This does not affect kvm or hvf acceleration, since pauth algorithm used is the one from host cpu. This change is retro compatible, in terms of cli, with previous versions, as the semantic of using -cpu max,pauth-impdef=on, and -cpu max,pauth-qarma3=on is preserved. The new option introduced in previous patch and matching old default is -cpu max,pauth-qarma5=on. Signed-off-by: Pierrick Bouvier --- docs/system/arm/cpu-features.rst | 2 +- docs/system/introduction.rst | 2 +- target/arm/cpu64.c | 12 ++++++------ 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst index d69ebc2b852..37d5dfd15b3 100644 --- a/docs/system/arm/cpu-features.rst +++ b/docs/system/arm/cpu-features.rst @@ -223,7 +223,7 @@ Below is the list of TCG VCPU features and their descriptions. When ``pauth`` is enabled, select the architected QARMA5 algorithm. Without ``pauth-impdef``, ``pauth-qarma3`` or ``pauth-qarma5`` enabled, -the architected QARMA5 algorithm is used. The architected QARMA5 +the QEMU impdef algorithm is used. The architected QARMA5 and QARMA3 algorithms have good cryptographic properties, but can be quite slow to emulate. The impdef algorithm used by QEMU is non-cryptographic but significantly faster. diff --git a/docs/system/introduction.rst b/docs/system/introduction.rst index 746707eb00e..338d3745c3c 100644 --- a/docs/system/introduction.rst +++ b/docs/system/introduction.rst @@ -169,7 +169,7 @@ would default to it anyway. .. code:: - -cpu max,pauth-impdef=on \ + -cpu max \ -smp 4 \ -accel tcg \ diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index 34ef46d148f..8b1f26a9664 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -529,15 +529,15 @@ void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp) return; } - if (cpu->prop_pauth_impdef) { - isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, API, features); - isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPI, 1); + if (cpu->prop_pauth_qarma5) { + isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, APA, features); + isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPA, 1); } else if (cpu->prop_pauth_qarma3) { isar2 = FIELD_DP64(isar2, ID_AA64ISAR2, APA3, features); isar2 = FIELD_DP64(isar2, ID_AA64ISAR2, GPA3, 1); - } else { /* default is pauth-qarma5 */ - isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, APA, features); - isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPA, 1); + } else { /* default is pauth-impdef */ + isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, API, features); + isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPI, 1); } } else if (cpu->prop_pauth_impdef || cpu->prop_pauth_qarma3 ||