From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PULL 02/33] target/arm: Add cpu properties to control pauth
Date: Tue, 19 Jan 2021 15:10:33 +0000 [thread overview]
Message-ID: <20210119151104.16264-3-peter.maydell@linaro.org> (raw)
In-Reply-To: <20210119151104.16264-1-peter.maydell@linaro.org>
From: Richard Henderson <richard.henderson@linaro.org>
The crypto overhead of emulating pauth can be significant for
some workloads. Add two boolean properties that allows the
feature to be turned off, on with the architected algorithm,
or on with an implementation defined algorithm.
We need two intermediate booleans to control the state while
parsing properties lest we clobber ID_AA64ISAR1 into an invalid
intermediate state.
Tested-by: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210111235740.462469-3-richard.henderson@linaro.org
[PMM: fixed docs typo, tweaked text to clarify that the impdef
algorithm is specific to QEMU]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
docs/system/arm/cpu-features.rst | 21 +++++++++++++++++
target/arm/cpu.h | 10 ++++++++
target/arm/cpu.c | 13 +++++++++++
target/arm/cpu64.c | 40 ++++++++++++++++++++++++++++----
target/arm/monitor.c | 1 +
tests/qtest/arm-cpu-features.c | 13 +++++++++++
6 files changed, 94 insertions(+), 4 deletions(-)
diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst
index 35196a6b759..c455442eaf5 100644
--- a/docs/system/arm/cpu-features.rst
+++ b/docs/system/arm/cpu-features.rst
@@ -211,6 +211,27 @@ the list of KVM VCPU features and their descriptions.
influence the guest scheduler behavior and/or be
exposed to the guest userspace.
+TCG VCPU Features
+=================
+
+TCG VCPU features are CPU features that are specific to TCG.
+Below is the list of TCG VCPU features and their descriptions.
+
+ pauth Enable or disable `FEAT_Pauth`, pointer
+ authentication. By default, the feature is
+ enabled with `-cpu max`.
+
+ pauth-impdef When `FEAT_Pauth` is enabled, either the
+ *impdef* (Implementation Defined) algorithm
+ is enabled or the *architected* QARMA algorithm
+ is enabled. By default the impdef algorithm
+ is disabled, and QARMA is enabled.
+
+ The architected QARMA algorithm has good
+ cryptographic properties, but can be quite slow
+ to emulate. The impdef algorithm used by QEMU
+ is non-cryptographic but significantly faster.
+
SVE CPU Properties
==================
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 84784070a74..f58aada4104 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -197,9 +197,11 @@ typedef struct {
#ifdef TARGET_AARCH64
# define ARM_MAX_VQ 16
void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp);
+void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp);
#else
# define ARM_MAX_VQ 1
static inline void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp) { }
+static inline void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp) { }
#endif
typedef struct ARMVectorReg {
@@ -947,6 +949,14 @@ struct ARMCPU {
uint64_t reset_cbar;
uint32_t reset_auxcr;
bool reset_hivecs;
+
+ /*
+ * Intermediate values used during property parsing.
+ * Once finalized, the values should be read from ID_AA64ISAR1.
+ */
+ bool prop_pauth;
+ bool prop_pauth_impdef;
+
/* DCZ blocksize, in log_2(words), ie low 4 bits of DCZID_EL0 */
uint32_t dcz_blocksize;
uint64_t rvbar;
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 8387e94b944..be18df5464d 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -1320,6 +1320,19 @@ void arm_cpu_finalize_features(ARMCPU *cpu, Error **errp)
error_propagate(errp, local_err);
return;
}
+
+ /*
+ * KVM does not support modifications to this feature.
+ * We have not registered the cpu properties when KVM
+ * is in use, so the user will not be able to set them.
+ */
+ if (!kvm_enabled()) {
+ arm_cpu_pauth_finalize(cpu, &local_err);
+ if (local_err != NULL) {
+ error_propagate(errp, local_err);
+ return;
+ }
+ }
}
if (kvm_enabled()) {
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index da24f94baa2..fa58211f7e6 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -28,6 +28,8 @@
#include "sysemu/kvm.h"
#include "kvm_arm.h"
#include "qapi/visitor.h"
+#include "hw/qdev-properties.h"
+
#ifndef CONFIG_USER_ONLY
static uint64_t a57_a53_l2ctlr_read(CPUARMState *env, const ARMCPRegInfo *ri)
@@ -572,6 +574,36 @@ void aarch64_add_sve_properties(Object *obj)
}
}
+void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp)
+{
+ int arch_val = 0, impdef_val = 0;
+ uint64_t t;
+
+ /* TODO: Handle HaveEnhancedPAC, HaveEnhancedPAC2, HaveFPAC. */
+ if (cpu->prop_pauth) {
+ if (cpu->prop_pauth_impdef) {
+ impdef_val = 1;
+ } else {
+ arch_val = 1;
+ }
+ } else if (cpu->prop_pauth_impdef) {
+ error_setg(errp, "cannot enable pauth-impdef without pauth");
+ error_append_hint(errp, "Add pauth=on to the CPU property list.\n");
+ }
+
+ t = cpu->isar.id_aa64isar1;
+ t = FIELD_DP64(t, ID_AA64ISAR1, APA, arch_val);
+ t = FIELD_DP64(t, ID_AA64ISAR1, GPA, arch_val);
+ t = FIELD_DP64(t, ID_AA64ISAR1, API, impdef_val);
+ t = FIELD_DP64(t, ID_AA64ISAR1, GPI, impdef_val);
+ cpu->isar.id_aa64isar1 = t;
+}
+
+static Property arm_cpu_pauth_property =
+ DEFINE_PROP_BOOL("pauth", ARMCPU, prop_pauth, true);
+static Property arm_cpu_pauth_impdef_property =
+ DEFINE_PROP_BOOL("pauth-impdef", ARMCPU, prop_pauth_impdef, false);
+
/* -cpu max: if KVM is enabled, like -cpu host (best possible with this host);
* otherwise, a CPU with as many features enabled as our emulation supports.
* The version of '-cpu max' for qemu-system-arm is defined in cpu.c;
@@ -627,10 +659,6 @@ static void aarch64_max_initfn(Object *obj)
t = FIELD_DP64(t, ID_AA64ISAR1, DPB, 2);
t = FIELD_DP64(t, ID_AA64ISAR1, JSCVT, 1);
t = FIELD_DP64(t, ID_AA64ISAR1, FCMA, 1);
- t = FIELD_DP64(t, ID_AA64ISAR1, APA, 1); /* PAuth, architected only */
- t = FIELD_DP64(t, ID_AA64ISAR1, API, 0);
- t = FIELD_DP64(t, ID_AA64ISAR1, GPA, 1);
- t = FIELD_DP64(t, ID_AA64ISAR1, GPI, 0);
t = FIELD_DP64(t, ID_AA64ISAR1, SB, 1);
t = FIELD_DP64(t, ID_AA64ISAR1, SPECRES, 1);
t = FIELD_DP64(t, ID_AA64ISAR1, FRINTTS, 1);
@@ -721,6 +749,10 @@ static void aarch64_max_initfn(Object *obj)
cpu->ctr = 0x80038003; /* 32 byte I and D cacheline size, VIPT icache */
cpu->dcz_blocksize = 7; /* 512 bytes */
#endif
+
+ /* Default to PAUTH on, with the architected algorithm. */
+ qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_property);
+ qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_impdef_property);
}
aarch64_add_sve_properties(obj);
diff --git a/target/arm/monitor.c b/target/arm/monitor.c
index 198b14e95e2..80c64fa3556 100644
--- a/target/arm/monitor.c
+++ b/target/arm/monitor.c
@@ -95,6 +95,7 @@ static const char *cpu_model_advertised_features[] = {
"sve640", "sve768", "sve896", "sve1024", "sve1152", "sve1280",
"sve1408", "sve1536", "sve1664", "sve1792", "sve1920", "sve2048",
"kvm-no-adjvtime", "kvm-steal-time",
+ "pauth", "pauth-impdef",
NULL
};
diff --git a/tests/qtest/arm-cpu-features.c b/tests/qtest/arm-cpu-features.c
index bc681a95d52..8252b85bb85 100644
--- a/tests/qtest/arm-cpu-features.c
+++ b/tests/qtest/arm-cpu-features.c
@@ -427,6 +427,18 @@ static void sve_tests_sve_off_kvm(const void *data)
qtest_quit(qts);
}
+static void pauth_tests_default(QTestState *qts, const char *cpu_type)
+{
+ assert_has_feature_enabled(qts, cpu_type, "pauth");
+ assert_has_feature_disabled(qts, cpu_type, "pauth-impdef");
+ assert_set_feature(qts, cpu_type, "pauth", false);
+ assert_set_feature(qts, cpu_type, "pauth", true);
+ assert_set_feature(qts, cpu_type, "pauth-impdef", true);
+ assert_set_feature(qts, cpu_type, "pauth-impdef", false);
+ assert_error(qts, cpu_type, "cannot enable pauth-impdef without pauth",
+ "{ 'pauth': false, 'pauth-impdef': true }");
+}
+
static void test_query_cpu_model_expansion(const void *data)
{
QTestState *qts;
@@ -462,6 +474,7 @@ static void test_query_cpu_model_expansion(const void *data)
assert_has_feature_enabled(qts, "cortex-a57", "aarch64");
sve_tests_default(qts, "max");
+ pauth_tests_default(qts, "max");
/* Test that features that depend on KVM generate errors without. */
assert_error(qts, "max",
--
2.20.1
next prev parent reply other threads:[~2021-01-19 15:21 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-19 15:10 [PULL 00/33] target-arm queue Peter Maydell
2021-01-19 15:10 ` [PULL 01/33] target/arm: Implement an IMPDEF pauth algorithm Peter Maydell
2021-01-19 15:10 ` Peter Maydell [this message]
2021-01-19 15:10 ` [PULL 03/33] target/arm: Use object_property_add_bool for "sve" property Peter Maydell
2021-01-19 15:10 ` [PULL 04/33] target/arm: remove redundant tests Peter Maydell
2021-01-19 15:10 ` [PULL 05/33] target/arm: add arm_is_el2_enabled() helper Peter Maydell
2021-01-19 15:10 ` [PULL 06/33] target/arm: use arm_is_el2_enabled() where applicable Peter Maydell
2021-01-19 15:10 ` [PULL 07/33] target/arm: use arm_hcr_el2_eff() " Peter Maydell
2021-01-19 15:10 ` [PULL 08/33] target/arm: factor MDCR_EL2 common handling Peter Maydell
2021-01-19 15:10 ` [PULL 09/33] target/arm: Define isar_feature function to test for presence of SEL2 Peter Maydell
2021-01-19 15:10 ` [PULL 10/33] target/arm: add 64-bit S-EL2 to EL exception table Peter Maydell
2021-01-19 15:10 ` [PULL 11/33] target/arm: add MMU stage 1 for Secure EL2 Peter Maydell
2021-01-19 15:10 ` [PULL 12/33] target/arm: add ARMv8.4-SEL2 system registers Peter Maydell
2021-01-19 15:10 ` [PULL 13/33] target/arm: handle VMID change in secure state Peter Maydell
2021-01-19 15:10 ` [PULL 14/33] target/arm: do S1_ptw_translate() before address space lookup Peter Maydell
2021-01-19 15:10 ` [PULL 15/33] target/arm: translate NS bit in page-walks Peter Maydell
2021-01-19 15:10 ` [PULL 16/33] target/arm: generalize 2-stage page-walk condition Peter Maydell
2021-01-19 15:10 ` [PULL 17/33] target/arm: secure stage 2 translation regime Peter Maydell
2021-01-19 15:10 ` [PULL 18/33] target/arm: set HPFAR_EL2.NS on secure stage 2 faults Peter Maydell
2021-01-19 15:10 ` [PULL 19/33] target/arm: revector to run-time pick target EL Peter Maydell
2021-01-19 15:10 ` [PULL 20/33] target/arm: Implement SCR_EL2.EEL2 Peter Maydell
2021-01-19 15:10 ` [PULL 21/33] target/arm: enable Secure EL2 in max CPU Peter Maydell
2021-01-19 15:10 ` [PULL 22/33] target/arm: refactor vae1_tlbmask() Peter Maydell
2021-01-19 15:10 ` [PULL 23/33] target/arm: Introduce PREDDESC field definitions Peter Maydell
2021-01-19 15:10 ` [PULL 24/33] target/arm: Update PFIRST, PNEXT for pred_desc Peter Maydell
2021-01-19 15:10 ` [PULL 25/33] target/arm: Update ZIP, UZP, TRN " Peter Maydell
2021-01-19 15:10 ` [PULL 26/33] target/arm: Update REV, PUNPK " Peter Maydell
2021-01-19 15:10 ` [PULL 27/33] hw/misc/pvpanic: split-out generic and bus dependent code Peter Maydell
2021-01-19 15:10 ` [PULL 28/33] hw/misc/pvpanic: add PCI interface support Peter Maydell
2021-01-19 15:11 ` [PULL 29/33] pvpanic : update pvpanic spec document Peter Maydell
2021-01-19 15:11 ` [PULL 30/33] tests/qtest: add a test case for pvpanic-pci Peter Maydell
2021-01-19 15:11 ` [PULL 31/33] npcm7xx_adc-test: Fix memleak in adc_qom_set Peter Maydell
2021-01-19 15:11 ` [PULL 32/33] target/arm/m_helper: Silence GCC 10 maybe-uninitialized error Peter Maydell
2021-01-19 15:11 ` [PULL 33/33] docs: Build and install all the docs in a single manual Peter Maydell
2021-01-19 16:00 ` [PULL 00/33] target-arm queue no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210119151104.16264-3-peter.maydell@linaro.org \
--to=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.