Skip to content

Commit

Permalink
target/arm: add new property to select pauth-qarma5
Browse files Browse the repository at this point in the history
Before changing default pauth algorithm, we need to make sure current
default one (QARMA5) can still be selected.

$ qemu-system-aarch64 -cpu max,pauth-qarma5=on ...

Signed-off-by: Pierrick Bouvier <[email protected]>
  • Loading branch information
pbo-linaro committed Dec 3, 2024
1 parent 9cb19af commit 7fff9f8
Show file tree
Hide file tree
Showing 5 changed files with 31 additions and 12 deletions.
5 changes: 4 additions & 1 deletion docs/system/arm/cpu-features.rst
Original file line number Diff line number Diff line change
Expand Up @@ -219,7 +219,10 @@ Below is the list of TCG VCPU features and their descriptions.
``pauth-qarma3``
When ``pauth`` is enabled, select the architected QARMA3 algorithm.

Without either ``pauth-impdef`` or ``pauth-qarma3`` enabled,
``pauth-qarma5``
When ``pauth`` is enabled, select the architected QARMA5 algorithm.

Without ``pauth-impdef``, ``pauth-qarma3`` or ``pauth-qarma5`` enabled,
the architected QARMA5 algorithm is used. The architected QARMA5
and QARMA3 algorithms have good cryptographic properties, but can
be quite slow to emulate. The impdef algorithm used by QEMU is
Expand Down
2 changes: 1 addition & 1 deletion target/arm/arm-qmp-cmds.c
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ static const char *cpu_model_advertised_features[] = {
"sve640", "sve768", "sve896", "sve1024", "sve1152", "sve1280",
"sve1408", "sve1536", "sve1664", "sve1792", "sve1920", "sve2048",
"kvm-no-adjvtime", "kvm-steal-time",
"pauth", "pauth-impdef", "pauth-qarma3",
"pauth", "pauth-impdef", "pauth-qarma3", "pauth-qarma5",
NULL
};

Expand Down
1 change: 1 addition & 0 deletions target/arm/cpu.h
Original file line number Diff line number Diff line change
Expand Up @@ -1062,6 +1062,7 @@ struct ArchCPU {
bool prop_pauth;
bool prop_pauth_impdef;
bool prop_pauth_qarma3;
bool prop_pauth_qarma5;
bool prop_lpa2;

/* DCZ blocksize, in log_2(words), ie low 4 bits of DCZID_EL0 */
Expand Down
20 changes: 14 additions & 6 deletions target/arm/cpu64.c
Original file line number Diff line number Diff line change
Expand Up @@ -520,9 +520,12 @@ void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp)
}

if (cpu->prop_pauth) {
if (cpu->prop_pauth_impdef && cpu->prop_pauth_qarma3) {
if ((cpu->prop_pauth_impdef && cpu->prop_pauth_qarma3) ||
(cpu->prop_pauth_impdef && cpu->prop_pauth_qarma5) ||
(cpu->prop_pauth_qarma3 && cpu->prop_pauth_qarma5)) {
error_setg(errp,
"cannot enable both pauth-impdef and pauth-qarma3");
"cannot enable pauth-impdef, pauth-qarma3 and "
"pauth-qarma5 at the same time");
return;
}

Expand All @@ -532,13 +535,15 @@ void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp)
} else if (cpu->prop_pauth_qarma3) {
isar2 = FIELD_DP64(isar2, ID_AA64ISAR2, APA3, features);
isar2 = FIELD_DP64(isar2, ID_AA64ISAR2, GPA3, 1);
} else {
} else { /* default is pauth-qarma5 */
isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, APA, features);
isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPA, 1);
}
} else if (cpu->prop_pauth_impdef || cpu->prop_pauth_qarma3) {
error_setg(errp, "cannot enable pauth-impdef or "
"pauth-qarma3 without pauth");
} else if (cpu->prop_pauth_impdef ||
cpu->prop_pauth_qarma3 ||
cpu->prop_pauth_qarma5) {
error_setg(errp, "cannot enable pauth-impdef, pauth-qarma3 or "
"pauth-qarma5 without pauth");
error_append_hint(errp, "Add pauth=on to the CPU property list.\n");
}
}
Expand All @@ -553,6 +558,8 @@ static Property arm_cpu_pauth_impdef_property =
DEFINE_PROP_BOOL("pauth-impdef", ARMCPU, prop_pauth_impdef, false);
static Property arm_cpu_pauth_qarma3_property =
DEFINE_PROP_BOOL("pauth-qarma3", ARMCPU, prop_pauth_qarma3, false);
static Property arm_cpu_pauth_qarma5_property =
DEFINE_PROP_BOOL("pauth-qarma5", ARMCPU, prop_pauth_qarma5, false);

void aarch64_add_pauth_properties(Object *obj)
{
Expand All @@ -573,6 +580,7 @@ void aarch64_add_pauth_properties(Object *obj)
} else {
qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_impdef_property);
qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_qarma3_property);
qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_qarma5_property);
}
}

Expand Down
15 changes: 11 additions & 4 deletions tests/qtest/arm-cpu-features.c
Original file line number Diff line number Diff line change
Expand Up @@ -419,21 +419,28 @@ static void pauth_tests_default(QTestState *qts, const char *cpu_type)
assert_has_feature_enabled(qts, cpu_type, "pauth");
assert_has_feature_disabled(qts, cpu_type, "pauth-impdef");
assert_has_feature_disabled(qts, cpu_type, "pauth-qarma3");
assert_has_feature_disabled(qts, cpu_type, "pauth-qarma5");
assert_set_feature(qts, cpu_type, "pauth", false);
assert_set_feature(qts, cpu_type, "pauth", true);
assert_set_feature(qts, cpu_type, "pauth-impdef", true);
assert_set_feature(qts, cpu_type, "pauth-impdef", false);
assert_set_feature(qts, cpu_type, "pauth-qarma3", true);
assert_set_feature(qts, cpu_type, "pauth-qarma3", false);
assert_set_feature(qts, cpu_type, "pauth-qarma5", true);
assert_set_feature(qts, cpu_type, "pauth-qarma5", false);
assert_error(qts, cpu_type,
"cannot enable pauth-impdef or pauth-qarma3 without pauth",
"cannot enable pauth-impdef, pauth-qarma3 or pauth-qarma5 without pauth",
"{ 'pauth': false, 'pauth-impdef': true }");
assert_error(qts, cpu_type,
"cannot enable pauth-impdef or pauth-qarma3 without pauth",
"cannot enable pauth-impdef, pauth-qarma3 or pauth-qarma5 without pauth",
"{ 'pauth': false, 'pauth-qarma3': true }");
assert_error(qts, cpu_type,
"cannot enable both pauth-impdef and pauth-qarma3",
"{ 'pauth': true, 'pauth-impdef': true, 'pauth-qarma3': true }");
"cannot enable pauth-impdef, pauth-qarma3 or pauth-qarma5 without pauth",
"{ 'pauth': false, 'pauth-qarma5': true }");
assert_error(qts, cpu_type,
"cannot enable pauth-impdef, pauth-qarma3 and pauth-qarma5 at the same time",
"{ 'pauth': true, 'pauth-impdef': true, 'pauth-qarma3': true,"
" 'pauth-qarma5': true }");
}

static void test_query_cpu_model_expansion(const void *data)
Expand Down

0 comments on commit 7fff9f8

Please sign in to comment.