From nobody Tue Nov 18 05:56:43 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1608157873; cv=none; d=zohomail.com; s=zohoarc; b=cYxclTEHaqNNFKxmh7Ds6uZdLlyET4eWS6BViGxv47Uj6sueuCmBoDA5xDPfB0qQekuCrQIk4K9s3kbfKzoyI3xoyU9YiB75vJBYY9fHpJtfDMGW/LSyAAym5Q1cWgyGNb1p4BJ8v5zX4OQX7d0yZH9L/oDcTXUt80x3s49PVIY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1608157873; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=SQXrzJArfxsBPVI51zc0owik3SGrciUEYy+KV9vR1So=; b=isMw2rjJapox4RtIhBOh5X+LaZTApArml2fNfiDDVsbUR0F7YyGb7HRy8qJ40H/Argj39v5cg7QoSxE0VnR0mj2S0Qo2g3KWrvgTgPLXdTvCQuF5VXGvXzQsBlYUIkt/qjTuK+fSNWwZKEpNh+YtfR36GBCTtnBLB53Dc9aJukc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1608157873701995.3757130881241; Wed, 16 Dec 2020 14:31:13 -0800 (PST) Received: from localhost ([::1]:56978 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kpf4i-0004VD-RJ for importer@patchew.org; Wed, 16 Dec 2020 17:15:12 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60106) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kpf2V-00037y-5e for qemu-devel@nongnu.org; Wed, 16 Dec 2020 17:12:55 -0500 Received: from mail-ot1-x334.google.com ([2607:f8b0:4864:20::334]:45466) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kpf2S-0006CM-Fg for qemu-devel@nongnu.org; Wed, 16 Dec 2020 17:12:54 -0500 Received: by mail-ot1-x334.google.com with SMTP id h18so24956517otq.12 for ; Wed, 16 Dec 2020 14:12:52 -0800 (PST) Received: from localhost.localdomain (fixed-187-189-51-144.totalplay.net. [187.189.51.144]) by smtp.gmail.com with ESMTPSA id z9sm758965ote.13.2020.12.16.14.12.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Dec 2020 14:12:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=SQXrzJArfxsBPVI51zc0owik3SGrciUEYy+KV9vR1So=; b=eQSwKTBVrGToUsXTp7BI9+wyC5OUKF/xT76TJD/UlijvTJcGKhNJVJKhSboyk0bEno fWrWlTrzGRh7KCRObEN+w98i3oPcf4oz0VDiK31LUZaloH5sSxEap3oQlKfO5k1T8UJH vd/IkSiQd0dTj+5lLUWlWQaqHt2GDS9T2WiqiZtcPcWCqsC1LgQJoJF5pTnfcyoGKjPu LrDcJGJH9Ewhe9eUIL9AGPWsXOoWrJRVeeCvoeexw/QvcHPLKzX69XTTF4XcEtAbt6hw 3QFDT7wyvEPktNNPso8vd0kJ3RpYT9KdBI/oXpu7gD38j8/rRHYXPR5inpHbxDpBtR4x nIcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=SQXrzJArfxsBPVI51zc0owik3SGrciUEYy+KV9vR1So=; b=akJsLhS3ncJcO1Fkpwg31vKMQW/zFKfJKvE+D3cRgCTX25H+Aw5rmyNf9h/vJlZmWa F5bYNSTXmKxxA9pZLgRJKWwh/y4nBUWxVELtc1VJQq1sC75RpXtrsiPbGaDThyb9S56h xDbW1zPd2SJ6prlXYuevzcS2GDdvkgscmtuspHnTuyrWHMFfQcafhJQuuUUlNErbPlSk Q0IGcUiLf18qaHGDg0zqyjhmCDUC5LXThy3ovzo1TN43Du7h6gviZmxnpZr7cQtG3imI 5jB4lRNlD4Zll+fAXaBhGPpz+VpmHO4fDwGTx4KcFHRoS2T/9zqal0oCc3dp/Y1Jb3zu 7vrw== X-Gm-Message-State: AOAM530swOIGRzNdfa1xay4XBMGnJWiOK2z9553OMibB/2CWqkA8h9PZ REV/bQJLQ9CXL9aCtp7fmSZVX+TsjgbL6AGU X-Google-Smtp-Source: ABdhPJydGot9FeZ5thWjUJfw+gZUZlkANpUzLQ8uzkbpUpytlIhYuPK9wXLb2en0vuvGUeu/kA2MfA== X-Received: by 2002:a9d:ece:: with SMTP id 72mr26526952otj.358.1608156770864; Wed, 16 Dec 2020 14:12:50 -0800 (PST) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v4 1/3] target/arm: Implement an IMPDEF pauth algorithm Date: Wed, 16 Dec 2020 16:12:45 -0600 Message-Id: <20201216221247.522686-2-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201216221247.522686-1-richard.henderson@linaro.org> References: <20201216221247.522686-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::334; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x334.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , peter.maydell@linaro.org, qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" Without hardware acceleration, a cryptographically strong algorithm is too expensive for pauth_computepac. Even with hardware accel, we are not currently expecting to link the linux-user binaries to any crypto libraries, and doing so would generally make the --static build fail. So choose XXH64 as a reasonably quick and decent hash. Tested-by: Mark Rutland Signed-off-by: Richard Henderson --- v2: Move the XXH64 bits to xxhash.h (ajb). Create isar_feature_aa64_pauth_arch and fixup a comment in isar_feature_aa64_pauth that no longer applies. --- include/qemu/xxhash.h | 82 +++++++++++++++++++++++++++++++++++++++ target/arm/cpu.h | 15 +++++-- target/arm/pauth_helper.c | 41 +++++++++++++++++--- 3 files changed, 129 insertions(+), 9 deletions(-) diff --git a/include/qemu/xxhash.h b/include/qemu/xxhash.h index 076f1f6054..cf45859a19 100644 --- a/include/qemu/xxhash.h +++ b/include/qemu/xxhash.h @@ -119,4 +119,86 @@ static inline uint32_t qemu_xxhash6(uint64_t ab, uint6= 4_t cd, uint32_t e, return qemu_xxhash7(ab, cd, e, f, 0); } =20 +/* + * Component parts of the XXH64 algorithm from + * https://github.com/Cyan4973/xxHash/blob/v0.8.0/xxhash.h + * + * The complete algorithm looks like + * + * i =3D 0; + * if (len >=3D 32) { + * v1 =3D seed + XXH_PRIME64_1 + XXH_PRIME64_2; + * v2 =3D seed + XXH_PRIME64_2; + * v3 =3D seed + 0; + * v4 =3D seed - XXH_PRIME64_1; + * do { + * v1 =3D XXH64_round(v1, get64bits(input + i)); + * v2 =3D XXH64_round(v2, get64bits(input + i + 8)); + * v3 =3D XXH64_round(v3, get64bits(input + i + 16)); + * v4 =3D XXH64_round(v4, get64bits(input + i + 24)); + * } while ((i +=3D 32) <=3D len); + * h64 =3D XXH64_mergerounds(v1, v2, v3, v4); + * } else { + * h64 =3D seed + XXH_PRIME64_5; + * } + * h64 +=3D len; + * + * for (; i + 8 <=3D len; i +=3D 8) { + * h64 ^=3D XXH64_round(0, get64bits(input + i)); + * h64 =3D rol64(h64, 27) * XXH_PRIME64_1 + XXH_PRIME64_4; + * } + * for (; i + 4 <=3D len; i +=3D 4) { + * h64 ^=3D get32bits(input + i) * PRIME64_1; + * h64 =3D rol64(h64, 23) * XXH_PRIME64_2 + XXH_PRIME64_3; + * } + * for (; i < len; i +=3D 1) { + * h64 ^=3D get8bits(input + i) * XXH_PRIME64_5; + * h64 =3D rol64(h64, 11) * XXH_PRIME64_1; + * } + * + * return XXH64_avalanche(h64) + * + * Exposing the pieces instead allows for simplified usage when + * the length is a known constant and the inputs are in registers. + */ +#define XXH_PRIME64_1 0x9E3779B185EBCA87ULL +#define XXH_PRIME64_2 0xC2B2AE3D27D4EB4FULL +#define XXH_PRIME64_3 0x165667B19E3779F9ULL +#define XXH_PRIME64_4 0x85EBCA77C2B2AE63ULL +#define XXH_PRIME64_5 0x27D4EB2F165667C5ULL + +static inline uint64_t XXH64_round(uint64_t acc, uint64_t input) +{ + return rol64(acc + input * XXH_PRIME64_2, 31) * XXH_PRIME64_1; +} + +static inline uint64_t XXH64_mergeround(uint64_t acc, uint64_t val) +{ + return (acc ^ XXH64_round(0, val)) * XXH_PRIME64_1 + XXH_PRIME64_4; +} + +static inline uint64_t XXH64_mergerounds(uint64_t v1, uint64_t v2, + uint64_t v3, uint64_t v4) +{ + uint64_t h64; + + h64 =3D rol64(v1, 1) + rol64(v2, 7) + rol64(v3, 12) + rol64(v4, 18); + h64 =3D XXH64_mergeround(h64, v1); + h64 =3D XXH64_mergeround(h64, v2); + h64 =3D XXH64_mergeround(h64, v3); + h64 =3D XXH64_mergeround(h64, v4); + + return h64; +} + +static inline uint64_t XXH64_avalanche(uint64_t h64) +{ + h64 ^=3D h64 >> 33; + h64 *=3D XXH_PRIME64_2; + h64 ^=3D h64 >> 29; + h64 *=3D XXH_PRIME64_3; + h64 ^=3D h64 >> 32; + return h64; +} + #endif /* QEMU_XXHASH_H */ diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 7e6c881a7e..70e9618d13 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -3852,10 +3852,8 @@ static inline bool isar_feature_aa64_fcma(const ARMI= SARegisters *id) static inline bool isar_feature_aa64_pauth(const ARMISARegisters *id) { /* - * Note that while QEMU will only implement the architected algorithm - * QARMA, and thus APA+GPA, the host cpu for kvm may use implementation - * defined algorithms, and thus API+GPI, and this predicate controls - * migration of the 128-bit keys. + * Return true if any form of pauth is enabled, as this + * predicate controls migration of the 128-bit keys. */ return (id->id_aa64isar1 & (FIELD_DP64(0, ID_AA64ISAR1, APA, 0xf) | @@ -3864,6 +3862,15 @@ static inline bool isar_feature_aa64_pauth(const ARM= ISARegisters *id) FIELD_DP64(0, ID_AA64ISAR1, GPI, 0xf))) !=3D 0; } =20 +static inline bool isar_feature_aa64_pauth_arch(const ARMISARegisters *id) +{ + /* + * Return true if pauth is enabled with the architected QARMA algorith= m. + * QEMU will always set APA+GPA to the same value. + */ + return FIELD_EX64(id->id_aa64isar1, ID_AA64ISAR1, APA) !=3D 0; +} + static inline bool isar_feature_aa64_sb(const ARMISARegisters *id) { return FIELD_EX64(id->id_aa64isar1, ID_AA64ISAR1, SB) !=3D 0; diff --git a/target/arm/pauth_helper.c b/target/arm/pauth_helper.c index 564c48faa6..226bcf6c45 100644 --- a/target/arm/pauth_helper.c +++ b/target/arm/pauth_helper.c @@ -24,6 +24,7 @@ #include "exec/cpu_ldst.h" #include "exec/helper-proto.h" #include "tcg/tcg-gvec-desc.h" +#include "qemu/xxhash.h" =20 =20 static uint64_t pac_cell_shuffle(uint64_t i) @@ -207,8 +208,8 @@ static uint64_t tweak_inv_shuffle(uint64_t i) return o; } =20 -static uint64_t pauth_computepac(uint64_t data, uint64_t modifier, - ARMPACKey key) +static uint64_t pauth_computepac_architected(uint64_t data, uint64_t modif= ier, + ARMPACKey key) { static const uint64_t RC[5] =3D { 0x0000000000000000ull, @@ -272,6 +273,36 @@ static uint64_t pauth_computepac(uint64_t data, uint64= _t modifier, return workingval; } =20 +static uint64_t pauth_computepac_impdef(uint64_t data, uint64_t modifier, + ARMPACKey key) +{ + /* + * The XXH64 algorithmm, simplified for size 32. + * See the description of the algorithm in xxhash.h. + */ + uint64_t v1 =3D QEMU_XXHASH_SEED + XXH_PRIME64_1 + XXH_PRIME64_2; + uint64_t v2 =3D QEMU_XXHASH_SEED + XXH_PRIME64_2; + uint64_t v3 =3D QEMU_XXHASH_SEED + 0; + uint64_t v4 =3D QEMU_XXHASH_SEED - XXH_PRIME64_1; + + v1 =3D XXH64_round(v1, data); + v2 =3D XXH64_round(v2, modifier); + v3 =3D XXH64_round(v3, key.lo); + v4 =3D XXH64_round(v4, key.hi); + + return XXH64_avalanche(XXH64_mergerounds(v1, v2, v3, v4)); +} + +static uint64_t pauth_computepac(CPUARMState *env, uint64_t data, + uint64_t modifier, ARMPACKey key) +{ + if (cpu_isar_feature(aa64_pauth_arch, env_archcpu(env))) { + return pauth_computepac_architected(data, modifier, key); + } else { + return pauth_computepac_impdef(data, modifier, key); + } +} + static uint64_t pauth_addpac(CPUARMState *env, uint64_t ptr, uint64_t modi= fier, ARMPACKey *key, bool data) { @@ -292,7 +323,7 @@ static uint64_t pauth_addpac(CPUARMState *env, uint64_t= ptr, uint64_t modifier, bot_bit =3D 64 - param.tsz; ext_ptr =3D deposit64(ptr, bot_bit, top_bit - bot_bit, ext); =20 - pac =3D pauth_computepac(ext_ptr, modifier, *key); + pac =3D pauth_computepac(env, ext_ptr, modifier, *key); =20 /* * Check if the ptr has good extension bits and corrupt the @@ -341,7 +372,7 @@ static uint64_t pauth_auth(CPUARMState *env, uint64_t p= tr, uint64_t modifier, uint64_t pac, orig_ptr, test; =20 orig_ptr =3D pauth_original_ptr(ptr, param); - pac =3D pauth_computepac(orig_ptr, modifier, *key); + pac =3D pauth_computepac(env, orig_ptr, modifier, *key); bot_bit =3D 64 - param.tsz; top_bit =3D 64 - 8 * param.tbi; =20 @@ -442,7 +473,7 @@ uint64_t HELPER(pacga)(CPUARMState *env, uint64_t x, ui= nt64_t y) uint64_t pac; =20 pauth_check_trap(env, arm_current_el(env), GETPC()); - pac =3D pauth_computepac(x, y, env->keys.apga); + pac =3D pauth_computepac(env, x, y, env->keys.apga); =20 return pac & 0xffffffff00000000ull; } --=20 2.25.1 From nobody Tue Nov 18 05:56:43 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1608157147; cv=none; d=zohomail.com; s=zohoarc; b=LQ57sPybkUm4fquJKI6dXg39ZFxl9mQb1qkEU05w0se5Rl4wbyoOowJAm8NLTFlj+JRCJxAwCvXJIyEp42agESmOseriddZ+ueJvDHcG84MuedNsG64lAF7StkEHzg2ddqyHDTWpHAmaJ05e5nmZhHZbUG0ITwtpxg9Q21mKPYE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1608157147; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=S71bGf+d3Q9K4n22xNAE85mdlMNKNCchTQ3JrM9w/AI=; b=B5JYJ9AG3+jjOkQH5cvOc5OPUmxIzO7ULiauPj3x92arYF4793j6kUQXVAv8OLjUxN2RIyN1NSxZHTEci8PUpiiW7Nv/DAMyYNxv2i1O1ZGskxkG9OkA8DTFPf0sOqRtmBVSuuFVtprqBk/XlJPBJfg2v+Awo276v8QZMhxIOiU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1608157147490937.571809209294; Wed, 16 Dec 2020 14:19:07 -0800 (PST) Received: from localhost ([::1]:35628 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kpf8U-0007Xr-B6 for importer@patchew.org; Wed, 16 Dec 2020 17:19:06 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60178) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kpf2c-00039A-0L for qemu-devel@nongnu.org; Wed, 16 Dec 2020 17:13:02 -0500 Received: from mail-ot1-x32e.google.com ([2607:f8b0:4864:20::32e]:38193) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kpf2T-0006Cm-VD for qemu-devel@nongnu.org; Wed, 16 Dec 2020 17:13:01 -0500 Received: by mail-ot1-x32e.google.com with SMTP id j20so20469717otq.5 for ; Wed, 16 Dec 2020 14:12:53 -0800 (PST) Received: from localhost.localdomain (fixed-187-189-51-144.totalplay.net. [187.189.51.144]) by smtp.gmail.com with ESMTPSA id z9sm758965ote.13.2020.12.16.14.12.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Dec 2020 14:12:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=S71bGf+d3Q9K4n22xNAE85mdlMNKNCchTQ3JrM9w/AI=; b=vw/7rSjE79042wlO6pSZMNHvFpRE47tcNo08ccB+HP9X+mKckKb5wi3+6996YRyusG nkJlzOlbghYb+XzBBLwhsMHwFUrI44VpfXR0CnkxeUBWBTlQb6qn7IyVqATaj6MeznOu aLQcUjRYoy0O6R2HtXFQKM5OehDSG7cb2djBU8e+uqNff7EUU2S3hmSS7EoqJOHZF803 Trm9phPP1mWjvXv831Pp9LNGUfI6K2OV5TyAK8YMdm59gmjkr3niv3HdXCEeoKfPvPl1 qNSEzsmIpwpv8FnAPPUP/0aYB31tHw3W5kOXnEcijdl7aPLeKAXknc8UW3STDE5CkuHL W9eQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=S71bGf+d3Q9K4n22xNAE85mdlMNKNCchTQ3JrM9w/AI=; b=tNyLlYIvwAjLpmF3gvC7bmkgXC1Y19cGedDxA2fqPdI59AU9PoFs5X8ia+0K+3ArJA ZvEwVmMhN1FmAv8k9faDvVqQpygTJ7W25++1gWv2q51uc0Yf/aCtB7wkBvYUrvr43zI3 4L5ExuEJuIbKRoxzt5ulSJlKkYKVbjF4hwv0c0E7k/NfVFoKofDDirxdpph8C3uJRkJW 2VSanISWIVU0zQD4GRvYwVBJAPPLKOCpzLmgMMqtqLCfHxiWXFXppxGKQh6PjrBPYuT4 PXmxa8M1RDn15m0N8qKaJdnAwTCeqz+k88kQRjuknzeM4iXrbea0G8pF7Pj+SNJujyIZ x4SQ== X-Gm-Message-State: AOAM533crOxyQvUOJG+65/YX8QE7ioGhjeTlNynCkekKlftOSOm0sldG kq8JjXmrZjfbMAOzYhIt4K/6+W1xBWR6c9u9 X-Google-Smtp-Source: ABdhPJzhGu5vdn733smX9CAphZuRTwNRoO6FdfZXgcYMDJf6sgraBPd0tA+fgsAeQtl+GeQR2OVQBQ== X-Received: by 2002:a05:6830:402c:: with SMTP id i12mr27612233ots.25.1608156772336; Wed, 16 Dec 2020 14:12:52 -0800 (PST) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v4 2/3] target/arm: Add cpu properties to control pauth Date: Wed, 16 Dec 2020 16:12:46 -0600 Message-Id: <20201216221247.522686-3-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201216221247.522686-1-richard.henderson@linaro.org> References: <20201216221247.522686-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::32e; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x32e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , peter.maydell@linaro.org, Andrew Jones , qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" The crypto overhead of emulating pauth can be significant for some workloads. Add two boolean properties that allows the feature to be turned off, on with the architected algorithm, or on with an implementation defined algorithm. We need two intermediate booleans to control the state while parsing properties lest we clobber ID_AA64ISAR1 into an invalid intermediate state. Tested-by: Mark Rutland Reviewed-by: Andrew Jones Signed-off-by: Richard Henderson --- v2: Use boolean properties instead of an enum (drjones). v3: Add tests (drjones). --- target/arm/cpu.h | 10 +++++++++ target/arm/cpu.c | 13 +++++++++++ target/arm/cpu64.c | 40 ++++++++++++++++++++++++++++++---- target/arm/monitor.c | 3 ++- tests/qtest/arm-cpu-features.c | 13 +++++++++++ 5 files changed, 74 insertions(+), 5 deletions(-) diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 70e9618d13..06f5169f45 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -197,9 +197,11 @@ typedef struct { #ifdef TARGET_AARCH64 # define ARM_MAX_VQ 16 void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp); +void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp); #else # define ARM_MAX_VQ 1 static inline void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp) { } +static inline void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp) { } #endif =20 typedef struct ARMVectorReg { @@ -947,6 +949,14 @@ struct ARMCPU { uint64_t reset_cbar; uint32_t reset_auxcr; bool reset_hivecs; + + /* + * Intermediate values used during property parsing. + * Once finalized, the values should be read from ID_AA64ISAR1. + */ + bool prop_pauth; + bool prop_pauth_impdef; + /* DCZ blocksize, in log_2(words), ie low 4 bits of DCZID_EL0 */ uint32_t dcz_blocksize; uint64_t rvbar; diff --git a/target/arm/cpu.c b/target/arm/cpu.c index d6188f6566..5c5fb16114 100644 --- a/target/arm/cpu.c +++ b/target/arm/cpu.c @@ -1321,6 +1321,19 @@ void arm_cpu_finalize_features(ARMCPU *cpu, Error **= errp) error_propagate(errp, local_err); return; } + + /* + * KVM does not support modifications to this feature. + * We have not registered the cpu properties when KVM + * is in use, so the user will not be able to set them. + */ + if (!kvm_enabled()) { + arm_cpu_pauth_finalize(cpu, &local_err); + if (local_err !=3D NULL) { + error_propagate(errp, local_err); + return; + } + } } =20 if (kvm_enabled()) { diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index 7cf9fc4bc6..d9feaa9cdb 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -28,6 +28,8 @@ #include "sysemu/kvm.h" #include "kvm_arm.h" #include "qapi/visitor.h" +#include "hw/qdev-properties.h" + =20 #ifndef CONFIG_USER_ONLY static uint64_t a57_a53_l2ctlr_read(CPUARMState *env, const ARMCPRegInfo *= ri) @@ -572,6 +574,36 @@ void aarch64_add_sve_properties(Object *obj) } } =20 +void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp) +{ + int arch_val =3D 0, impdef_val =3D 0; + uint64_t t; + + /* TODO: Handle HaveEnhancedPAC, HaveEnhancedPAC2, HaveFPAC. */ + if (cpu->prop_pauth) { + if (cpu->prop_pauth_impdef) { + impdef_val =3D 1; + } else { + arch_val =3D 1; + } + } else if (cpu->prop_pauth_impdef) { + error_setg(errp, "cannot enable pauth-impdef without pauth"); + error_append_hint(errp, "Add pauth=3Don to the CPU property list.\= n"); + } + + t =3D cpu->isar.id_aa64isar1; + t =3D FIELD_DP64(t, ID_AA64ISAR1, APA, arch_val); + t =3D FIELD_DP64(t, ID_AA64ISAR1, GPA, arch_val); + t =3D FIELD_DP64(t, ID_AA64ISAR1, API, impdef_val); + t =3D FIELD_DP64(t, ID_AA64ISAR1, GPI, impdef_val); + cpu->isar.id_aa64isar1 =3D t; +} + +static Property arm_cpu_pauth_property =3D + DEFINE_PROP_BOOL("pauth", ARMCPU, prop_pauth, true); +static Property arm_cpu_pauth_impdef_property =3D + DEFINE_PROP_BOOL("pauth-impdef", ARMCPU, prop_pauth_impdef, false); + /* -cpu max: if KVM is enabled, like -cpu host (best possible with this ho= st); * otherwise, a CPU with as many features enabled as our emulation support= s. * The version of '-cpu max' for qemu-system-arm is defined in cpu.c; @@ -627,10 +659,6 @@ static void aarch64_max_initfn(Object *obj) t =3D FIELD_DP64(t, ID_AA64ISAR1, DPB, 2); t =3D FIELD_DP64(t, ID_AA64ISAR1, JSCVT, 1); t =3D FIELD_DP64(t, ID_AA64ISAR1, FCMA, 1); - t =3D FIELD_DP64(t, ID_AA64ISAR1, APA, 1); /* PAuth, architected o= nly */ - t =3D FIELD_DP64(t, ID_AA64ISAR1, API, 0); - t =3D FIELD_DP64(t, ID_AA64ISAR1, GPA, 1); - t =3D FIELD_DP64(t, ID_AA64ISAR1, GPI, 0); t =3D FIELD_DP64(t, ID_AA64ISAR1, SB, 1); t =3D FIELD_DP64(t, ID_AA64ISAR1, SPECRES, 1); t =3D FIELD_DP64(t, ID_AA64ISAR1, FRINTTS, 1); @@ -720,6 +748,10 @@ static void aarch64_max_initfn(Object *obj) cpu->ctr =3D 0x80038003; /* 32 byte I and D cacheline size, VIPT i= cache */ cpu->dcz_blocksize =3D 7; /* 512 bytes */ #endif + + /* Default to PAUTH on, with the architected algorithm. */ + qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_property); + qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_impdef_proper= ty); } =20 aarch64_add_sve_properties(obj); diff --git a/target/arm/monitor.c b/target/arm/monitor.c index 169d8a64b6..0898be5de7 100644 --- a/target/arm/monitor.c +++ b/target/arm/monitor.c @@ -103,7 +103,8 @@ static const char *cpu_model_advertised_features[] =3D { "sve128", "sve256", "sve384", "sve512", "sve640", "sve768", "sve896", "sve1024", "sve1152", "sve1280", "sve1408", "sve1536", "sve1664", "sve1792", "sve1920", "sve2048", - "kvm-no-adjvtime", "kvm-steal-time", + "kvm-no-adjvtime", + "pauth", "pauth-impdef", NULL }; =20 diff --git a/tests/qtest/arm-cpu-features.c b/tests/qtest/arm-cpu-features.c index bc681a95d5..8252b85bb8 100644 --- a/tests/qtest/arm-cpu-features.c +++ b/tests/qtest/arm-cpu-features.c @@ -427,6 +427,18 @@ static void sve_tests_sve_off_kvm(const void *data) qtest_quit(qts); } =20 +static void pauth_tests_default(QTestState *qts, const char *cpu_type) +{ + assert_has_feature_enabled(qts, cpu_type, "pauth"); + assert_has_feature_disabled(qts, cpu_type, "pauth-impdef"); + assert_set_feature(qts, cpu_type, "pauth", false); + assert_set_feature(qts, cpu_type, "pauth", true); + assert_set_feature(qts, cpu_type, "pauth-impdef", true); + assert_set_feature(qts, cpu_type, "pauth-impdef", false); + assert_error(qts, cpu_type, "cannot enable pauth-impdef without pauth", + "{ 'pauth': false, 'pauth-impdef': true }"); +} + static void test_query_cpu_model_expansion(const void *data) { QTestState *qts; @@ -462,6 +474,7 @@ static void test_query_cpu_model_expansion(const void *= data) assert_has_feature_enabled(qts, "cortex-a57", "aarch64"); =20 sve_tests_default(qts, "max"); + pauth_tests_default(qts, "max"); =20 /* Test that features that depend on KVM generate errors without. = */ assert_error(qts, "max", --=20 2.25.1 From nobody Tue Nov 18 05:56:43 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1608157142; cv=none; d=zohomail.com; s=zohoarc; b=Dawbb1bFrHqQQdopJfHutPAgrXfLtkW6CT0XF72KU9VCdY87ygbzXWUpX6zNTeAiSo6ZsdXEPzO9Et0N7H2RkyRoi+ydyvgv8xZJ9aaz9tNhZKG490Be7e3XNlf0iDiw0OK8n2QDomi2T99hwkCbkp1aSL8vlRO0ZXVmbJ+W6wA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1608157142; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=uSqBlmmaV2nVJPAfpMvtZ9TuNPcVPPBGEyURqCr9eR8=; b=bPcQutLxar/KCPx7wkFmc54jNTtGbgg0ybRS5tG+0cnBgIpxItq5ljoB+YNHRGB49ykGnRnlurDDZTdx0OSDJNFn6T5UdSB0ekO3SB1efvThljYhRCf8WlOxGKDgPI4iXgb914x1bTf3oZgXBhNbIEyqupJEkq0HKVbeY9L0QxI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1608157142879668.5358358503124; Wed, 16 Dec 2020 14:19:02 -0800 (PST) Received: from localhost ([::1]:35254 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kpf8P-0007Oi-99 for importer@patchew.org; Wed, 16 Dec 2020 17:19:01 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60176) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kpf2c-000396-1H for qemu-devel@nongnu.org; Wed, 16 Dec 2020 17:13:03 -0500 Received: from mail-ot1-x32b.google.com ([2607:f8b0:4864:20::32b]:32823) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kpf2V-0006D6-1t for qemu-devel@nongnu.org; Wed, 16 Dec 2020 17:13:00 -0500 Received: by mail-ot1-x32b.google.com with SMTP id b24so7452205otj.0 for ; Wed, 16 Dec 2020 14:12:54 -0800 (PST) Received: from localhost.localdomain (fixed-187-189-51-144.totalplay.net. [187.189.51.144]) by smtp.gmail.com with ESMTPSA id z9sm758965ote.13.2020.12.16.14.12.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Dec 2020 14:12:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uSqBlmmaV2nVJPAfpMvtZ9TuNPcVPPBGEyURqCr9eR8=; b=dxIOMBqKO4N9R61S6AxF8v+m7P/6y+HQXgn3JZPl3QG6O29um/a5KZ3aSQqGBfX7H6 o/UaRPzhrpF3RlDMY1REFd/GViPEt64E5KrHTNW7v7qSj/8DdH6aJxLsSic/4s4kk1HP lbEOFSEfy9+IXZMyaQ/UFCn0Y2k22oi3i+rhkXsjESL5LxB8Q4fADjI2ZupIFZ1DGzgi 4D616msUMuwLOZ9i3r6iIftqznGBLI3H3AVg/Fqm+zI/ECo8BfLBlpf3fOXEk7nq60h3 d426sKQKnGFS1PGkuKErLBeWKP1Dicy9pVjzZnua669PtO9K8WsCy8a6atphuneO+wHb 2usQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uSqBlmmaV2nVJPAfpMvtZ9TuNPcVPPBGEyURqCr9eR8=; b=fLEWUykEhSfajKe/cxorLdm0oC0huo2l0nQilq6aqazGhSvooGSmGHBHPSxO1Vs9CQ IwuhFXDaqUnueCFO1rvFi7JGRpT0OZZaIL1QqCjq031XgDLMeNY/VzUASgr4WPSSvOHq cXnodGcDeL/UWbbbWD5k0wWe+Lub/Y3mj8zW/UYTvArIZzxYLFJhvntcm/GcxQCKOWS4 XXBWyWdLekZYuJSXDTR9mYlzwXfuu5Kz7DtL5MxmAvxMM5YGsSZ8VYruemoKHN6elfBh K7y/cPVyytfeMqVlDpSfxylrRxflIRqhKCd7BQgpNwGnPQ768SaPpIeBfUeSKEkrEjPU sx1A== X-Gm-Message-State: AOAM531rwokPhjENEGN0C7SvgAX3lFJKTXjWD6O9kZSYa/VOdcGazrXe 9R2ZZ3Kg1gC4siHVKuWwhQE1xrFs6DgO3cuO X-Google-Smtp-Source: ABdhPJz0gxKFXMmX6Rdm3rwzAiRZkD0hPmy8AjGB6yDy5zo5UGeLIXR/+B7eWldv3FC5Gvx1fG8Gvg== X-Received: by 2002:a05:6830:90f:: with SMTP id v15mr26891399ott.223.1608156773666; Wed, 16 Dec 2020 14:12:53 -0800 (PST) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v4 3/3] target/arm: Use object_property_add_bool for "sve" property Date: Wed, 16 Dec 2020 16:12:47 -0600 Message-Id: <20201216221247.522686-4-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201216221247.522686-1-richard.henderson@linaro.org> References: <20201216221247.522686-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::32b; envelope-from=richard.henderson@linaro.org; helo=mail-ot1-x32b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, Andrew Jones , qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" The interface for object_property_add_bool is simpler, making the code easier to understand. Reviewed-by: Andrew Jones Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daud=C3=A9 --- target/arm/cpu64.c | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index d9feaa9cdb..8e1fad00bb 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -488,6 +488,12 @@ static void cpu_max_set_sve_max_vq(Object *obj, Visito= r *v, const char *name, cpu->sve_max_vq =3D max_vq; } =20 +/* + * Note that cpu_arm_get/set_sve_vq cannot use the simpler + * object_property_add_bool interface because they make use + * of the contents of "name" to determine which bit on which + * to operate. + */ static void cpu_arm_get_sve_vq(Object *obj, Visitor *v, const char *name, void *opaque, Error **errp) { @@ -529,26 +535,17 @@ static void cpu_arm_set_sve_vq(Object *obj, Visitor *= v, const char *name, set_bit(vq - 1, cpu->sve_vq_init); } =20 -static void cpu_arm_get_sve(Object *obj, Visitor *v, const char *name, - void *opaque, Error **errp) +static bool cpu_arm_get_sve(Object *obj, Error **errp) { ARMCPU *cpu =3D ARM_CPU(obj); - bool value =3D cpu_isar_feature(aa64_sve, cpu); - - visit_type_bool(v, name, &value, errp); + return cpu_isar_feature(aa64_sve, cpu); } =20 -static void cpu_arm_set_sve(Object *obj, Visitor *v, const char *name, - void *opaque, Error **errp) +static void cpu_arm_set_sve(Object *obj, bool value, Error **errp) { ARMCPU *cpu =3D ARM_CPU(obj); - bool value; uint64_t t; =20 - if (!visit_type_bool(v, name, &value, errp)) { - return; - } - if (value && kvm_enabled() && !kvm_arm_sve_supported()) { error_setg(errp, "'sve' feature not supported by KVM on this host"= ); return; @@ -563,8 +560,7 @@ void aarch64_add_sve_properties(Object *obj) { uint32_t vq; =20 - object_property_add(obj, "sve", "bool", cpu_arm_get_sve, - cpu_arm_set_sve, NULL, NULL); + object_property_add_bool(obj, "sve", cpu_arm_get_sve, cpu_arm_set_sve); =20 for (vq =3D 1; vq <=3D ARM_MAX_VQ; ++vq) { char name[8]; --=20 2.25.1