From: Marc Zyngier <maz@kernel.org>
To: Kashyap Chamarthy <kchamart@redhat.com>
Cc: qemu-devel@nongnu.org, qemu-arm@nongnu.org, sebott@redhat.com,
Peter Maydell <peter.maydell@linaro.org>
Subject: Re: [PATCH 2/2] docs/cpu-features: Update "PAuth" (Pointer Authentication) details
Date: Sat, 18 Jan 2025 10:04:37 +0000 [thread overview]
Message-ID: <87sepgtp3e.wl-maz@kernel.org> (raw)
In-Reply-To: <20250117191106.322363-3-kchamart@redhat.com>
On Fri, 17 Jan 2025 19:11:06 +0000,
Kashyap Chamarthy <kchamart@redhat.com> wrote:
>
> PAuth (Pointer Authentication), a security feature in software, is
> relevant for both KVM and QEMU. Relect this fact into the docs:
>
> - For KVM, `pauth` is a binary, "on" vs "off" option. The host CPU
> will choose the cryptographic algorithm.
>
> - For TCG, however, along with `pauth`, a couple of properties can be
> controlled -- they're are related to cryptographic algorithm choice.
>
> Thanks to Peter Maydell and Marc Zyngier for explaining more about PAuth
> on IRC (#qemu, OFTC).
>
> Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
> ---
> docs/system/arm/cpu-features.rst | 23 +++++++++++++++++++----
> 1 file changed, 19 insertions(+), 4 deletions(-)
>
> diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst
> index 78f18c87a81..7f99f7614b4 100644
> --- a/docs/system/arm/cpu-features.rst
> +++ b/docs/system/arm/cpu-features.rst
> @@ -204,11 +204,26 @@ the list of KVM vCPU features and their descriptions.
> the guest scheduler behavior and/or be exposed to the guest
> userspace.
>
> -TCG vCPU Features
> -=================
> +"PAuth" (Pointer Authentication)
> +================================
> +
> +PAuth (Pointer Authentication) is a security feature in software that
> +was introduced in Armv8.3-A and Armv9.0-A. It aims to protect against
nit: given that ARMv9.0 is congruent to ARMv8.5 and therefore has all
the ARMv8.5 features, mentioning ARMv8.3 should be enough (but I don't
feel strongly about this). I feel much strongly about the use of
capital letters, but I live in a distant past... ;-)
> +ROP (return-oriented programming) attacks.
> +
> +KVM
> +---
> +
> +``pauth``
> +
> + Enable or disable ``FEAT_Pauth``. The host silicon will choose the
> + cryptographic algorithm. No other properties can be controlled.
nit: "choose" is a an odd choice of word. The host implementation
defines, or even imposes the signature algorithm, as well as the level
of PAuth support (PAuth, EPAC, PAuth2, FPAC, FPACCOMBINE, ...), some
of which are mutually exclusive (EPAC and PAuth2 are incompatible).
Maybe it would be worth capturing some of these details, as this has a
direct influence on the ability to migrate a VM.
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
next prev parent reply other threads:[~2025-01-18 10:05 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-17 19:11 [PATCH 0/2] docs: A couple of small changes to system/arm/cpu-features Kashyap Chamarthy
2025-01-17 19:11 ` [PATCH 1/2] docs/cpu-features: Consistently use vCPU instead of VCPU Kashyap Chamarthy
2025-01-27 13:01 ` Peter Maydell
2025-01-17 19:11 ` [PATCH 2/2] docs/cpu-features: Update "PAuth" (Pointer Authentication) details Kashyap Chamarthy
2025-01-18 10:04 ` Marc Zyngier [this message]
2025-01-20 9:06 ` Kashyap Chamarthy
2025-01-27 13:06 ` Peter Maydell
2025-01-27 13:35 ` Kashyap Chamarthy
2025-01-27 14:58 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87sepgtp3e.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=kchamart@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=sebott@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.