qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
From: Kashyap Chamarthy <kchamart@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Ninad Palsule" <ninad@linux.ibm.com>,
	sebott@redhat.com, maz@kernel.org,
	"Andrew Jeffery" <andrew@codeconstruct.com.au>,
	"Alistair Francis" <alistair@alistair23.me>,
	"Edgar E. Iglesias" <edgar.iglesias@gmail.com>,
	"Tyrone Ting" <kfting@nuvoton.com>,
	"Hao Wu" <wuhaotsh@google.com>,
	"Zhenzhong Duan" <zhenzhong.duan@intel.com>,
	"Alex Bennée" <alex.bennee@linaro.org>,
	"Peter Maydell" <peter.maydell@linaro.org>,
	"Cédric Le Goater" <clg@kaod.org>,
	"Steven Lee" <steven_lee@aspeedtech.com>,
	"Troy Lee" <leetroy@gmail.com>, "Joel Stanley" <joel@jms.id.au>,
	"Eric Auger" <eric.auger@redhat.com>,
	"Jamin Lin" <jamin_lin@aspeedtech.com>,
	"Yi Liu" <yi.l.liu@intel.com>,
	qemu-arm@nongnu.org, "Alexandre Iooss" <erdnaxe@crans.org>,
	"Kashyap Chamarthy" <kchamart@redhat.com>
Subject: [PATCH v2 2/3] docs/cpu-features: Update "PAuth" (Pointer Authentication) details
Date: Mon, 17 Feb 2025 22:07:28 +0530	[thread overview]
Message-ID: <20250217163732.3718617-3-kchamart@redhat.com> (raw)
In-Reply-To: <20250217163732.3718617-1-kchamart@redhat.com>

PAuth (Pointer Authentication), a security feature in software, is
relevant for both KVM and QEMU.  Relect this fact into the docs:

  - For KVM, `pauth` is a binary, "on" vs "off" option.  The host CPU
    will choose the cryptographic algorithm.

  - For TCG, however, along with `pauth`, a couple of properties can be
    controlled -- they're are related to cryptographic algorithm choice.

Thanks to Peter Maydell and Marc Zyngier for explaining more about PAuth
on IRC (#qemu, OFTC).

Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
---
v2: address Marc Zyngier's comments:
    https://lists.gnu.org/archive/html/qemu-devel/2025-01/msg03451.html
---
 docs/system/arm/cpu-features.rst | 46 +++++++++++++++++++++++++++++---
 1 file changed, 42 insertions(+), 4 deletions(-)

diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst
index a596316384..94d260b573 100644
--- a/docs/system/arm/cpu-features.rst
+++ b/docs/system/arm/cpu-features.rst
@@ -204,11 +204,49 @@ the list of KVM vCPU features and their descriptions.
   the guest scheduler behavior and/or be exposed to the guest
   userspace.
 
-TCG vCPU Features
-=================
+"PAuth" (Pointer Authentication)
+================================
+
+PAuth (Pointer Authentication) is a security feature in software that
+was introduced in Armv8.3-A.  It aims to protect against ROP
+(return-oriented programming) attacks.
+
+KVM
+---
+
+``pauth``
+
+  Enable or disable ``FEAT_Pauth``.  No other properties can be
+  controlled.
+
+  The host CPU will define the PAC (pointer authentication
+  code) cryptographic algorithm.
+
+  There are different "levels" of PAuth support.  The host CPU
+  definition will define that level (e.g. PAuth, EPAC, PAuth2, FPAC,
+  FPACCOMBINE, etc).  Refer to the Arm architecture extension documents
+  for details about the description of these features.
+
+Live migration and PAuth
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+The level of PAuth support depends on which Arm architecture a given CPU
+supports (e.g. Armv8.3 vs. Armv8.6).  This gradation in PAuth support
+has implications for live migration.  For example, to be able to
+live-migrate from host-A (with Armv8.3) to host-B (with Arm v8.6):
+
+  - the source and destination hosts must "agree" on (a) the PAC
+    signature algorithm, and (b) all the sub-features of PAuth; or
+
+  - the alternative (and less desirable) option is to turn off PAuth
+    off on both source and destination — this is generally not
+    recommended, as PAuth is a security feature.
+
+TCG
+---
 
-TCG vCPU features are CPU features that are specific to TCG.
-Below is the list of TCG vCPU features and their descriptions.
+For TCG, along with ``pauth``, it is possible to control a few other
+properties of PAuth:
 
 ``pauth``
   Enable or disable ``FEAT_Pauth`` entirely.
-- 
2.48.1



  parent reply	other threads:[~2025-02-17 16:38 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-02-17 16:37 [PATCH v2 0/3] docs: Small changes to system/arm/cpu-features and more Kashyap Chamarthy
2025-02-17 16:37 ` [PATCH v2 1/3] docs/cpu-features: Consistently use vCPU instead of VCPU Kashyap Chamarthy
2025-02-17 16:42   ` Peter Maydell
2025-02-17 17:45   ` Eric Auger
2025-02-17 16:37 ` Kashyap Chamarthy [this message]
2025-02-17 17:43   ` [PATCH v2 2/3] docs/cpu-features: Update "PAuth" (Pointer Authentication) details Eric Auger
2025-02-18 11:28     ` Kashyap Chamarthy
2025-02-18 11:34       ` Peter Maydell
2025-02-18 11:42         ` Eric Auger
2025-02-18 12:02         ` Kashyap Chamarthy
2025-02-17 16:37 ` [PATCH v2 3/3] docs: Fix "Arm" capitalization Kashyap Chamarthy
2025-02-17 16:44   ` Peter Maydell
2025-02-17 17:44   ` Eric Auger
  -- strict thread matches above, loose matches on Subject: below --
2025-02-13 13:50 [PATCH v2 0/3] docs: Small changes to system/arm/cpu-features and more Kashyap Chamarthy
2025-02-13 13:50 ` [PATCH v2 2/3] docs/cpu-features: Update "PAuth" (Pointer Authentication) details Kashyap Chamarthy
2025-02-13 21:17   ` Alex Bennée

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250217163732.3718617-3-kchamart@redhat.com \
    --to=kchamart@redhat.com \
    --cc=alex.bennee@linaro.org \
    --cc=alistair@alistair23.me \
    --cc=andrew@codeconstruct.com.au \
    --cc=clg@kaod.org \
    --cc=edgar.iglesias@gmail.com \
    --cc=erdnaxe@crans.org \
    --cc=eric.auger@redhat.com \
    --cc=jamin_lin@aspeedtech.com \
    --cc=joel@jms.id.au \
    --cc=kfting@nuvoton.com \
    --cc=leetroy@gmail.com \
    --cc=maz@kernel.org \
    --cc=ninad@linux.ibm.com \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-arm@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    --cc=sebott@redhat.com \
    --cc=steven_lee@aspeedtech.com \
    --cc=wuhaotsh@google.com \
    --cc=yi.l.liu@intel.com \
    --cc=zhenzhong.duan@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).