From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A2198C433F5 for ; Thu, 6 Jan 2022 18:30:01 +0000 (UTC) Received: from localhost ([::1]:49692 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1n5XWS-0004d7-IM for qemu-devel@archiver.kernel.org; Thu, 06 Jan 2022 13:30:00 -0500 Received: from eggs.gnu.org ([209.51.188.92]:32854) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n5XT8-0008Ii-2y for qemu-devel@nongnu.org; Thu, 06 Jan 2022 13:26:34 -0500 Received: from [2607:f8b0:4864:20::1030] (port=41507 helo=mail-pj1-x1030.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1n5XT6-00019w-5F for qemu-devel@nongnu.org; Thu, 06 Jan 2022 13:26:33 -0500 Received: by mail-pj1-x1030.google.com with SMTP id b1-20020a17090a990100b001b14bd47532so4081487pjp.0 for ; Thu, 06 Jan 2022 10:26:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=HlaWOyLJWUxC/fcMDwyvfjC8xT8OixmJxKEiGSjvP78=; b=wnYu2Su9FUNALxqI5H57lVrouxwCAxjS9z9uEp0cHC5tBU9whcr8F+OGJwvsPlpB1c k0tlBUjFz2sOB95QW9wG2x3zBrquvqrafRV4ZkIkrk7JYXTKrRFdpUU12s84soPbOmwj wusCLLM5bU/UrpBMtNmJD1pknx6bc4ytVUxW//VVKqjZP3lZ840xYsfEEsmsE66OwnFl IUKqtEDsGGC89wRoLwE972yS+Yt/8aYGHJDswJxBt+QU9oHR2O7tDplNFVyvtErZKpGc mcGyO4buYHutNvSG9+Osf1VGUVgt0ywDZGZkJxfu7y2+lpd/ETIrYa6Qhj/lGlo00rDp A8zQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=HlaWOyLJWUxC/fcMDwyvfjC8xT8OixmJxKEiGSjvP78=; b=7P48rocJs9QwEovi6nzPB6ffsz+r6nLpGzS0SOLoaCIZWY+JPf5bHQUcGywEDvkxTf G8h93qt7rYAjGjBkRY/AKHijgz4qc36j3Zkol75uGJ2rtEtBHNoiV35Ou8v6LWKYjAFw KWmzvVHZlE2IEQDca2KaQmV0UR/1MlZpvZ0DG9XB9yQEVsod3vPFRvQBWZ5x0Fwx+NCK Gly+hV73l6mp9Nj91CyCaKDipDVdvAys19LwzSvTJWZ7wvqeyWvPgbImBk1AdyZoL1G7 sY3p7OcjU0JB0jXvx0icgGCMRwvipBteZIS7Z/0Z5vzekvDVobFm6KDSfVW4CfYrYahB zs/w== X-Gm-Message-State: AOAM530azkZZbcspAq/E/pIqqi79AYq6aog8zyxq7ArjAw3rlPYiC4wU 5P95zsth6JnVhetrl6ff/uzsL9U4VnhVIQ== X-Google-Smtp-Source: ABdhPJxoQ3eVXISS6TugVeDxoCB53qQ/yNRF/WUAW9yzPhsSj1SmdwcZJEgtVSWbLiTQugXVAbFPpA== X-Received: by 2002:a17:90a:f316:: with SMTP id ca22mr11527272pjb.171.1641493590872; Thu, 06 Jan 2022 10:26:30 -0800 (PST) Received: from [192.168.1.13] (174-21-75-75.tukw.qwest.net. [174.21.75.75]) by smtp.gmail.com with ESMTPSA id 72sm3129138pfu.70.2022.01.06.10.26.30 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 06 Jan 2022 10:26:30 -0800 (PST) Subject: Re: [PATCH v2] hw/arm/virt: KVM: Enable PAuth when supported by the host To: Marc Zyngier References: <20220103180507.2190429-1-maz@kernel.org> <87czl5usvb.wl-maz@kernel.org> <3db95713-2f05-3c70-82b1-7e12c579d3e2@linaro.org> <875yqwvkm1.wl-maz@kernel.org> From: Richard Henderson Message-ID: <364fc879-4b13-cf37-53e0-628a843c7bfa@linaro.org> Date: Thu, 6 Jan 2022 10:26:29 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 MIME-Version: 1.0 In-Reply-To: <875yqwvkm1.wl-maz@kernel.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Host-Lookup-Failed: Reverse DNS lookup failed for 2607:f8b0:4864:20::1030 (failed) Received-SPF: pass client-ip=2607:f8b0:4864:20::1030; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1030.google.com X-Spam_score_int: -39 X-Spam_score: -4.0 X-Spam_bar: ---- X-Spam_report: (-4.0 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-2.691, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Andrew Jones , kvm@vger.kernel.org, qemu-devel@nongnu.org, Eric Auger , kernel-team@android.com, kvmarm@lists.cs.columbia.edu Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" On 1/6/22 9:29 AM, Marc Zyngier wrote: > On Thu, 06 Jan 2022 17:20:33 +0000, > Richard Henderson wrote: >> >> On 1/6/22 1:16 AM, Marc Zyngier wrote: >>>>> +static bool kvm_arm_pauth_supported(void) >>>>> +{ >>>>> + return (kvm_check_extension(kvm_state, KVM_CAP_ARM_PTRAUTH_ADDRESS) && >>>>> + kvm_check_extension(kvm_state, KVM_CAP_ARM_PTRAUTH_GENERIC)); >>>>> +} >>>> >>>> Do we really need to have them both set to play the game? Given that >>>> the only thing that happens is that we disable whatever host support >>>> exists, can we have "pauth enabled" mean whatever subset the host has? >>> >>> The host will always expose either both features or none, and that's >>> part of the ABI. From the bit of kernel documentation located in >>> Documentation/virt/kvm/api.rst: >>> >>> >>> 4.82 KVM_ARM_VCPU_INIT >>> ---------------------- >>> [...] >>> - KVM_ARM_VCPU_PTRAUTH_ADDRESS: Enables Address Pointer authentication >>> for arm64 only. >>> Depends on KVM_CAP_ARM_PTRAUTH_ADDRESS. >>> If KVM_CAP_ARM_PTRAUTH_ADDRESS and KVM_CAP_ARM_PTRAUTH_GENERIC are >>> both present, then both KVM_ARM_VCPU_PTRAUTH_ADDRESS and >>> KVM_ARM_VCPU_PTRAUTH_GENERIC must be requested or neither must be >>> requested. >>> >>> - KVM_ARM_VCPU_PTRAUTH_GENERIC: Enables Generic Pointer authentication >>> for arm64 only. >>> Depends on KVM_CAP_ARM_PTRAUTH_GENERIC. >>> If KVM_CAP_ARM_PTRAUTH_ADDRESS and KVM_CAP_ARM_PTRAUTH_GENERIC are >>> both present, then both KVM_ARM_VCPU_PTRAUTH_ADDRESS and >>> KVM_ARM_VCPU_PTRAUTH_GENERIC must be requested or neither must be >>> requested. >>> >>> >>> KVM will reject the initialisation if only one of the features is >>> requested, so checking and enabling both makes sense to me. >> >> Well, no, that's not what that says. It says that *if* both host >> flags are set, then both guest flags must be set or both unset. > > Indeed. But KVM never returns just one flag. It only exposes both or > none. Mm. It does beg the question of why KVM exposes multiple bits. If they must be tied, then it only serves to make the interface more complicated than necessary. We would be better served to have a single bit to control all of PAuth. r~