On Fri, Apr 12, 2019 at 08:50:35AM +0530, Amit Daniel Kachhap wrote:ok agree. This makes it clear.
This patch advertises the capability of two cpu feature called address
pointer authentication and generic pointer authentication. These
capabilities depend upon system support for pointer authentication and
VHE mode.
The current arm64 KVM partially implements pointer authentication and
support of address/generic authentication are tied together. However,
separate ABI requirements for both of them is added so that any future
isolated implementation will not require any ABI changes.
Signed-off-by: Amit Daniel Kachhap <amit.kachhap@xxxxxxx>
Cc: Mark Rutland <mark.rutland@xxxxxxx>
Cc: Marc Zyngier <marc.zyngier@xxxxxxx>
Cc: Christoffer Dall <christoffer.dall@xxxxxxx>
Cc: kvmarm@xxxxxxxxxxxxxxxxxxxxx
---
Changes since v8:
* Keep the capability check same for the 2 vcpu ptrauth features. [Dave Martin]
Documentation/virtual/kvm/api.txt | 2 ++
arch/arm64/kvm/reset.c | 5 +++++
include/uapi/linux/kvm.h | 2 ++
3 files changed, 9 insertions(+)
diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt
index 9d202f4..56021d0 100644
--- a/Documentation/virtual/kvm/api.txt
+++ b/Documentation/virtual/kvm/api.txt
@@ -2756,9 +2756,11 @@ Possible features:
- KVM_ARM_VCPU_PTRAUTH_ADDRESS: Enables Address Pointer authentication
for the CPU and supported only on arm64 architecture.
Must be requested if KVM_ARM_VCPU_PTRAUTH_GENERIC is also requested.
+ Depends on KVM_CAP_ARM_PTRAUTH_ADDRESS.
What if KVM_CAP_ARM_PTRAUTH_ADDRESS is absent and
KVM_ARM_VCPU_PTRAUTH_GENERIC is requested? By these rules, we have a
contradiction: userspace both must request and must not request
KVM_ARM_VCPU_PTRAUTH_ADDRESS.
We could qualify as follows:
Depends on KVM_CAP_ARM_PTRAUTH_ADDRESS.
Must be requested if KVM_CAP_ARM_PTRAUTH_ADDRESS is present and
KVM_ARM_VCPU_PTRAUTH_GENERIC is also requested.
I agree that single cpufeature/capability is a simple solution to implement. The bifurcation of feature was done to reflect the different ID register split up.
- KVM_ARM_VCPU_PTRAUTH_GENERIC: Enables Generic Pointer authentication
for the CPU and supported only on arm64 architecture.
Must be requested if KVM_ARM_VCPU_PTRAUTH_ADDRESS is also requested.
+ Depends on KVM_CAP_ARM_PTRAUTH_GENERIC.
Similarly.
Or, we go back to having a single cap and a single feature, and add
more caps/features later on if we decide it's possible to support
address/generic auth separately later on.
Otherwise, we end up with complex rules that can't be tested. This is a
high price to pay for forwards compatibility: userspace's conformance to
the rules can't be fully tested, so there's a fair chance it won't work
properly anyway when hardware/KVM with just one auth type appears.
[...]
Thoughts?
Cheers
---Dave