diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst index d69ebc2b85..37d5dfd15b 100644 --- a/docs/system/arm/cpu-features.rst +++ b/docs/system/arm/cpu-features.rst @@ -223,7 +223,7 @@ Below is the list of TCG VCPU features and their descriptions. When ``pauth`` is enabled, select the architected QARMA5 algorithm. Without ``pauth-impdef``, ``pauth-qarma3`` or ``pauth-qarma5`` enabled, -the architected QARMA5 algorithm is used. The architected QARMA5 +the QEMU impdef algorithm is used. The architected QARMA5 and QARMA3 algorithms have good cryptographic properties, but can be quite slow to emulate. The impdef algorithm used by QEMU is non-cryptographic but significantly faster. diff --git a/docs/system/introduction.rst b/docs/system/introduction.rst index 746707eb00..338d3745c3 100644 --- a/docs/system/introduction.rst +++ b/docs/system/introduction.rst @@ -169,7 +169,7 @@ would default to it anyway. .. code:: - -cpu max,pauth-impdef=on \ + -cpu max \ -smp 4 \ -accel tcg \ diff --git a/hw/core/machine.c b/hw/core/machine.c index c949af9766..c23b399496 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -36,7 +36,9 @@ #include "hw/virtio/virtio-iommu.h" #include "audio/audio.h" -GlobalProperty hw_compat_9_2[] = {}; +GlobalProperty hw_compat_9_2[] = { + {"arm-cpu", "backcompat-pauth-default-use-qarma5", "true"}, +}; const size_t hw_compat_9_2_len = G_N_ELEMENTS(hw_compat_9_2); GlobalProperty hw_compat_9_1[] = { diff --git a/target/arm/cpu.c b/target/arm/cpu.c index dcedadc89e..dc0231233a 100644 --- a/target/arm/cpu.c +++ b/target/arm/cpu.c @@ -2653,6 +2653,8 @@ static const Property arm_cpu_properties[] = { DEFINE_PROP_INT32("core-count", ARMCPU, core_count, -1), /* True to default to the backward-compat old CNTFRQ rather than 1Ghz */ DEFINE_PROP_BOOL("backcompat-cntfrq", ARMCPU, backcompat_cntfrq, false), + DEFINE_PROP_BOOL("backcompat-pauth-default-use-qarma5", ARMCPU, + backcompat_pauth_default_use_qarma5, false), }; static const gchar *arm_gdb_arch_name(CPUState *cs) diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 01d9ff1781..9a6e8e589c 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -972,6 +972,9 @@ struct ArchCPU { /* QOM property to indicate we should use the back-compat CNTFRQ default */ bool backcompat_cntfrq; + /* QOM property to indicate we should use the back-compat QARMA5 default */ + bool backcompat_pauth_default_use_qarma5; + /* Specify the number of cores in this CPU cluster. Used for the L2CTLR * register. */ diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index 6ee0af6912..8188ede5cc 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -529,15 +529,25 @@ void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp) return; } - if (cpu->prop_pauth_impdef) { - isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, API, features); - isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPI, 1); + bool use_default = !cpu->prop_pauth_qarma5 && + !cpu->prop_pauth_qarma3 && + !cpu->prop_pauth_impdef; + + if (cpu->prop_pauth_qarma5 || + (use_default && + cpu->backcompat_pauth_default_use_qarma5)) { + isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, APA, features); + isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPA, 1); } else if (cpu->prop_pauth_qarma3) { isar2 = FIELD_DP64(isar2, ID_AA64ISAR2, APA3, features); isar2 = FIELD_DP64(isar2, ID_AA64ISAR2, GPA3, 1); - } else { /* default is pauth-qarma5 */ - isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, APA, features); - isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPA, 1); + } else if (cpu->prop_pauth_impdef || + (use_default && + !cpu->backcompat_pauth_default_use_qarma5)) { + isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, API, features); + isar1 = FIELD_DP64(isar1, ID_AA64ISAR1, GPI, 1); + } else { + g_assert_not_reached(); } } else if (cpu->prop_pauth_impdef || cpu->prop_pauth_qarma3 ||