boot-qemu.sh: Use implementation defined pointer authentication algor…

…ithm By default, QEMU's TCG uses the architected QARMA algorithm for pointer authentication, which is better cryptographically but extremely slow to emulate. As of QEMU 6.0.0, there is an "Implementation Defined" algorithm available, which is not cryptographic but significantly faster to run. ARCH=arm64 defconfig: Benchmark 1: QARMA Time (mean ± σ): 10.381 s ± 0.048 s [User: 8.469 s, System: 0.142 s] Range (min … max): 10.317 s … 10.478 s 50 runs Benchmark 2: Implementation Defined Time (mean ± σ): 7.051 s ± 0.015 s [User: 5.125 s, System: 0.130 s] Range (min … max): 7.014 s … 7.083 s 50 runs Summary 'Implementation Defined' ran 1.47 ± 0.01 times faster than 'QARMA' ARCH=arm64 defconfig + KASAN_SW_TAGS + the KUnit tests: Benchmark 1: QARMA Time (mean ± σ): 185.997 s ± 2.778 s [User: 184.043 s, System: 0.593 s] Range (min … max): 182.816 s … 190.463 s 10 runs Benchmark 2: Implementation Defined Time (mean ± σ): 29.618 s ± 0.301 s [User: 26.951 s, System: 0.500 s] Range (min … max): 29.185 s … 30.103 s 10 runs Summary 'Implementation Defined' ran 6.28 ± 0.11 times faster than 'QARMA' This should help avoid weird timeouts in CI, as the VMs can be quite slow. Aside from the benchmarks above, this change is visible in dmesg: [ 0.000000] CPU features: detected: Address authentication (architected QARMA5 algorithm) vs. [ 0.000000] CPU features: detected: Address authentication (IMP DEF algorithm) Link: https://lore.kernel.org/YlgVa+AP0g4IYvzN@lakrids/ Link: https://gitlab.com/qemu-project/qemu/-/blob/v7.0.0/docs/system/arm/cpu-features.rst Signed-off-by: Nathan Chancellor <nathan@kernel.org>
ClangBuiltLinux · Apr 28, 2022 · cb0698a · cb0698a
1 parent c2d25a4
commit cb0698a
Showing 1 changed file with 10 additions and 4 deletions.
diff --git a/boot-qemu.sh b/boot-qemu.sh
@@ -232,17 +232,23 @@ function setup_qemu_args() {
             KIMAGE=Image.gz
             QEMU=(qemu-system-aarch64)
             get_full_kernel_path
-            if [[ $(get_qemu_ver_code) -ge 602050 ]]; then
+            QEMU_VER_CODE=$(get_qemu_ver_code)
+            if [[ ${QEMU_VER_CODE} -ge 602050 ]]; then
                 LNX_VER_CODE=$(get_lnx_ver_code gzip -c -d "${KERNEL}")
                 # https://gitlab.com/qemu-project/qemu/-/issues/964
                 if [[ ${LNX_VER_CODE} -lt 416000 ]]; then
                     CPU=cortex-a72
-                # https://gitlab.com/qemu-project/qemu/-/commit/69b2265d5fe8e0f401d75e175e0a243a7d505e53
+                # lpa2=off: https://gitlab.com/qemu-project/qemu/-/commit/69b2265d5fe8e0f401d75e175e0a243a7d505e53
+                # pauth-impdef=true: https://lore.kernel.org/YlgVa+AP0g4IYvzN@lakrids/
                 elif [[ ${LNX_VER_CODE} -lt 512000 ]]; then
-                    CPU=max,lpa2=off
+                    CPU=max,lpa2=off,pauth-impdef=true
                 fi
             fi
-            [[ -z ${CPU} ]] && CPU=max
+            if [[ -z ${CPU} ]]; then
+                CPU=max
+                # https://lore.kernel.org/YlgVa+AP0g4IYvzN@lakrids/
+                [[ ${QEMU_VER_CODE} -ge 600000 ]] && CPU=${CPU},pauth-impdef=true
+            fi
             APPEND_STRING+="console=ttyAMA0 earlycon "
             QEMU_ARCH_ARGS=(
                 -cpu "${CPU}"