(Cc: Richard Henderson; context: "SME" and "RME" feature discussion below.)
On Mon, Feb 17, 2025 at 06:43:01PM +0100, Eric Auger wrote: > Hi Kashyap, Hey, > > On 2/17/25 5:37 PM, Kashyap Chamarthy wrote: [...] > > Signed-off-by: Kashyap Chamarthy <kcham...@redhat.com> > > --- > > v2: address Marc Zyngier's comments: > > https://lists.gnu.org/archive/html/qemu-devel/2025-01/msg03451.html > > --- [...] > > +Live migration and PAuth > > +~~~~~~~~~~~~~~~~~~~~~~~~ > > + > > +The level of PAuth support depends on which Arm architecture a given CPU > > +supports (e.g. Armv8.3 vs. Armv8.6). This gradation in PAuth support > > +has implications for live migration. For example, to be able to > > +live-migrate from host-A (with Armv8.3) to host-B (with Arm v8.6): > > + > > + - the source and destination hosts must "agree" on (a) the PAC > > + signature algorithm, and (b) all the sub-features of PAuth; or > > + > > + - the alternative (and less desirable) option is to turn off PAuth > > + off on both source and destination — this is generally not > > + recommended, as PAuth is a security feature. > > + > > +TCG > > +--- > > > > -TCG vCPU features are CPU features that are specific to TCG. > > -Below is the list of TCG vCPU features and their descriptions. > > The resulting header layout seems weird to me. > Initially we had at top level (assuming ===): > > KVM vCPU Features > TCG vCPU Features > SVE CPU Properties > SME CPU Properties > RME CPU Properties > > and now > > TCG vCPU Features has somehow disappeared giving the impression that > there are none. I did think about it :) That's why I wrote this in the cover-letter; not sure if you noticed it: I replaced the "TCG vCPU Features" heading with "PAuth" because of this: before this change, the section says, it is about "CPU features that are specific to TCG". But it has only PAuth-related parameters under it. Since PAuth is relevant to both KVM and TCG, I moved them under a separate PAuth section, instead of duplicating it. But now we have a small inconsistency - there's a KVM-only CPU features section, but no TCG-only section. I thought when there are more TCG-only CPU features, that section can be added back in. Or I can add that back in, if anyone feels strongly about it. > SME and RME and TCG only if am not wrong while PAUTH and SVE are both > KVM and TCG I didn't know that. I read the docs a bit more closer about SME, RME, and SVE, and did some quick `git-annotate` analysis: - "SME is not supported by KVM at this time" — this was added in commit e74c097638 (target/arm: Add cpu properties for SME, 2022-06-20). If it is still accurate, then yes, SME looks to be TCG-only. - "The status of RME support with QEMU is experimental" — this was added in commit 57223a4c24 (docs/system/arm: Document FEAT_RME, 2023-06-22). The phrase "with QEMU" doesn't quite decisively tell me whether it is experimental for TCG-only, or if it also applies for KVM. Maybe Richard (in Cc) can tell us more. - SVE seems to be for both KVM and TCG, as the section "SVE CPU Property Dependencies and Constraints" talks about KVM. - PAuth is both KVM and TCG. > Maybe we shall > - rename KVM vCPU Features -> KVM only vCPU Features > - Add a TCG only vCPU features including both SME and RME ones > - introduce a top level KVM and TCG vCPU features with below: > PAUTH, SVE, detailing potential different semantic for both KVM and TCG mode Yeah, it can be done. Would you be okay if I do it as a follow-up? As this a re-work of the entire doc with several features. > Also while we are at it, we may use vCPU everywhere instead of CPU (SVE > CPU Properties) and just skip CPU if it lays within the KVM and TCG vCPU > Features Yes, make sense. [...] -- /kashyap
