diff options
author | Richard Henderson <richard.henderson@linaro.org> | 2019-06-09 15:22:49 -0700 |
---|---|---|
committer | Peter Maydell <peter.maydell@linaro.org> | 2019-06-13 15:14:03 +0100 |
commit | d67ebada159148bfdfde84871338738e4465e985 (patch) | |
tree | 1a22c5021c3d4cee752a06149c42b6dd9f71f488 | |
parent | be1ba4d56eba5666ee03b40e286d7315862ab188 (diff) |
target/arm: Fix output of PAuth Auth
The ARM pseudocode installs the error_code into the original
pointer, not the encrypted pointer. The difference applies
within the 7 bits of pac data; the result should be the sign
extension of bit 55.
Add a testcase to that effect.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-rw-r--r-- | target/arm/pauth_helper.c | 4 | ||||
-rw-r--r-- | tests/tcg/aarch64/Makefile.target | 2 | ||||
-rw-r--r-- | tests/tcg/aarch64/pauth-2.c | 61 |
3 files changed, 64 insertions, 3 deletions
diff --git a/target/arm/pauth_helper.c b/target/arm/pauth_helper.c index 7f30ae7395..d3194f2043 100644 --- a/target/arm/pauth_helper.c +++ b/target/arm/pauth_helper.c @@ -344,9 +344,9 @@ static uint64_t pauth_auth(CPUARMState *env, uint64_t ptr, uint64_t modifier, if (unlikely(extract64(test, bot_bit, top_bit - bot_bit))) { int error_code = (keynumber << 1) | (keynumber ^ 1); if (param.tbi) { - return deposit64(ptr, 53, 2, error_code); + return deposit64(orig_ptr, 53, 2, error_code); } else { - return deposit64(ptr, 61, 2, error_code); + return deposit64(orig_ptr, 61, 2, error_code); } } return orig_ptr; diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target index 2bb914975b..31ba9cfcaa 100644 --- a/tests/tcg/aarch64/Makefile.target +++ b/tests/tcg/aarch64/Makefile.target @@ -15,7 +15,7 @@ run-fcvt: fcvt $(call run-test,$<,$(QEMU) $<, "$< on $(TARGET_NAME)") $(call diff-out,$<,$(AARCH64_SRC)/fcvt.ref) -AARCH64_TESTS += pauth-1 +AARCH64_TESTS += pauth-1 pauth-2 run-pauth-%: QEMU += -cpu max TESTS:=$(AARCH64_TESTS) diff --git a/tests/tcg/aarch64/pauth-2.c b/tests/tcg/aarch64/pauth-2.c new file mode 100644 index 0000000000..2fe030ba3d --- /dev/null +++ b/tests/tcg/aarch64/pauth-2.c @@ -0,0 +1,61 @@ +#include <stdint.h> +#include <assert.h> + +asm(".arch armv8.4-a"); + +void do_test(uint64_t value) +{ + uint64_t salt1, salt2; + uint64_t encode, decode; + + /* + * With TBI enabled and a 48-bit VA, there are 7 bits of auth, + * and so a 1/128 chance of encode = pac(value,key,salt) producing + * an auth for which leaves value unchanged. + * Iterate until we find a salt for which encode != value. + */ + for (salt1 = 1; ; salt1++) { + asm volatile("pacda %0, %2" : "=r"(encode) : "0"(value), "r"(salt1)); + if (encode != value) { + break; + } + } + + /* A valid salt must produce a valid authorization. */ + asm volatile("autda %0, %2" : "=r"(decode) : "0"(encode), "r"(salt1)); + assert(decode == value); + + /* + * An invalid salt usually fails authorization, but again there + * is a chance of choosing another salt that works. + * Iterate until we find another salt which does fail. + */ + for (salt2 = salt1 + 1; ; salt2++) { + asm volatile("autda %0, %2" : "=r"(decode) : "0"(encode), "r"(salt2)); + if (decode != value) { + break; + } + } + + /* The VA bits, bit 55, and the TBI bits, should be unchanged. */ + assert(((decode ^ value) & 0xff80ffffffffffffull) == 0); + + /* + * Bits [54:53] are an error indicator based on the key used; + * the DA key above is keynumber 0, so error == 0b01. Otherwise + * bit 55 of the original is sign-extended into the rest of the auth. + */ + if ((value >> 55) & 1) { + assert(((decode >> 48) & 0xff) == 0b10111111); + } else { + assert(((decode >> 48) & 0xff) == 0b00100000); + } +} + +int main() +{ + do_test(0); + do_test(-1); + do_test(0xda004acedeadbeefull); + return 0; +} |