From: Peter Maydell <peter.maydell@linaro.org>
To: Richard Henderson <richard.henderson@linaro.org>
Cc: qemu-arm <qemu-arm@nongnu.org>, QEMU Developers <qemu-devel@nongnu.org>
Subject: Re: [PATCH v5 06/22] target/arm: Implement the IRG instruction
Date: Tue, 3 Dec 2019 14:26:13 +0000 [thread overview]
Message-ID: <CAFEAcA-p7TJEBCD3nh7-c1eaBgPGus7wLG7xqMy9HKSoy=9PSw@mail.gmail.com> (raw)
In-Reply-To: <20191011134744.2477-7-richard.henderson@linaro.org>
On Fri, 11 Oct 2019 at 14:49, Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> v2: Update to 00eac5.
> Merge choose_random_nonexcluded_tag into helper_irg since
> that pseudo function no longer exists separately.
> ---
> target/arm/helper-a64.h | 1 +
> target/arm/mte_helper.c | 57 ++++++++++++++++++++++++++++++++++++++
> target/arm/translate-a64.c | 7 +++++
> 3 files changed, 65 insertions(+)
>
> diff --git a/target/arm/helper-a64.h b/target/arm/helper-a64.h
> index a82e21f15a..6ff7f5b756 100644
> --- a/target/arm/helper-a64.h
> +++ b/target/arm/helper-a64.h
> @@ -106,3 +106,4 @@ DEF_HELPER_FLAGS_2(xpacd, TCG_CALL_NO_RWG_SE, i64, env, i64)
> DEF_HELPER_FLAGS_2(mte_check1, TCG_CALL_NO_WG, i64, env, i64)
> DEF_HELPER_FLAGS_2(mte_check2, TCG_CALL_NO_WG, i64, env, i64)
> DEF_HELPER_FLAGS_3(mte_check3, TCG_CALL_NO_WG, i64, env, i64, i32)
> +DEF_HELPER_FLAGS_3(irg, TCG_CALL_NO_RWG, i64, env, i64, i64)
> diff --git a/target/arm/mte_helper.c b/target/arm/mte_helper.c
> index bbb90cbe86..9848849a91 100644
> --- a/target/arm/mte_helper.c
> +++ b/target/arm/mte_helper.c
> @@ -37,6 +37,31 @@ static int allocation_tag_from_addr(uint64_t ptr)
> return extract64(ptr, 56, 4);
> }
>
> +static int choose_nonexcluded_tag(int tag, int offset, uint16_t exclude)
> +{
> + if (exclude == 0xffff) {
> + return 0;
> + }
> + if (offset == 0) {
> + while (exclude & (1 << tag)) {
> + tag = (tag + 1) & 15;
> + }
> + } else {
> + do {
> + do {
> + tag = (tag + 1) & 15;
> + } while (exclude & (1 << tag));
> + } while (--offset > 0);
> + }
I feel like this would be easier to review if it matched
the logic the pseudocode uses, though I think the end result
comes out the same.
> + return tag;
> +}
> +
> +static uint64_t address_with_allocation_tag(uint64_t ptr, int rtag)
> +{
> + rtag -= extract64(ptr, 55, 1);
> + return deposit64(ptr, 56, 4, rtag);
This doesn't match AArch64.AddressWithAllocationTag -- the
fiddling with bit 55 is unwanted.
> +}
> +
> /*
> * Perform a checked access for MTE.
> * On arrival, TBI is known to enabled, as is allocation_tag_access_enabled.
> @@ -165,3 +190,35 @@ uint64_t HELPER(mte_check3)(CPUARMState *env, uint64_t dirty_ptr, uint32_t tbi)
> return dirty_ptr;
> }
> }
> +
> +uint64_t HELPER(irg)(CPUARMState *env, uint64_t rn, uint64_t rm)
> +{
> + int el = arm_current_el(env);
> + uint64_t sctlr = arm_sctlr(env, el);
> + int rtag = 0;
> +
> + if (allocation_tag_access_enabled(env, el, sctlr)) {
> + /*
> + * Our IMPDEF choice for GCR_EL1.RRND==1 is to behave as if
> + * GCR_EL1.RRND==0, always producing deterministic results.
> + */
> + uint16_t exclude = extract32(rm | env->cp15.gcr_el1, 0, 16);
> + int start = extract32(env->cp15.rgsr_el1, 0, 4);
> + int seed = extract32(env->cp15.rgsr_el1, 8, 16);
> + int offset, i;
> +
> + /* RandomTag */
> + for (i = offset = 0; i < 4; ++i) {
> + /* NextRandomTagBit */
> + int top = (extract32(seed, 5, 1) ^ extract32(seed, 3, 1) ^
> + extract32(seed, 2, 1) ^ extract32(seed, 0, 1));
> + seed = (top << 15) | (seed >> 1);
> + offset |= top << i;
> + }
> + rtag = choose_nonexcluded_tag(start, offset, exclude);
> +
> + env->cp15.rgsr_el1 = rtag | (seed << 8);
> + }
> +
> + return address_with_allocation_tag(rn, rtag);
> +}
> diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
> index 18d45fba87..83d253d67f 100644
> --- a/target/arm/translate-a64.c
> +++ b/target/arm/translate-a64.c
> @@ -5156,6 +5156,13 @@ static void disas_data_proc_2src(DisasContext *s, uint32_t insn)
> case 3: /* SDIV */
> handle_div(s, true, sf, rm, rn, rd);
> break;
> + case 4: /* IRG */
> + if (sf == 0 || !dc_isar_feature(aa64_mte_insn_reg, s)) {
> + goto do_unallocated;
> + }
> + gen_helper_irg(cpu_reg_sp(s, rd), cpu_env,
> + cpu_reg_sp(s, rn), cpu_reg(s, rm));
In the case of "we only have mte_insn_reg, not full MTE",
the allocation tag we insert into the address must always
be zero, so you could just special case this and emit code
inline to clear bits [59:56]. The code as it stands works
because we ensure that the guest can't set the SCTLR.*ATA*
bits. (That's a bit inconsistent with our approach to the
PSTATE.TCO bit, which we do allow a guest to toggle, but
the inconsistency is permitted by the architecture.) I'm
not sure whether "we only have the EL0 visible bits" is
going to be a common enough config to care about to
special-case.
thanks
-- PMM
next prev parent reply other threads:[~2019-12-03 14:33 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-11 13:47 [PATCH v5 00/22] target/arm: Implement ARMv8.5-MemTag, system mode Richard Henderson
2019-10-11 13:47 ` [PATCH v5 01/22] target/arm: Add MTE_ACTIVE to tb_flags Richard Henderson
2019-10-11 13:47 ` [PATCH v5 02/22] target/arm: Add regime_has_2_ranges Richard Henderson
2019-12-03 11:01 ` Peter Maydell
2019-12-03 15:09 ` Richard Henderson
2019-10-11 13:47 ` [PATCH v5 03/22] target/arm: Add MTE system registers Richard Henderson
2019-12-03 11:48 ` Peter Maydell
2019-12-06 14:47 ` Richard Henderson
2019-10-11 13:47 ` [PATCH v5 04/22] target/arm: Add helper_mte_check{1,2,3} Richard Henderson
2019-12-03 13:42 ` Peter Maydell
2019-12-03 16:06 ` Richard Henderson
2019-12-03 16:26 ` Peter Maydell
2019-12-03 16:14 ` Richard Henderson
2019-10-11 13:47 ` [PATCH v5 05/22] target/arm: Suppress tag check for sp+offset Richard Henderson
2019-12-03 14:07 ` Peter Maydell
2020-02-17 21:32 ` Richard Henderson
2019-10-11 13:47 ` [PATCH v5 06/22] target/arm: Implement the IRG instruction Richard Henderson
2019-12-03 14:26 ` Peter Maydell [this message]
2019-10-11 13:47 ` [PATCH v5 07/22] target/arm: Implement ADDG, SUBG instructions Richard Henderson
2019-10-11 13:47 ` [PATCH v5 08/22] target/arm: Implement the GMI instruction Richard Henderson
2019-10-11 13:47 ` [PATCH v5 09/22] target/arm: Implement the SUBP instruction Richard Henderson
2019-10-11 13:47 ` [PATCH v5 10/22] target/arm: Define arm_cpu_do_unaligned_access for CONFIG_USER_ONLY Richard Henderson
2019-12-05 16:12 ` Peter Maydell
2020-02-17 22:56 ` Richard Henderson
2019-10-11 13:47 ` [PATCH v5 11/22] target/arm: Implement LDG, STG, ST2G instructions Richard Henderson
2019-12-05 17:07 ` Peter Maydell
2019-10-11 13:47 ` [PATCH v5 12/22] target/arm: Implement the STGP instruction Richard Henderson
2019-12-05 17:15 ` Peter Maydell
2019-10-11 13:47 ` [PATCH v5 13/22] target/arm: Implement the LDGM and STGM instructions Richard Henderson
2019-12-05 17:42 ` Peter Maydell
2019-10-11 13:47 ` [PATCH v5 14/22] target/arm: Implement the access tag cache flushes Richard Henderson
2019-12-05 17:49 ` Peter Maydell
2019-10-11 13:47 ` [PATCH v5 15/22] target/arm: Clean address for DC ZVA Richard Henderson
2019-12-05 17:54 ` Peter Maydell
2019-12-05 18:58 ` Peter Maydell
2020-02-18 0:50 ` Richard Henderson
2020-02-18 11:10 ` Peter Maydell
2019-10-11 13:47 ` [PATCH v5 16/22] target/arm: Implement data cache set allocation tags Richard Henderson
2019-12-05 18:17 ` Peter Maydell
2020-02-18 1:19 ` Richard Henderson
2019-10-11 13:47 ` [PATCH v5 17/22] target/arm: Set PSTATE.TCO on exception entry Richard Henderson
2019-10-11 13:47 ` [PATCH v5 18/22] target/arm: Enable MTE Richard Henderson
2019-12-05 18:23 ` Peter Maydell
2019-10-11 13:47 ` [PATCH v5 19/22] target/arm: Cache the Tagged bit for a page in MemTxAttrs Richard Henderson
2019-12-05 18:32 ` Peter Maydell
2019-10-11 13:47 ` [PATCH v5 20/22] target/arm: Create tagged ram when MTE is enabled Richard Henderson
2019-12-05 18:40 ` Peter Maydell
2019-12-05 19:24 ` Richard Henderson
2019-12-06 9:51 ` Peter Maydell
2019-10-11 13:47 ` [PATCH v5 21/22] target/arm: Add mmu indexes for tag memory Richard Henderson
2019-12-06 11:46 ` Peter Maydell
2019-12-06 14:03 ` Richard Henderson
2019-10-11 13:47 ` [PATCH v5 22/22] target/arm: Add allocation tag storage for system mode Richard Henderson
2019-12-06 13:02 ` Peter Maydell
2019-12-06 14:14 ` Richard Henderson
2019-10-11 19:32 ` [PATCH v5 00/22] target/arm: Implement ARMv8.5-MemTag, " no-reply
2019-10-15 20:39 ` Evgenii Stepanov
2019-10-15 22:04 ` Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFEAcA-p7TJEBCD3nh7-c1eaBgPGus7wLG7xqMy9HKSoy=9PSw@mail.gmail.com' \
--to=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).