[Qemu-devel] [PATCH 0/6] target/arm: Complete ARMv8.3-PAuth linux-user

[Qemu-devel] [PATCH 0/6] target/arm: Complete ARMv8.3-PAuth linux-user

[Richard Henderson]

(1) Fix a bug I introduced at the last moment in the last
    patch set -- enable pac keys during reset, not before.
(2) Add the HWCAP bits.
(3) Add the new prctl
(4) Add a smoke test so that (1) doesn't happen again.


r~


Richard Henderson (6):
  target/arm: Always enable pac keys for user-only
  aarch64-linux-user: Update HWCAP bits from linux 5.0-rc1
  aarch64-linux-user: Enable HWCAP bits for PAuth
  linux-user: Initialize aarch64 pac keys
  linux-user: Implement PR_PAC_RESET_KEYS
  tests/tcg/aarch64: Add pauth smoke tests

 linux-user/aarch64/target_syscall.h |  9 +++++
 linux-user/aarch64/cpu_loop.c       | 31 ++++++++++++++-
 linux-user/elfload.c                | 10 +++++
 linux-user/syscall.c                | 33 ++++++++++++++++
 target/arm/cpu.c                    |  3 ++
 target/arm/cpu64.c                  | 60 -----------------------------
 tests/tcg/aarch64/pauth-1.c         | 23 +++++++++++
 tests/tcg/aarch64/Makefile.target   |  7 +++-
 8 files changed, 113 insertions(+), 63 deletions(-)
 create mode 100644 tests/tcg/aarch64/pauth-1.c

-- 
2.17.2

[Qemu-devel] [PATCH 1/6] target/arm: Always enable pac keys for user-only

[Richard Henderson]

Drop the pac properties.  This approach cannot work as written
because the properties are applied before arm_cpu_reset, which
zeros SCTLR_EL1 (amongst everything else).

We can re-introduce the properties if they turn out to be useful.
But since linux 5.0 enables all of the keys, they may not be.

Fixes: 1ae9cfbd470
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/arm/cpu.c   |  3 +++
 target/arm/cpu64.c | 60 ----------------------------------------------
 2 files changed, 3 insertions(+), 60 deletions(-)

diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 7e1f3dd637..1e79b97a9c 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -162,6 +162,9 @@ static void arm_cpu_reset(CPUState *s)
         env->pstate = PSTATE_MODE_EL0t;
         /* Userspace expects access to DC ZVA, CTL_EL0 and the cache ops */
         env->cp15.sctlr_el[1] |= SCTLR_UCT | SCTLR_UCI | SCTLR_DZE;
+        /* Enable all PAC keys.  */
+        env->cp15.sctlr_el[1] |= (SCTLR_EnIA | SCTLR_EnIB |
+                                  SCTLR_EnDA | SCTLR_EnDB);
         /* Enable all PAC instructions */
         env->cp15.hcr_el2 |= HCR_API;
         env->cp15.scr_el3 |= SCR_API;
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index e9bc461c36..303d0ef075 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -281,38 +281,6 @@ static void cpu_max_set_sve_vq(Object *obj, Visitor *v, const char *name,
     error_propagate(errp, err);
 }
 
-#ifdef CONFIG_USER_ONLY
-static void cpu_max_get_packey(Object *obj, Visitor *v, const char *name,
-                               void *opaque, Error **errp)
-{
-    ARMCPU *cpu = ARM_CPU(obj);
-    const uint64_t *bit = opaque;
-    bool enabled = (cpu->env.cp15.sctlr_el[1] & *bit) != 0;
-
-    visit_type_bool(v, name, &enabled, errp);
-}
-
-static void cpu_max_set_packey(Object *obj, Visitor *v, const char *name,
-                               void *opaque, Error **errp)
-{
-    ARMCPU *cpu = ARM_CPU(obj);
-    Error *err = NULL;
-    const uint64_t *bit = opaque;
-    bool enabled;
-
-    visit_type_bool(v, name, &enabled, errp);
-
-    if (!err) {
-        if (enabled) {
-            cpu->env.cp15.sctlr_el[1] |= *bit;
-        } else {
-            cpu->env.cp15.sctlr_el[1] &= ~*bit;
-        }
-    }
-    error_propagate(errp, err);
-}
-#endif
-
 /* -cpu max: if KVM is enabled, like -cpu host (best possible with this host);
  * otherwise, a CPU with as many features enabled as our emulation supports.
  * The version of '-cpu max' for qemu-system-arm is defined in cpu.c;
@@ -388,34 +356,6 @@ static void aarch64_max_initfn(Object *obj)
          */
         cpu->ctr = 0x80038003; /* 32 byte I and D cacheline size, VIPT icache */
         cpu->dcz_blocksize = 7; /*  512 bytes */
-
-        /*
-         * Note that Linux will enable enable all of the keys at once.
-         * But doing it this way will allow experimentation beyond that.
-         */
-        {
-            static const uint64_t apia_bit = SCTLR_EnIA;
-            static const uint64_t apib_bit = SCTLR_EnIB;
-            static const uint64_t apda_bit = SCTLR_EnDA;
-            static const uint64_t apdb_bit = SCTLR_EnDB;
-
-            object_property_add(obj, "apia", "bool", cpu_max_get_packey,
-                                cpu_max_set_packey, NULL,
-                                (void *)&apia_bit, &error_fatal);
-            object_property_add(obj, "apib", "bool", cpu_max_get_packey,
-                                cpu_max_set_packey, NULL,
-                                (void *)&apib_bit, &error_fatal);
-            object_property_add(obj, "apda", "bool", cpu_max_get_packey,
-                                cpu_max_set_packey, NULL,
-                                (void *)&apda_bit, &error_fatal);
-            object_property_add(obj, "apdb", "bool", cpu_max_get_packey,
-                                cpu_max_set_packey, NULL,
-                                (void *)&apdb_bit, &error_fatal);
-
-            /* Enable all PAC keys by default.  */
-            cpu->env.cp15.sctlr_el[1] |= SCTLR_EnIA | SCTLR_EnIB;
-            cpu->env.cp15.sctlr_el[1] |= SCTLR_EnDA | SCTLR_EnDB;
-        }
 #endif
 
         cpu->sve_max_vq = ARM_MAX_VQ;
-- 
2.17.2

[Qemu-devel] [PATCH] target/arm: Fix validation of 32-bit address spaces for aa32

[Richard Henderson]

When tsz == 0, aarch32 selects the address space via exclusion,
and there are no "top_bits" remaining that require validation.

Fixes: ba97be9f4a4
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/arm/helper.c | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index 92666e5208..e24689f767 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -10447,7 +10447,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
     uint64_t ttbr;
     hwaddr descaddr, indexmask, indexmask_grainsize;
     uint32_t tableattrs;
-    target_ulong page_size, top_bits;
+    target_ulong page_size;
     uint32_t attrs;
     int32_t stride;
     int addrsize, inputsize;
@@ -10487,12 +10487,19 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
      * We determined the region when collecting the parameters, but we
      * have not yet validated that the address is valid for the region.
      * Extract the top bits and verify that they all match select.
+     *
+     * For aa32, if inputsize == addrsize, then we have selected the
+     * region by exclusion in aa32_va_parameters and there is no more
+     * validation to do here.
      */
-    top_bits = sextract64(address, inputsize, addrsize - inputsize);
-    if (-top_bits != param.select || (param.select && !ttbr1_valid)) {
-        /* In the gap between the two regions, this is a Translation fault */
-        fault_type = ARMFault_Translation;
-        goto do_fault;
+    if (inputsize < addrsize) {
+        target_ulong top_bits = sextract64(address, inputsize,
+                                           addrsize - inputsize);
+        if (-top_bits != param.select || (param.select && !ttbr1_valid)) {
+            /* The gap between the two regions is a Translation fault */
+            fault_type = ARMFault_Translation;
+            goto do_fault;
+        }
     }
 
     if (param.using64k) {
-- 
2.17.1

[Qemu-devel] [PATCH 2/6] aarch64-linux-user: Update HWCAP bits from linux 5.0-rc1

[Richard Henderson]

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/elfload.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 4cff9e1a31..3c7a7c2836 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -560,6 +560,15 @@ enum {
     ARM_HWCAP_A64_ASIMDDP       = 1 << 20,
     ARM_HWCAP_A64_SHA512        = 1 << 21,
     ARM_HWCAP_A64_SVE           = 1 << 22,
+    ARM_HWCAP_A64_ASIMDFHM      = 1 << 23,
+    ARM_HWCAP_A64_DIT           = 1 << 24,
+    ARM_HWCAP_A64_USCAT         = 1 << 25,
+    ARM_HWCAP_A64_ILRCPC        = 1 << 26,
+    ARM_HWCAP_A64_FLAGM         = 1 << 27,
+    ARM_HWCAP_A64_SSBS          = 1 << 28,
+    ARM_HWCAP_A64_SB            = 1 << 29,
+    ARM_HWCAP_A64_PACA          = 1 << 30,
+    ARM_HWCAP_A64_PACG          = 1UL << 31,
 };
 
 #define ELF_HWCAP get_elf_hwcap()
-- 
2.17.2

[Qemu-devel] [PATCH 3/6] aarch64-linux-user: Enable HWCAP bits for PAuth

[Richard Henderson]

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/elfload.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 3c7a7c2836..775a36ccdd 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -600,6 +600,7 @@ static uint32_t get_elf_hwcap(void)
     GET_FEATURE_ID(aa64_dp, ARM_HWCAP_A64_ASIMDDP);
     GET_FEATURE_ID(aa64_fcma, ARM_HWCAP_A64_FCMA);
     GET_FEATURE_ID(aa64_sve, ARM_HWCAP_A64_SVE);
+    GET_FEATURE_ID(aa64_pauth, ARM_HWCAP_A64_PACA | ARM_HWCAP_A64_PACG);
 
 #undef GET_FEATURE_ID
 
-- 
2.17.2

[Qemu-devel] [PATCH 4/6] linux-user: Initialize aarch64 pac keys

[Richard Henderson]

Initialize the keys to a non-zero value on process start.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/aarch64/target_syscall.h |  2 ++
 linux-user/aarch64/cpu_loop.c       | 31 +++++++++++++++++++++++++++--
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/linux-user/aarch64/target_syscall.h b/linux-user/aarch64/target_syscall.h
index 205265e619..937fd7989e 100644
--- a/linux-user/aarch64/target_syscall.h
+++ b/linux-user/aarch64/target_syscall.h
@@ -22,4 +22,6 @@ struct target_pt_regs {
 #define TARGET_PR_SVE_SET_VL  50
 #define TARGET_PR_SVE_GET_VL  51
 
+void arm_init_pauth_key(ARMPACKey *key);
+
 #endif /* AARCH64_TARGET_SYSCALL_H */
diff --git a/linux-user/aarch64/cpu_loop.c b/linux-user/aarch64/cpu_loop.c
index 65d815f030..d75fd9d3e2 100644
--- a/linux-user/aarch64/cpu_loop.c
+++ b/linux-user/aarch64/cpu_loop.c
@@ -147,10 +147,29 @@ void cpu_loop(CPUARMState *env)
     }
 }
 
+static uint64_t arm_rand64(void)
+{
+    int shift = 64 - clz64(RAND_MAX);
+    int i, n = 64 / shift + (64 % shift != 0);
+    uint64_t ret = 0;
+
+    for (i = 0; i < n; i++) {
+        ret = (ret << shift) | rand();
+    }
+    return ret;
+}
+
+void arm_init_pauth_key(ARMPACKey *key)
+{
+    key->lo = arm_rand64();
+    key->hi = arm_rand64();
+}
+
 void target_cpu_copy_regs(CPUArchState *env, struct target_pt_regs *regs)
 {
-    CPUState *cpu = ENV_GET_CPU(env);
-    TaskState *ts = cpu->opaque;
+    ARMCPU *cpu = arm_env_get_cpu(env);
+    CPUState *cs = CPU(cpu);
+    TaskState *ts = cs->opaque;
     struct image_info *info = ts->info;
     int i;
 
@@ -172,6 +191,14 @@ void target_cpu_copy_regs(CPUArchState *env, struct target_pt_regs *regs)
     }
 #endif
 
+    if (cpu_isar_feature(aa64_pauth, cpu)) {
+        arm_init_pauth_key(&env->apia_key);
+        arm_init_pauth_key(&env->apib_key);
+        arm_init_pauth_key(&env->apda_key);
+        arm_init_pauth_key(&env->apdb_key);
+        arm_init_pauth_key(&env->apga_key);
+    }
+
     ts->stack_base = info->start_stack;
     ts->heap_base = info->brk;
     /* This will be filled in on the first SYS_HEAPINFO call.  */
-- 
2.17.2

[Qemu-devel] [PATCH 5/6] linux-user: Implement PR_PAC_RESET_KEYS

[Richard Henderson]

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/aarch64/target_syscall.h |  7 ++++++
 linux-user/syscall.c                | 33 +++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/linux-user/aarch64/target_syscall.h b/linux-user/aarch64/target_syscall.h
index 937fd7989e..b595e5da82 100644
--- a/linux-user/aarch64/target_syscall.h
+++ b/linux-user/aarch64/target_syscall.h
@@ -22,6 +22,13 @@ struct target_pt_regs {
 #define TARGET_PR_SVE_SET_VL  50
 #define TARGET_PR_SVE_GET_VL  51
 
+#define TARGET_PR_PAC_RESET_KEYS 54
+# define TARGET_PR_PAC_APIAKEY   (1 << 0)
+# define TARGET_PR_PAC_APIBKEY   (1 << 1)
+# define TARGET_PR_PAC_APDAKEY   (1 << 2)
+# define TARGET_PR_PAC_APDBKEY   (1 << 3)
+# define TARGET_PR_PAC_APGAKEY   (1 << 4)
+
 void arm_init_pauth_key(ARMPACKey *key);
 
 #endif /* AARCH64_TARGET_SYSCALL_H */
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b5786d4fc1..3e2949aa2f 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -9691,6 +9691,39 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
                 }
             }
             return ret;
+        case TARGET_PR_PAC_RESET_KEYS:
+            {
+                CPUARMState *env = cpu_env;
+                ARMCPU *cpu = arm_env_get_cpu(env);
+
+                if (cpu_isar_feature(aa64_pauth, cpu)) {
+                    int all = (TARGET_PR_PAC_APIAKEY | TARGET_PR_PAC_APIBKEY |
+                               TARGET_PR_PAC_APDAKEY | TARGET_PR_PAC_APDBKEY |
+                               TARGET_PR_PAC_APGAKEY);
+                    if (arg2 == 0) {
+                        arg2 = all;
+                    } else if (arg2 & ~all) {
+                        return -TARGET_EINVAL;
+                    }
+                    if (arg2 & TARGET_PR_PAC_APIAKEY) {
+                        arm_init_pauth_key(&env->apia_key);
+                    }
+                    if (arg2 & TARGET_PR_PAC_APIBKEY) {
+                        arm_init_pauth_key(&env->apib_key);
+                    }
+                    if (arg2 & TARGET_PR_PAC_APDAKEY) {
+                        arm_init_pauth_key(&env->apda_key);
+                    }
+                    if (arg2 & TARGET_PR_PAC_APDBKEY) {
+                        arm_init_pauth_key(&env->apdb_key);
+                    }
+                    if (arg2 & TARGET_PR_PAC_APGAKEY) {
+                        arm_init_pauth_key(&env->apga_key);
+                    }
+                    return 0;
+                }
+            }
+            return -TARGET_EINVAL;
 #endif /* AARCH64 */
         case PR_GET_SECCOMP:
         case PR_SET_SECCOMP:
-- 
2.17.2

[Qemu-devel] [PATCH 6/6] tests/tcg/aarch64: Add pauth smoke tests

[Richard Henderson]

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 tests/tcg/aarch64/pauth-1.c       | 23 +++++++++++++++++++++++
 tests/tcg/aarch64/Makefile.target |  7 ++++++-
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 tests/tcg/aarch64/pauth-1.c

diff --git a/tests/tcg/aarch64/pauth-1.c b/tests/tcg/aarch64/pauth-1.c
new file mode 100644
index 0000000000..9bd8d28ede
--- /dev/null
+++ b/tests/tcg/aarch64/pauth-1.c
@@ -0,0 +1,23 @@
+#include <assert.h>
+#include <sys/prctl.h>
+
+asm(".arch armv8.4-a");
+
+#ifndef PR_PAC_RESET_KEYS
+#define PR_PAC_RESET_KEYS  54
+#define PR_PAC_APDAKEY     (1 << 2)
+#endif
+
+int main()
+{
+    int x;
+    void *p0 = &x, *p1, *p2;
+
+    asm volatile("pacdza %0" : "=r"(p1) : "0"(p0));
+    prctl(PR_PAC_RESET_KEYS, PR_PAC_APDAKEY);
+    asm volatile("pacdza %0" : "=r"(p2) : "0"(p0));
+
+    assert(p1 != p0);
+    assert(p1 != p2);
+    return 0;
+}
diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target
index 08c45b8470..e80d07276c 100644
--- a/tests/tcg/aarch64/Makefile.target
+++ b/tests/tcg/aarch64/Makefile.target
@@ -8,10 +8,15 @@ VPATH 		+= $(AARCH64_SRC)
 # we don't build any of the ARM tests
 AARCH64_TESTS=$(filter-out $(ARM_TESTS), $(TESTS))
 AARCH64_TESTS+=fcvt
-TESTS:=$(AARCH64_TESTS)
 
 fcvt: LDFLAGS+=-lm
 
 run-fcvt: fcvt
 	$(call run-test,$<,$(QEMU) $<, "$< on $(TARGET_NAME)")
 	$(call diff-out,$<,$(AARCH64_SRC)/fcvt.ref)
+
+AARCH64_TESTS += pauth-1
+pauth-%: CFLAGS += -O -g
+run-pauth-%: QEMU += -cpu max
+
+TESTS:=$(AARCH64_TESTS)
-- 
2.17.2

Re: [Qemu-devel] [PATCH 6/6] tests/tcg/aarch64: Add pauth smoke tests

[Alex Bennée]

Richard Henderson <richard.henderson@linaro.org> writes:

> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>  tests/tcg/aarch64/pauth-1.c       | 23 +++++++++++++++++++++++
>  tests/tcg/aarch64/Makefile.target |  7 ++++++-
>  2 files changed, 29 insertions(+), 1 deletion(-)
>  create mode 100644 tests/tcg/aarch64/pauth-1.c
>
> diff --git a/tests/tcg/aarch64/pauth-1.c b/tests/tcg/aarch64/pauth-1.c
> new file mode 100644
> index 0000000000..9bd8d28ede
> --- /dev/null
> +++ b/tests/tcg/aarch64/pauth-1.c
> @@ -0,0 +1,23 @@
> +#include <assert.h>
> +#include <sys/prctl.h>
> +
> +asm(".arch armv8.4-a");
> +
> +#ifndef PR_PAC_RESET_KEYS
> +#define PR_PAC_RESET_KEYS  54
> +#define PR_PAC_APDAKEY     (1 << 2)
> +#endif
> +
> +int main()
> +{
> +    int x;
> +    void *p0 = &x, *p1, *p2;
> +
> +    asm volatile("pacdza %0" : "=r"(p1) : "0"(p0));
> +    prctl(PR_PAC_RESET_KEYS, PR_PAC_APDAKEY);
> +    asm volatile("pacdza %0" : "=r"(p2) : "0"(p0));
> +
> +    assert(p1 != p0);
> +    assert(p1 != p2);
> +    return 0;
> +}
> diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target
> index 08c45b8470..e80d07276c 100644
> --- a/tests/tcg/aarch64/Makefile.target
> +++ b/tests/tcg/aarch64/Makefile.target
> @@ -8,10 +8,15 @@ VPATH 		+= $(AARCH64_SRC)
>  # we don't build any of the ARM tests
>  AARCH64_TESTS=$(filter-out $(ARM_TESTS), $(TESTS))
>  AARCH64_TESTS+=fcvt
> -TESTS:=$(AARCH64_TESTS)
>
>  fcvt: LDFLAGS+=-lm
>
>  run-fcvt: fcvt
>  	$(call run-test,$<,$(QEMU) $<, "$< on $(TARGET_NAME)")
>  	$(call diff-out,$<,$(AARCH64_SRC)/fcvt.ref)
> +
> +AARCH64_TESTS += pauth-1
> +pauth-%: CFLAGS += -O -g

We build all tests with:

  CFLAGS+=-Wall -O0 -g -fno-strict-aliasing

mainly because the first thing you want to do when they fail is run them
through gdb to see what went wrong. Do you actually need optimisation on
for the build to work? Everything else looks good though:

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

> +run-pauth-%: QEMU += -cpu max
> +
> +TESTS:=$(AARCH64_TESTS)


--
Alex Bennée

Re: [Qemu-devel] [PATCH 2/6] aarch64-linux-user: Update HWCAP bits from linux 5.0-rc1

[Laurent Vivier]

On 25/01/2019 23:57, Richard Henderson wrote:
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>  linux-user/elfload.c | 9 +++++++++
>  1 file changed, 9 insertions(+)
> 
> diff --git a/linux-user/elfload.c b/linux-user/elfload.c
> index 4cff9e1a31..3c7a7c2836 100644
> --- a/linux-user/elfload.c
> +++ b/linux-user/elfload.c
> @@ -560,6 +560,15 @@ enum {
>      ARM_HWCAP_A64_ASIMDDP       = 1 << 20,
>      ARM_HWCAP_A64_SHA512        = 1 << 21,
>      ARM_HWCAP_A64_SVE           = 1 << 22,
> +    ARM_HWCAP_A64_ASIMDFHM      = 1 << 23,
> +    ARM_HWCAP_A64_DIT           = 1 << 24,
> +    ARM_HWCAP_A64_USCAT         = 1 << 25,
> +    ARM_HWCAP_A64_ILRCPC        = 1 << 26,
> +    ARM_HWCAP_A64_FLAGM         = 1 << 27,
> +    ARM_HWCAP_A64_SSBS          = 1 << 28,
> +    ARM_HWCAP_A64_SB            = 1 << 29,
> +    ARM_HWCAP_A64_PACA          = 1 << 30,
> +    ARM_HWCAP_A64_PACG          = 1UL << 31,
>  };
>  
>  #define ELF_HWCAP get_elf_hwcap()
> 

Reviewed-by: Laurent Vivier <laurent@vivier.eu>

Re: [Qemu-devel] [PATCH 4/6] linux-user: Initialize aarch64 pac keys

[Peter Maydell]

On Fri, 25 Jan 2019 at 22:57, Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> Initialize the keys to a non-zero value on process start.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

> +static uint64_t arm_rand64(void)
> +{
> +    int shift = 64 - clz64(RAND_MAX);
> +    int i, n = 64 / shift + (64 % shift != 0);
> +    uint64_t ret = 0;
> +
> +    for (i = 0; i < n; i++) {
> +        ret = (ret << shift) | rand();
> +    }
> +    return ret;
> +}

I'm not a huge fan of the use of rand() here, but it's what
we're using to initialize AT_RANDOM in linux-user, so I guess
it's OK here. At some point we should investigate whether
there's something better we are guaranteed to have available,
I suppose. (Coverity gripes about use of rand().)

thanks
-- PMM

Re: [Qemu-devel] [PATCH 5/6] linux-user: Implement PR_PAC_RESET_KEYS

[Peter Maydell]

On Fri, 25 Jan 2019 at 22:57, Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>  linux-user/aarch64/target_syscall.h |  7 ++++++
>  linux-user/syscall.c                | 33 +++++++++++++++++++++++++++++
>  2 files changed, 40 insertions(+)

> @@ -9691,6 +9691,39 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1,
>                  }
>              }
>              return ret;
> +        case TARGET_PR_PAC_RESET_KEYS:
> +            {
> +                CPUARMState *env = cpu_env;
> +                ARMCPU *cpu = arm_env_get_cpu(env);

The kernel implementation of this returns EINVAL if any
of arg3/arg4/arg5 are non-zero.

Otherwise
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

thanks
-- PMM

Re: [Qemu-devel] [PATCH 0/6] target/arm: Complete ARMv8.3-PAuth linux-user

[Peter Maydell]

On Fri, 25 Jan 2019 at 22:57, Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> (1) Fix a bug I introduced at the last moment in the last
>     patch set -- enable pac keys during reset, not before.
> (2) Add the HWCAP bits.
> (3) Add the new prctl
> (4) Add a smoke test so that (1) doesn't happen again.
>
>
> r~
>
>
> Richard Henderson (6):
>   target/arm: Always enable pac keys for user-only
>   aarch64-linux-user: Update HWCAP bits from linux 5.0-rc1
>   aarch64-linux-user: Enable HWCAP bits for PAuth
>   linux-user: Initialize aarch64 pac keys
>   linux-user: Implement PR_PAC_RESET_KEYS
>   tests/tcg/aarch64: Add pauth smoke tests

Applied patches 1-4 to target-arm.next (5 has a minor nit
and 6 depends on 5).

thanks
-- PMM

Re: [Qemu-devel] [PATCH 4/6] linux-user: Initialize aarch64 pac keys

[Richard Henderson]

On 2/1/19 7:11 AM, Peter Maydell wrote:
> On Fri, 25 Jan 2019 at 22:57, Richard Henderson
> <richard.henderson@linaro.org> wrote:
>>
>> Initialize the keys to a non-zero value on process start.
>>
>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> 
>> +static uint64_t arm_rand64(void)
>> +{
>> +    int shift = 64 - clz64(RAND_MAX);
>> +    int i, n = 64 / shift + (64 % shift != 0);
>> +    uint64_t ret = 0;
>> +
>> +    for (i = 0; i < n; i++) {
>> +        ret = (ret << shift) | rand();
>> +    }
>> +    return ret;
>> +}
> 
> I'm not a huge fan of the use of rand() here, but it's what
> we're using to initialize AT_RANDOM in linux-user, so I guess
> it's OK here. At some point we should investigate whether
> there's something better we are guaranteed to have available,
> I suppose. (Coverity gripes about use of rand().)

I considered implementing a qemu version of getentropy,
but then I saw our "-seed" option and thought perhaps
repeatability is more important for qemu.


r~

Re: [Qemu-devel] [PATCH 6/6] tests/tcg/aarch64: Add pauth smoke tests

[Richard Henderson]

On 1/28/19 3:06 AM, Alex Bennée wrote:
> We build all tests with:
> 
>   CFLAGS+=-Wall -O0 -g -fno-strict-aliasing
> 
> mainly because the first thing you want to do when they fail is run them
> through gdb to see what went wrong. Do you actually need optimisation on
> for the build to work? Everything else looks good though:

I needed optimization for the MemTag test to work, and I copied that.
I'll remove it.


r~