aboutsummaryrefslogtreecommitdiff
path: root/tests/tcg
diff options
context:
space:
mode:
authorRichard Henderson <richard.henderson@linaro.org>2020-01-23 15:22:39 +0000
committerPeter Maydell <peter.maydell@linaro.org>2020-01-23 15:22:39 +0000
commitdd684ead2958b26f48484ff0f681bb151be22a7c (patch)
tree270ae8721c67afd22c472ce390e740d33c94606f /tests/tcg
parent73fc07984918fc7b59bd691ee2d5d1b9d600d53b (diff)
downloadqemu-dd684ead2958b26f48484ff0f681bb151be22a7c.zip
qemu-dd684ead2958b26f48484ff0f681bb151be22a7c.tar.gz
qemu-dd684ead2958b26f48484ff0f681bb151be22a7c.tar.bz2
tests/tcg/aarch64: Add pauth-4
Perform the set of operations and test described in LP 1859713. Suggested-by: Adrien GRASSEIN <adrien.grassein@smile.fr> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20200116230809.19078-5-richard.henderson@linaro.org [PMM: fixed hard-coded tabs] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'tests/tcg')
-rw-r--r--tests/tcg/aarch64/Makefile.target2
-rw-r--r--tests/tcg/aarch64/pauth-4.c25
2 files changed, 26 insertions, 1 deletions
diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target
index 374c8d6..efa67cf 100644
--- a/tests/tcg/aarch64/Makefile.target
+++ b/tests/tcg/aarch64/Makefile.target
@@ -18,7 +18,7 @@ run-fcvt: fcvt
$(call diff-out,$<,$(AARCH64_SRC)/fcvt.ref)
# Pauth Tests
-AARCH64_TESTS += pauth-1 pauth-2
+AARCH64_TESTS += pauth-1 pauth-2 pauth-4
run-pauth-%: QEMU_OPTS += -cpu max
pauth-%: CFLAGS += -march=armv8.3-a
diff --git a/tests/tcg/aarch64/pauth-4.c b/tests/tcg/aarch64/pauth-4.c
new file mode 100644
index 0000000..1040e92
--- /dev/null
+++ b/tests/tcg/aarch64/pauth-4.c
@@ -0,0 +1,25 @@
+#include <stdint.h>
+#include <assert.h>
+
+int main()
+{
+ uintptr_t x, y;
+
+ asm("mov %0, lr\n\t"
+ "pacia %0, sp\n\t" /* sigill if pauth not supported */
+ "eor %0, %0, #4\n\t" /* corrupt single bit */
+ "mov %1, %0\n\t"
+ "autia %1, sp\n\t" /* validate corrupted pointer */
+ "xpaci %0\n\t" /* strip pac from corrupted pointer */
+ : "=r"(x), "=r"(y));
+
+ /*
+ * Once stripped, the corrupted pointer is of the form 0x0000...wxyz.
+ * We expect the autia to indicate failure, producing a pointer of the
+ * form 0x000e....wxyz. Use xpaci and != for the test, rather than
+ * extracting explicit bits from the top, because the location of the
+ * error code "e" depends on the configuration of virtual memory.
+ */
+ assert(x != y);
+ return 0;
+}