[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 00/17] target/arm: Implement ARMv8.5-MemTag
|
From: |
Richard Henderson |
|
Subject: |
[Qemu-devel] [PATCH 00/17] target/arm: Implement ARMv8.5-MemTag |
|
Date: |
Mon, 14 Jan 2019 12:11:05 +1100 |
Based-on: address@hidden
aka the TBID patch set, which itself is based on the BTI patch set.
The full tree is available at
https://github.org/rth7680/qemu.git tgt-arm-mte
This extension isl also spelled MTE in the ARM.
This patch set only attempts to implement linux-user emulation.
For system emulation, I still miss the new cache flushing insns (easy)
and the out-of-band physical memory for the allocation tags (harder).
>From a few mis-steps in writing the test cases for the extension,
I might suggest that some future kernel's userland ABI for this have
TCR.TCMA0 = 1, so that legacy code that is *not* MTE aware can use
a frame pointer without accidentally tripping left over stack tags.
(As seen in patch 5, SP+OFF is unchecked per the ISA but FP+OFF is not.)
OTOH, depending on the application, that does make it easier for an
attack vector to clean the tag off the top of a pointer to bypass
store checking. So, tricky.
r~
Cc: Ramana Radhakrishnan <address@hidden>
Cc: Will Deacon <address@hidden>
Cc: address@hidden
Cc: address@hidden
Cc: address@hidden
Cc: address@hidden
Richard Henderson (17):
target/arm: Add MTE_ACTIVE to tb_flags
target/arm: Extract TCMA with ARMVAParameters
target/arm: Add MTE system registers
target/arm: Fill in helper_mte_check
target/arm: Suppress tag check for sp+offset
target/arm: Implement the IRG instruction
target/arm: Implement ADDG, SUBG instructions
target/arm: Implement the GMI instruction
target/arm: Implement the SUBP instruction
target/arm: Implement LDG, STG, ST2G instructions
target/arm: Implement the STGP instruction
target/arm: Implement the LDGV and STGV instructions
target/arm: Set PSTATE.TCO on exception entry
tcg: Introduce target-specific page data for user-only
target/arm: Add allocation tag storage for user-only
target/arm: Enable MTE
tests/tcg/aarch64: Add mte smoke tests
include/exec/cpu-all.h | 10 +-
target/arm/cpu.h | 18 ++
target/arm/helper-a64.h | 11 +
target/arm/internals.h | 22 ++
target/arm/translate.h | 13 ++
accel/tcg/translate-all.c | 28 +++
linux-user/mmap.c | 10 +-
linux-user/syscall.c | 4 +-
target/arm/cpu.c | 10 +
target/arm/cpu64.c | 1 +
target/arm/helper.c | 99 ++++++--
target/arm/mte_helper.c | 369 ++++++++++++++++++++++++++++++
target/arm/translate-a64.c | 305 ++++++++++++++++++++----
tests/tcg/aarch64/mte-1.c | 27 +++
tests/tcg/aarch64/mte-2.c | 39 ++++
target/arm/Makefile.objs | 2 +-
tests/tcg/aarch64/Makefile.target | 4 +
17 files changed, 907 insertions(+), 65 deletions(-)
create mode 100644 target/arm/mte_helper.c
create mode 100644 tests/tcg/aarch64/mte-1.c
create mode 100644 tests/tcg/aarch64/mte-2.c
--
2.17.2
- [Qemu-devel] [PATCH 00/17] target/arm: Implement ARMv8.5-MemTag,
Richard Henderson <=
- [Qemu-devel] [PATCH 01/17] target/arm: Add MTE_ACTIVE to tb_flags, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 02/17] target/arm: Extract TCMA with ARMVAParameters, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 03/17] target/arm: Add MTE system registers, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 04/17] target/arm: Fill in helper_mte_check, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 05/17] target/arm: Suppress tag check for sp+offset, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 06/17] target/arm: Implement the IRG instruction, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 07/17] target/arm: Implement ADDG, SUBG instructions, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 08/17] target/arm: Implement the GMI instruction, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 09/17] target/arm: Implement the SUBP instruction, Richard Henderson, 2019/01/13
- [Qemu-devel] [PATCH 10/17] target/arm: Implement LDG, STG, ST2G instructions, Richard Henderson, 2019/01/13