From 75e7288e617ea89506db50d43143fabf5e185083 Mon Sep 17 00:00:00 2001 From: Diego Sueiro Date: Thu, 3 Sep 2020 12:40:29 +0100 Subject: [PATCH] gem5: Backport pointer authentication fixes Change-Id: I5152895f992e9bc85b24a9190e4affb3c74e44cd Issue-ID: SCM-899 Signed-off-by: Diego Sueiro Signed-off-by: Jon Mason --- ...arch-arm-Introduce-HavePACExt-helper.patch | 55 ++++++ ...s-implemented-before-executing-insts.patch | 174 ++++++++++++++++++ .../gem5/gem5-aarch64-native_20.bb | 5 +- 3 files changed, 233 insertions(+), 1 deletion(-) create mode 100644 meta-gem5/recipes-devtools/gem5/gem5-aarch64-native/0002-arch-arm-Introduce-HavePACExt-helper.patch create mode 100644 meta-gem5/recipes-devtools/gem5/gem5-aarch64-native/0003-arch-arm-Check-if-PAC-is-implemented-before-executing-insts.patch diff --git a/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native/0002-arch-arm-Introduce-HavePACExt-helper.patch b/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native/0002-arch-arm-Introduce-HavePACExt-helper.patch new file mode 100644 index 00000000..9d46f8a1 --- /dev/null +++ b/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native/0002-arch-arm-Introduce-HavePACExt-helper.patch @@ -0,0 +1,55 @@ +Upstream-Status: Backport [https://gem5.googlesource.com/public/gem5/+/6d15745532df2dd306ecc15bd0e9f79914be1682] +Signed-off-by: Diego Sueiro + +From 6d15745532df2dd306ecc15bd0e9f79914be1682 Mon Sep 17 00:00:00 2001 +From: Giacomo Travaglini +Date: Tue, 25 Aug 2020 12:15:17 +0100 +Subject: [PATCH] arch-arm: Introduce HavePACExt helper + +This will check for presence of pointer authentication extension. +According to the reference manual, Pointer authentication is +implemented if the value of at least one of + +ID_AA64ISAR1_EL1.{APA, API, GPA, GPI} + +is not 0b0000. + +Change-Id: I4e98e65758e8edc953794e5b618d2c6c3f6000ae +Signed-off-by: Giacomo Travaglini +Reviewed-on: https://gem5-review.googlesource.com/c/public/gem5/+/33454 +Reviewed-by: Andreas Sandberg +Maintainer: Andreas Sandberg +Tested-by: kokoro +--- + +diff --git a/src/arch/arm/utility.cc b/src/arch/arm/utility.cc +index ad0a3da..a189c4a 100644 +--- a/src/arch/arm/utility.cc ++++ b/src/arch/arm/utility.cc +@@ -315,6 +315,14 @@ + } + + bool ++HavePACExt(ThreadContext *tc) ++{ ++ AA64ISAR1 id_aa64isar1 = tc->readMiscReg(MISCREG_ID_AA64ISAR1_EL1); ++ return id_aa64isar1.api | id_aa64isar1.apa | ++ id_aa64isar1.gpi | id_aa64isar1.gpa; ++} ++ ++bool + HaveVirtHostExt(ThreadContext *tc) + { + AA64MMFR1 id_aa64mmfr1 = tc->readMiscReg(MISCREG_ID_AA64MMFR1_EL1); +diff --git a/src/arch/arm/utility.hh b/src/arch/arm/utility.hh +index f00f606..f17ebc5 100644 +--- a/src/arch/arm/utility.hh ++++ b/src/arch/arm/utility.hh +@@ -151,6 +151,7 @@ + return opModeToEL((OperatingMode) (uint8_t)cpsr.mode); + } + ++bool HavePACExt(ThreadContext *tc); + bool HaveVirtHostExt(ThreadContext *tc); + bool HaveSecureEL2Ext(ThreadContext *tc); + bool IsSecureEL2Enabled(ThreadContext *tc); diff --git a/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native/0003-arch-arm-Check-if-PAC-is-implemented-before-executing-insts.patch b/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native/0003-arch-arm-Check-if-PAC-is-implemented-before-executing-insts.patch new file mode 100644 index 00000000..4410d97b --- /dev/null +++ b/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native/0003-arch-arm-Check-if-PAC-is-implemented-before-executing-insts.patch @@ -0,0 +1,174 @@ +Upstream-Status: Backport [https://gem5.googlesource.com/public/gem5/+/b50d61fb9ff5d94f401af98bb0b7f8e25d21d012] +Signed-off-by: Diego Sueiro + +From b50d61fb9ff5d94f401af98bb0b7f8e25d21d012 Mon Sep 17 00:00:00 2001 +From: Giacomo Travaglini +Date: Tue, 25 Aug 2020 13:10:23 +0100 +Subject: [PATCH] arch-arm: Check if PAC is implemented before executing insts + +If Armv8.3-PAuth (PAC) extension is not supported, most instrucions +will trigger an Undefined Instruction fault; except for a group of +them living in the HINT space; those should be treated as NOP. + +Change-Id: Idec920ed15e0310ec9132a3cb3701cdb7e7cf9d1 +Signed-off-by: Giacomo Travaglini +Reviewed-on: https://gem5-review.googlesource.com/c/public/gem5/+/33455 +Reviewed-by: Andreas Sandberg +Maintainer: Andreas Sandberg +Tested-by: kokoro +--- + +diff --git a/src/arch/arm/isa/insts/pauth.isa b/src/arch/arm/isa/insts/pauth.isa +index 4c5b371..4806e6a 100644 +--- a/src/arch/arm/isa/insts/pauth.isa ++++ b/src/arch/arm/isa/insts/pauth.isa +@@ -1,5 +1,6 @@ + // -*- mode:c++ -*- + ++// Copyright (c) 2020 ARM Limited + // Copyright (c) 2020 Metempsy Technology Consulting + // All rights reserved + // +@@ -41,20 +42,39 @@ + decoder_output = "" + exec_output = "" + ++ def pacEnabledCode(hint): ++ if hint: ++ code = """ ++ if (!HavePACExt(xc->tcBase())) { ++ return NoFault; ++ } ++ """ ++ else: ++ code = """ ++ if (!HavePACExt(xc->tcBase())) { ++ return std::make_shared( ++ machInst, true); ++ } ++ """ ++ return code + +- def buildPauthObject(mnem, templateBase, opcode, optArgs=[]): ++ def buildPauthObject(mnem, templateBase, opcode, hint, optArgs=[]): + global header_output, decoder_output, exec_output +- pac_code = '''//uint64_t val = 0; +- uint64_t res; +- fault = %(op)s(xc->tcBase(), %(op1)s, %(op2)s, &res); +- XDest = res; +- ''' ++ pac_code = ''' ++ %(enabled)s ++ ++ uint64_t res; ++ fault = %(op)s(xc->tcBase(), %(op1)s, %(op2)s, &res); ++ XDest = res; ++ ''' + if templateBase=='DataX2Reg': +- code = pac_code % {"op1": 'Op164', ++ code = pac_code % {"enabled": pacEnabledCode(hint), ++ "op1": 'Op164', + "op2": 'Op264', + "op": opcode } + else: +- code = pac_code % {"op1": 'XDest', ++ code = pac_code % {"enabled": pacEnabledCode(hint), ++ "op1": 'XDest', + "op2": 'Op164', + "op": opcode } + +@@ -63,13 +83,15 @@ + decoder_output += eval(templateBase + "Constructor").subst(iop) + exec_output += BasicExecute.subst(iop) + +- def buildXPauthObject(mnem, optArgs=[]): ++ def buildXPauthObject(mnem, hint, optArgs=[]): + global header_output, decoder_output, exec_output + templateBase = "XPauthOpRegReg" + +- code = 'uint64_t res;\n'\ +- 'fault = stripPAC(xc->tcBase(), XDest, data, &res);\n' +- code += 'XDest = res;' ++ code = pacEnabledCode(hint) + """ ++ uint64_t res; ++ fault = stripPAC(xc->tcBase(), XDest, data, &res); ++ XDest = res; ++ """ + regoptype = 'RegOp' + + iop = InstObjParams(mnem, mnem, regoptype, code, optArgs) +@@ -78,42 +100,42 @@ + exec_output += BasicExecute.subst(iop) + + +- buildPauthObject("Pacda", "DataX1Reg", 'addPACDA') +- buildPauthObject("Pacdza", "DataX1Reg", 'addPACDA') +- buildPauthObject("Pacdb", "DataX1Reg", 'addPACDB') +- buildPauthObject("Pacdzb", "DataX1Reg", 'addPACDB') +- buildPauthObject("Pacga", "DataX2Reg", 'addPACGA') ++ buildPauthObject("Pacda", "DataX1Reg", 'addPACDA', hint=False) ++ buildPauthObject("Pacdza", "DataX1Reg", 'addPACDA', hint=False) ++ buildPauthObject("Pacdb", "DataX1Reg", 'addPACDB', hint=False) ++ buildPauthObject("Pacdzb", "DataX1Reg", 'addPACDB', hint=False) ++ buildPauthObject("Pacga", "DataX2Reg", 'addPACGA', hint=False) + +- buildPauthObject("Pacia", "DataX1Reg", 'addPACIA') +- buildPauthObject("Pacia1716", "DataX1Reg", 'addPACIA') +- buildPauthObject("Paciasp", "DataX1Reg", 'addPACIA') +- buildPauthObject("Paciaz", "DataX1Reg", 'addPACIA') +- buildPauthObject("Paciza", "DataX1Reg", 'addPACIA') ++ buildPauthObject("Pacia", "DataX1Reg", 'addPACIA', hint=False) ++ buildPauthObject("Pacia1716", "DataX1Reg", 'addPACIA', hint=True) ++ buildPauthObject("Paciasp", "DataX1Reg", 'addPACIA', hint=True) ++ buildPauthObject("Paciaz", "DataX1Reg", 'addPACIA', hint=True) ++ buildPauthObject("Paciza", "DataX1Reg", 'addPACIA', hint=False) + +- buildPauthObject("Pacib", "DataX1Reg", 'addPACIB') +- buildPauthObject("Pacib1716", "DataX1Reg", 'addPACIB') +- buildPauthObject("Pacibsp", "DataX1Reg", 'addPACIB') +- buildPauthObject("Pacibz", "DataX1Reg", 'addPACIB') +- buildPauthObject("Pacizb", "DataX1Reg", 'addPACIB') ++ buildPauthObject("Pacib", "DataX1Reg", 'addPACIB', hint=False) ++ buildPauthObject("Pacib1716", "DataX1Reg", 'addPACIB', hint=True) ++ buildPauthObject("Pacibsp", "DataX1Reg", 'addPACIB', hint=True) ++ buildPauthObject("Pacibz", "DataX1Reg", 'addPACIB', hint=True) ++ buildPauthObject("Pacizb", "DataX1Reg", 'addPACIB', hint=False) + +- buildPauthObject("Autda", "DataX1Reg", 'authDA') +- buildPauthObject("Autdza", "DataX1Reg", 'authDA') +- buildPauthObject("Autdb", "DataX1Reg", 'authDB') +- buildPauthObject("Autdzb", "DataX1Reg", 'authDB') ++ buildPauthObject("Autda", "DataX1Reg", 'authDA', hint=False) ++ buildPauthObject("Autdza", "DataX1Reg", 'authDA', hint=False) ++ buildPauthObject("Autdb", "DataX1Reg", 'authDB', hint=False) ++ buildPauthObject("Autdzb", "DataX1Reg", 'authDB', hint=False) + +- buildPauthObject("Autia", "DataX1Reg", 'authIA') +- buildPauthObject("Autia1716", "DataX1Reg", 'authIA') +- buildPauthObject("Autiasp", "DataX1Reg", 'authIA') +- buildPauthObject("Autiaz", "DataX1Reg", 'authIA') +- buildPauthObject("Autiza", "DataX1Reg", 'authIA') ++ buildPauthObject("Autia", "DataX1Reg", 'authIA', hint=False) ++ buildPauthObject("Autia1716", "DataX1Reg", 'authIA', hint=True) ++ buildPauthObject("Autiasp", "DataX1Reg", 'authIA', hint=True) ++ buildPauthObject("Autiaz", "DataX1Reg", 'authIA', hint=True) ++ buildPauthObject("Autiza", "DataX1Reg", 'authIA', hint=False) + +- buildPauthObject("Autib", "DataX1Reg", 'authIB') +- buildPauthObject("Autib1716", "DataX1Reg", 'authIB') +- buildPauthObject("Autibsp", "DataX1Reg", 'authIB') +- buildPauthObject("Autibz", "DataX1Reg", 'authIB') +- buildPauthObject("Autizb", "DataX1Reg", 'authIB') ++ buildPauthObject("Autib", "DataX1Reg", 'authIB', hint=False) ++ buildPauthObject("Autib1716", "DataX1Reg", 'authIB', hint=True) ++ buildPauthObject("Autibsp", "DataX1Reg", 'authIB', hint=True) ++ buildPauthObject("Autibz", "DataX1Reg", 'authIB', hint=True) ++ buildPauthObject("Autizb", "DataX1Reg", 'authIB', hint=False) + +- buildXPauthObject("Xpacd") +- buildXPauthObject("Xpaci") +- buildXPauthObject("Xpaclri") ++ buildXPauthObject("Xpacd", hint=False) ++ buildXPauthObject("Xpaci", hint=False) ++ buildXPauthObject("Xpaclri", hint=True) + }}; diff --git a/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native_20.bb b/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native_20.bb index 638baf31..101e6ef5 100644 --- a/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native_20.bb +++ b/meta-gem5/recipes-devtools/gem5/gem5-aarch64-native_20.bb @@ -4,7 +4,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=2d9514d69d8abf88b6e9125e759bf0ab \ file://LICENSE;md5=a585e2893cee63d16a1d8bc16c6297ec" SRC_URI = "git://gem5.googlesource.com/public/gem5;protocol=https;nobranch=1 \ - file://0001-scons-Add-MARSHAL_XXFLAGS_EXTRA-for-the-marshal-object.patch" + file://0001-scons-Add-MARSHAL_XXFLAGS_EXTRA-for-the-marshal-object.patch \ + file://0002-arch-arm-Introduce-HavePACExt-helper.patch \ + file://0003-arch-arm-Check-if-PAC-is-implemented-before-executing-insts.patch \ + " RELEASE_TAG = "v20.0.0.1" SRCREV = "332a9de33db603e0aefedae1e05134db4257ea3e"