From patchwork Thu Sep 21 17:37:06 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Maydell <peter.maydell@linaro.org>
X-Patchwork-Id: 724822
Delivered-To: patch@linaro.org
Received: by 2002:adf:ea87:0:b0:31d:da82:a3b4 with SMTP id s7csp613603wrm;
 Thu, 21 Sep 2023 10:39:23 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IH/jvo6cRHu5XaFajhVl7Y2Ko38shfiCOu7FLGfkT1VlILzliuy++KYMyL7vsAhWnnsFwA7
X-Received: by 2002:a05:622a:1792:b0:417:a645:982f with SMTP id
 s18-20020a05622a179200b00417a645982fmr6123749qtk.29.1695317963454;
 Thu, 21 Sep 2023 10:39:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695317963; cv=none;
 d=google.com; s=arc-20160816;
 b=p8GUi/U9tc/5sWlzY52b7vN+eZsAmvcIEmF6pQ6mpFkeFwDzgKdVVKLmO5Mk07N0Kq
 cL3yEGuMZZknjWQqnudybj4G9pHxJ2NhpYwJyjlR8KAJcsRpu/Ap+zXT0Tj+KUuHBN/F
 pvnerTmdc4FScrF6SMPP1heY1AO20BAaaf/ij9k0BTUQtJ2Jiw3jxRuc8tubbUnPuZfd
 eI74h0wdcHkYNS61TebWmhqAj8Lf4nZK9dSSLc75DQbMDd9c/wqO1+WIeq8L0+rcm04g
 CFVczyM5GB4padgkl8QiLPF7xmP3fcD8QyzSka8XI7kR8MHZvzx867KOh9aYipdKNI/t
 p5hg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:to:from
 :dkim-signature;
 bh=LcRcGJor0MGZo2nDNYWDJWZqyFuxFvZG3QWQOj74XxU=;
 fh=PnYt+qEB9tAfMKoqBm2xjKOFpYyFFGPudh5cVIoieJM=;
 b=xkoxt0FpqWvzmx+JST5iBtNC25x7lGhHXzv7v5ThjCDgH38/3mmg9J5+fb4KFldITd
 z+4VSS0K9nLwlLwvuJWWu1GqTZbKtQJMSVCWUDjHQMcs+reiTJIN9MTwVPDANtxhB8it
 2jCdc0d3iOtupl/Cxv9r76NLIXqEXHIVnrBy810YwdapmlwtxgD6fdV4rGBWZd/n0izD
 8QsUV0IcZwAPp0Aqh7k/w8N47ghQHTzkFo9t9YbsWz3KfTHQtddtRqLpDuFyY+f7SpVp
 YxAtx2CaV8lWWBpnyf20eCQUAm6X/+8VdBRBU9CiHUwkypxNN9aFCAeKAsrVjUgwr4vO
 3+Dg==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=XrJhHkiN;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 d10-20020ac85d8a000000b00412058a36a5si1215968qtx.299.2023.09.21.10.39.23
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Thu, 21 Sep 2023 10:39:23 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=XrJhHkiN;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1qjNcV-00026S-2v; Thu, 21 Sep 2023 13:37:43 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)
 id 1qjNcN-00021m-PI
 for qemu-devel@nongnu.org; Thu, 21 Sep 2023 13:37:35 -0400
Received: from mail-wm1-x32b.google.com ([2a00:1450:4864:20::32b])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)
 id 1qjNcJ-0007g8-Hi
 for qemu-devel@nongnu.org; Thu, 21 Sep 2023 13:37:35 -0400
Received: by mail-wm1-x32b.google.com with SMTP id
 5b1f17b1804b1-4050bd2e33aso13260055e9.2
 for <qemu-devel@nongnu.org>; Thu, 21 Sep 2023 10:37:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1695317850; x=1695922650; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=LcRcGJor0MGZo2nDNYWDJWZqyFuxFvZG3QWQOj74XxU=;
 b=XrJhHkiNVxyKdF4f8if7UKsMRY55Tk786NL2B6cf18fRRNcXXRJWnUxG3WV17EhbZ8
 uixAf9UeI+4qAnWr+DYghG2FHltSipVs3zAP25CKYxaUm3YkP31FGplq8Wl1ssTWi9z+
 0hQT/433wTRlRIfMgoUK+rIC1DEHOmdwoKCimRs4qhIirmHwR1fgf9IPe3XXacH1pR8B
 7tQbXKsz8Dzs7uffTNUcGpRlkAyImuMEGs4rZ6rxig6/hTPedLXxAbWPYnZ6SBzjeRV7
 tsbtoBo8F7ptNlazFKumxzvrZLp0nYaPry+7zwLgkZkKqghIIi3w33FchMcO8f7W5cq4
 icmQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1695317850; x=1695922650;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=LcRcGJor0MGZo2nDNYWDJWZqyFuxFvZG3QWQOj74XxU=;
 b=DdF1CFq1skURxHfs5vC/3QzetmMlCxH6J3Z08ZLJZlwkACbIUiRCCxZ4wJZl+aXLp3
 TPdszBI7+XSVH714HkXalopG7vftRJlBaPZciWt9GfADyCnqW2VhMz1R5qektFcVDWbV
 OfjZH4uRNNTdXwAad8QmdLJbyTVLvVdCG8tRb6lFPCBaqNf1+QBSHtxf+/BmWoAvNRBn
 KzzYI986ScT0MNNuL1C5mp6MWDrMeNWMD5hp+aNzxPGyQuLkoK/9odQP506dq9X5OMx1
 QA+nhJt3zGDcho9NN05yp5HO6HUMVgDSjgpySswuEOkWDGtX0tc8KJ/wBfplR6qb1WSV
 puMQ==
X-Gm-Message-State: AOJu0YzpLS74VpciOliP9OdRTQ/3rr9JPngTaqt/q5/dqOMayiE08fjs
 QF9mXaTph8VDAZE3xhoiV+dShUqXejGqLtykd6Q=
X-Received: by 2002:a05:600c:46c6:b0:405:36d7:4582 with SMTP id
 q6-20020a05600c46c600b0040536d74582mr1722741wmo.15.1695317850070;
 Thu, 21 Sep 2023 10:37:30 -0700 (PDT)
Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2])
 by smtp.gmail.com with ESMTPSA id
 m14-20020a7bce0e000000b003feff926fc5sm2464122wmc.17.2023.09.21.10.37.29
 for <qemu-devel@nongnu.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 21 Sep 2023 10:37:29 -0700 (PDT)
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PULL 16/30] target/arm: Implement MTE tag-checking functions for
 FEAT_MOPS
Date: Thu, 21 Sep 2023 18:37:06 +0100
Message-Id: <20230921173720.3250581-17-peter.maydell@linaro.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20230921173720.3250581-1-peter.maydell@linaro.org>
References: <20230921173720.3250581-1-peter.maydell@linaro.org>
MIME-Version: 1.0
Received-SPF: pass client-ip=2a00:1450:4864:20::32b;
 envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32b.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

The FEAT_MOPS instructions need a couple of helper routines that
check for MTE tag failures:
 * mte_mops_probe() checks whether there is going to be a tag
   error in the next up-to-a-page worth of data
 * mte_check_fail() is an existing function to record the fact
   of a tag failure, which we need to make global so we can
   call it from helper-a64.c

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230912140434.1333369-7-peter.maydell@linaro.org
---
 target/arm/internals.h      | 28 +++++++++++++++++++
 target/arm/tcg/mte_helper.c | 54 +++++++++++++++++++++++++++++++++++--
 2 files changed, 80 insertions(+), 2 deletions(-)

diff --git a/target/arm/internals.h b/target/arm/internals.h
index 5f5393b25c4..a70a7fd50f6 100644
--- a/target/arm/internals.h
+++ b/target/arm/internals.h
@@ -1272,6 +1272,34 @@ FIELD(MTEDESC, SIZEM1, 12, SIMD_DATA_BITS - 12)  /* size - 1 */
 bool mte_probe(CPUARMState *env, uint32_t desc, uint64_t ptr);
 uint64_t mte_check(CPUARMState *env, uint32_t desc, uint64_t ptr, uintptr_t ra);
 
+/**
+ * mte_mops_probe: Check where the next MTE failure is for a FEAT_MOPS operation
+ * @env: CPU env
+ * @ptr: start address of memory region (dirty pointer)
+ * @size: length of region (guaranteed not to cross a page boundary)
+ * @desc: MTEDESC descriptor word (0 means no MTE checks)
+ * Returns: the size of the region that can be copied without hitting
+ *          an MTE tag failure
+ *
+ * Note that we assume that the caller has already checked the TBI
+ * and TCMA bits with mte_checks_needed() and an MTE check is definitely
+ * required.
+ */
+uint64_t mte_mops_probe(CPUARMState *env, uint64_t ptr, uint64_t size,
+                        uint32_t desc);
+
+/**
+ * mte_check_fail: Record an MTE tag check failure
+ * @env: CPU env
+ * @desc: MTEDESC descriptor word
+ * @dirty_ptr: Failing dirty address
+ * @ra: TCG retaddr
+ *
+ * This may never return (if the MTE tag checks are configured to fault).
+ */
+void mte_check_fail(CPUARMState *env, uint32_t desc,
+                    uint64_t dirty_ptr, uintptr_t ra);
+
 static inline int allocation_tag_from_addr(uint64_t ptr)
 {
     return extract64(ptr, 56, 4);
diff --git a/target/arm/tcg/mte_helper.c b/target/arm/tcg/mte_helper.c
index 303bcc7fd84..1cb61cea7af 100644
--- a/target/arm/tcg/mte_helper.c
+++ b/target/arm/tcg/mte_helper.c
@@ -617,8 +617,8 @@ static void mte_async_check_fail(CPUARMState *env, uint64_t dirty_ptr,
 }
 
 /* Record a tag check failure.  */
-static void mte_check_fail(CPUARMState *env, uint32_t desc,
-                           uint64_t dirty_ptr, uintptr_t ra)
+void mte_check_fail(CPUARMState *env, uint32_t desc,
+                    uint64_t dirty_ptr, uintptr_t ra)
 {
     int mmu_idx = FIELD_EX32(desc, MTEDESC, MIDX);
     ARMMMUIdx arm_mmu_idx = core_to_aa64_mmu_idx(mmu_idx);
@@ -991,3 +991,53 @@ uint64_t HELPER(mte_check_zva)(CPUARMState *env, uint32_t desc, uint64_t ptr)
  done:
     return useronly_clean_ptr(ptr);
 }
+
+uint64_t mte_mops_probe(CPUARMState *env, uint64_t ptr, uint64_t size,
+                        uint32_t desc)
+{
+    int mmu_idx, tag_count;
+    uint64_t ptr_tag, tag_first, tag_last;
+    void *mem;
+    bool w = FIELD_EX32(desc, MTEDESC, WRITE);
+    uint32_t n;
+
+    mmu_idx = FIELD_EX32(desc, MTEDESC, MIDX);
+    /* True probe; this will never fault */
+    mem = allocation_tag_mem_probe(env, mmu_idx, ptr,
+                                   w ? MMU_DATA_STORE : MMU_DATA_LOAD,
+                                   size, MMU_DATA_LOAD, true, 0);
+    if (!mem) {
+        return size;
+    }
+
+    /*
+     * TODO: checkN() is not designed for checks of the size we expect
+     * for FEAT_MOPS operations, so we should implement this differently.
+     * Maybe we should do something like
+     *   if (region start and size are aligned nicely) {
+     *      do direct loads of 64 tag bits at a time;
+     *   } else {
+     *      call checkN()
+     *   }
+     */
+    /* Round the bounds to the tag granule, and compute the number of tags. */
+    ptr_tag = allocation_tag_from_addr(ptr);
+    tag_first = QEMU_ALIGN_DOWN(ptr, TAG_GRANULE);
+    tag_last = QEMU_ALIGN_DOWN(ptr + size - 1, TAG_GRANULE);
+    tag_count = ((tag_last - tag_first) / TAG_GRANULE) + 1;
+    n = checkN(mem, ptr & TAG_GRANULE, ptr_tag, tag_count);
+    if (likely(n == tag_count)) {
+        return size;
+    }
+
+    /*
+     * Failure; for the first granule, it's at @ptr. Otherwise
+     * it's at the first byte of the nth granule. Calculate how
+     * many bytes we can access without hitting that failure.
+     */
+    if (n == 0) {
+        return 0;
+    } else {
+        return n * TAG_GRANULE - (ptr - tag_first);
+    }
+}