tests/tcg/aarch64/pauth-2.c

   1 #include <stdint.h>
   2 #include <assert.h>
   3
   4 void do_test(uint64_t value)
   5 {
   6     uint64_t salt1, salt2;
   7     uint64_t encode, decode;
   8
   9     /*
  10      * With TBI enabled and a 48-bit VA, there are 7 bits of auth,
  11      * and so a 1/128 chance of encode = pac(value,key,salt) producing
  12      * an auth for which leaves value unchanged.
  13      * Iterate until we find a salt for which encode != value.
  14      */
  15     for (salt1 = 1; ; salt1++) {
  16         asm volatile("pacda %0, %2" : "=r"(encode) : "0"(value), "r"(salt1));
  17         if (encode != value) {
  18             break;
  19         }
  20     }
  21
  22     /* A valid salt must produce a valid authorization.  */
  23     asm volatile("autda %0, %2" : "=r"(decode) : "0"(encode), "r"(salt1));
  24     assert(decode == value);
  25
  26     /*
  27      * An invalid salt usually fails authorization, but again there
  28      * is a chance of choosing another salt that works.
  29      * Iterate until we find another salt which does fail.
  30      */
  31     for (salt2 = salt1 + 1; ; salt2++) {
  32         asm volatile("autda %0, %2" : "=r"(decode) : "0"(encode), "r"(salt2));
  33         if (decode != value) {
  34             break;
  35         }
  36     }
  37
  38     /* The VA bits, bit 55, and the TBI bits, should be unchanged.  */
  39     assert(((decode ^ value) & 0xff80ffffffffffffull) == 0);
  40
  41     /*
  42      * Bits [54:53] are an error indicator based on the key used;
  43      * the DA key above is keynumber 0, so error == 0b01.  Otherwise
  44      * bit 55 of the original is sign-extended into the rest of the auth.
  45      */
  46     if ((value >> 55) & 1) {
  47         assert(((decode >> 48) & 0xff) == 0b10111111);
  48     } else {
  49         assert(((decode >> 48) & 0xff) == 0b00100000);
  50     }
  51 }
  52
  53 int main()
  54 {
  55     do_test(0);
  56     do_test(0xda004acedeadbeefull);
  57     return 0;
  58 }