target/arm: Fix AddPAC error indication

The definition of top_bit used in this function is one higher than that used in the Arm ARM psuedo-code, which put the error indication at top_bit - 1 at the wrong place, which meant that it wasn't visible to Auth. Fixing the definition of top_bit requires more changes, because its most common use is for the count of bits in top_bit:bot_bit, which would then need to be computed as top_bit - bot_bit + 1. For now, prefer the minimal fix to the error indication alone. Fixes: 63ff0ca94cb Backports commit 8796fe40dd30cd9ffd3c958906471715c923b341 from qemu
2025-01-11 02:45:32 +00:00 · 2021-02-25 23:44:24 -05:00 · 2021-02-25 23:44:24 -05:00 · ce8282d9cd
parent 4952920d4d
commit ce8282d9cd
1 changed files with 5 additions and 1 deletions
--- a/qemu/target/arm/pauth_helper.c
+++ b/qemu/target/arm/pauth_helper.c
@ -300,7 +300,11 @@ static uint64_t pauth_addpac(CPUARMState *env, uint64_t ptr, uint64_t modifier,
     */
    test = sextract64(ptr, bot_bit, top_bit - bot_bit);
    if (test != 0 && test != -1) {
-        pac ^= MAKE_64BIT_MASK(top_bit - 1, 1);
+        /*
+         * Note that our top_bit is one greater than the pseudocode's
+         * version, hence "- 2" here.
+         */
+        pac ^= MAKE_64BIT_MASK(top_bit - 2, 1);
    }

    /*