From afaea6a291698c3f9da1280fa20d8c871b3cfef9 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Thu, 13 Jun 2019 16:16:56 -0400 Subject: [PATCH] target/arm: Fix output of PAuth Auth The ARM pseudocode installs the error_code into the original pointer, not the encrypted pointer. The difference applies within the 7 bits of pac data; the result should be the sign extension of bit 55. Add a testcase to that effect. Backports commit d67ebada159148bfdfde84871338738e4465e985 from qemu --- qemu/target/arm/pauth_helper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/qemu/target/arm/pauth_helper.c b/qemu/target/arm/pauth_helper.c index 7f30ae73..d3194f20 100644 --- a/qemu/target/arm/pauth_helper.c +++ b/qemu/target/arm/pauth_helper.c @@ -344,9 +344,9 @@ static uint64_t pauth_auth(CPUARMState *env, uint64_t ptr, uint64_t modifier, if (unlikely(extract64(test, bot_bit, top_bit - bot_bit))) { int error_code = (keynumber << 1) | (keynumber ^ 1); if (param.tbi) { - return deposit64(ptr, 53, 2, error_code); + return deposit64(orig_ptr, 53, 2, error_code); } else { - return deposit64(ptr, 61, 2, error_code); + return deposit64(orig_ptr, 61, 2, error_code); } } return orig_ptr;