Based-on: 20190110124951.15473-1-richard.hender...@linaro.org aka the TBID patch set, which itself is based on the BTI patch set.
The full tree is available at https://github.org/rth7680/qemu.git tgt-arm-mte This extension isl also spelled MTE in the ARM. This patch set only attempts to implement linux-user emulation. For system emulation, I still miss the new cache flushing insns (easy) and the out-of-band physical memory for the allocation tags (harder). >From a few mis-steps in writing the test cases for the extension, I might suggest that some future kernel's userland ABI for this have TCR.TCMA0 = 1, so that legacy code that is *not* MTE aware can use a frame pointer without accidentally tripping left over stack tags. (As seen in patch 5, SP+OFF is unchecked per the ISA but FP+OFF is not.) OTOH, depending on the application, that does make it easier for an attack vector to clean the tag off the top of a pointer to bypass store checking. So, tricky. r~ Cc: Ramana Radhakrishnan <ramana.radhakrish...@arm.com> Cc: Will Deacon <will.dea...@arm.com> Cc: dave.mar...@arm.com Cc: szabolcs.n...@arm.com Cc: catalin.mari...@arm.com Cc: mark.rutl...@arm.com Richard Henderson (17): target/arm: Add MTE_ACTIVE to tb_flags target/arm: Extract TCMA with ARMVAParameters target/arm: Add MTE system registers target/arm: Fill in helper_mte_check target/arm: Suppress tag check for sp+offset target/arm: Implement the IRG instruction target/arm: Implement ADDG, SUBG instructions target/arm: Implement the GMI instruction target/arm: Implement the SUBP instruction target/arm: Implement LDG, STG, ST2G instructions target/arm: Implement the STGP instruction target/arm: Implement the LDGV and STGV instructions target/arm: Set PSTATE.TCO on exception entry tcg: Introduce target-specific page data for user-only target/arm: Add allocation tag storage for user-only target/arm: Enable MTE tests/tcg/aarch64: Add mte smoke tests include/exec/cpu-all.h | 10 +- target/arm/cpu.h | 18 ++ target/arm/helper-a64.h | 11 + target/arm/internals.h | 22 ++ target/arm/translate.h | 13 ++ accel/tcg/translate-all.c | 28 +++ linux-user/mmap.c | 10 +- linux-user/syscall.c | 4 +- target/arm/cpu.c | 10 + target/arm/cpu64.c | 1 + target/arm/helper.c | 99 ++++++-- target/arm/mte_helper.c | 369 ++++++++++++++++++++++++++++++ target/arm/translate-a64.c | 305 ++++++++++++++++++++---- tests/tcg/aarch64/mte-1.c | 27 +++ tests/tcg/aarch64/mte-2.c | 39 ++++ target/arm/Makefile.objs | 2 +- tests/tcg/aarch64/Makefile.target | 4 + 17 files changed, 907 insertions(+), 65 deletions(-) create mode 100644 target/arm/mte_helper.c create mode 100644 tests/tcg/aarch64/mte-1.c create mode 100644 tests/tcg/aarch64/mte-2.c -- 2.17.2