From nobody Mon Feb 9 18:00:08 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (209.51.188.17 [209.51.188.17]) by mx.zohomail.com with SMTPS id 1549396239328944.2010134862127; Tue, 5 Feb 2019 11:50:39 -0800 (PST) Received: from localhost ([127.0.0.1]:39209 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gr6jo-0003k6-D6 for importer@patchew.org; Tue, 05 Feb 2019 14:50:32 -0500 Received: from eggs.gnu.org ([209.51.188.92]:52995) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gr5zd-0007sh-Rn for qemu-devel@nongnu.org; Tue, 05 Feb 2019 14:02:53 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gr5zb-0004Iq-41 for qemu-devel@nongnu.org; Tue, 05 Feb 2019 14:02:49 -0500 Received: from mail-wr1-x444.google.com ([2a00:1450:4864:20::444]:36470) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gr5zZ-00047p-Nu for qemu-devel@nongnu.org; Tue, 05 Feb 2019 14:02:46 -0500 Received: by mail-wr1-x444.google.com with SMTP id z3so4897379wrv.3 for ; Tue, 05 Feb 2019 11:02:29 -0800 (PST) Received: from zen.linaroharston ([81.128.185.34]) by smtp.gmail.com with ESMTPSA id h135sm19647406wmd.21.2019.02.05.11.02.26 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Feb 2019 11:02:26 -0800 (PST) Received: from zen.linaroharston. (localhost [127.0.0.1]) by zen.linaroharston (Postfix) with ESMTP id C4F1C1FF86; Tue, 5 Feb 2019 19:02:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=BNzh66bB0nnDDrV+CbNUUVwPZKwG8xcxSjnQQStKqsw=; b=BPSbXE2xLCn/CLUyxP81IaTGrwC8vfwknc6vEJhd0OoVBTz0ZphrrJMKW7TGSuslbh bbio1Mzy7ak8VW6VdneHvBDZVnb25zD7+Rgou0xF6lS0/jCxwewQP5UC+kD7+FSNb6NA 8gwlLESOOFHwHvjP/wpORGnjX2yKZY9h1tL220N1ISQsUsNyINHgHuDHhBGiFTcs7f+0 WGaTinFVVahvfziXC5txwUcHfF/fjr8TXOGntHZnBAoPt8mI6N8iKcxuFaSzECToBQZ+ /w6QGrwOysd07LfLMurGDGV5i371E8lvXiERrj8VKH78aI3iLfqX+qDXNZ0JbpwDE0Mt 1klA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=BNzh66bB0nnDDrV+CbNUUVwPZKwG8xcxSjnQQStKqsw=; b=AEqQ0C5XL/tRdnvhvZjoCWYQs3EoQIotVagI9E6XLAZfwbCBYKTtJCpYt7dR2mfXpU R0SaMI3jhn9JnpAbGbrhoQ/vbfhRKQXc1kxirrH1DdZzZPO4hFU2qGOkl1+laPHYovA5 qLM+emTBL48xeS3sGm5+17meC2k6GrX76nR+NFfQa9BQH7eyWbpRGTZfv68SkKrVc/34 VSxK1nZ6UQ6pHfoIWufJEvO5DlAnK07lgJcHTdB9ZNkqe3OqOoRO81SSwA4IOyS4kOt1 y5/NpBr5af1NdHqk+ci6sUXO+N6CnAy6KeVxw9TzjRaxrGwrwQW1zPnII38nM7GmpQuy P5ZQ== X-Gm-Message-State: AHQUAuaGPmvaEn4l8TN4Kx+GeF4vNgNEzR3rzEeECzIrGbMSOgXicvMX xk9vo/fbZ2npC2MChK9cx5c+Xg== X-Google-Smtp-Source: AHgI3IZC+r+/j2we20mpsx9WQT3qKAJdgMHHSM4qH2ihVqdJJjGN94fceZLZhUonPcdBABlvs2qeeQ== X-Received: by 2002:adf:f8cf:: with SMTP id f15mr4758120wrq.265.1549393348937; Tue, 05 Feb 2019 11:02:28 -0800 (PST) From: =?UTF-8?q?Alex=20Benn=C3=A9e?= To: qemu-devel@nongnu.org Date: Tue, 5 Feb 2019 19:02:24 +0000 Message-Id: <20190205190224.2198-7-alex.bennee@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190205190224.2198-1-alex.bennee@linaro.org> References: <20190205190224.2198-1-alex.bennee@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::444 Subject: [Qemu-devel] [PATCH v2 6/6] tests/tcg/aarch64: userspace system register test X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-arm@nongnu.org, =?UTF-8?q?Alex=20Benn=C3=A9e?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) This tests a bunch of registers that the kernel allows userspace to read including the CPUID registers. Signed-off-by: Alex Benn=C3=A9e --- v4 - also test for extra bits that shouldn't be exposed v5 - work around missing HWCAP_CPUID on older compilers - add more registers to test and some aarch32 regs - add more details commentary - fix up the masks (add a helper to help keep track) - add copyright header --- tests/tcg/aarch64/Makefile.target | 4 +- tests/tcg/aarch64/sysregs.c | 172 ++++++++++++++++++++++++++++++ 2 files changed, 175 insertions(+), 1 deletion(-) create mode 100644 tests/tcg/aarch64/sysregs.c diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile= .target index 08c45b8470..fb40896e7b 100644 --- a/tests/tcg/aarch64/Makefile.target +++ b/tests/tcg/aarch64/Makefile.target @@ -7,11 +7,13 @@ VPATH +=3D $(AARCH64_SRC) =20 # we don't build any of the ARM tests AARCH64_TESTS=3D$(filter-out $(ARM_TESTS), $(TESTS)) -AARCH64_TESTS+=3Dfcvt +AARCH64_TESTS+=3Dfcvt sysregs TESTS:=3D$(AARCH64_TESTS) =20 fcvt: LDFLAGS+=3D-lm =20 +sysregs: CFLAGS+=3D-march=3Darmv8.1-a+sve + run-fcvt: fcvt $(call run-test,$<,$(QEMU) $<, "$< on $(TARGET_NAME)") $(call diff-out,$<,$(AARCH64_SRC)/fcvt.ref) diff --git a/tests/tcg/aarch64/sysregs.c b/tests/tcg/aarch64/sysregs.c new file mode 100644 index 0000000000..40cf8d2877 --- /dev/null +++ b/tests/tcg/aarch64/sysregs.c @@ -0,0 +1,172 @@ +/* + * Check emulated system register access for linux-user mode. + * + * See: https://www.kernel.org/doc/Documentation/arm64/cpu-feature-registe= rs.txt + * + * Copyright (c) 2019 Linaro + * + * This work is licensed under the terms of the GNU GPL, version 2 or late= r. + * See the COPYING file in the top-level directory. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include +#include +#include +#include +#include +#include + +#ifndef HWCAP_CPUID +#define HWCAP_CPUID (1 << 11) +#endif + +int failed_bit_count; + +/* Read and print system register `id' value */ +#define get_cpu_reg(id) ({ \ + unsigned long __val =3D 0xdeadbeef; \ + asm("mrs %0, "#id : "=3Dr" (__val)); \ + printf("%-20s: 0x%016lx\n", #id, __val); \ + __val; \ + }) + +/* As above but also check no bits outside of `mask' are set*/ +#define get_cpu_reg_check_mask(id, mask) ({ \ + unsigned long __cval =3D get_cpu_reg(id); \ + unsigned long __extra =3D __cval & ~mask; \ + if (__extra) { \ + printf("%-20s: 0x%016lx\n", " !!extra bits!!", __extra); = \ + failed_bit_count++; \ + } \ +}) + +/* As above but check RAZ */ +#define get_cpu_reg_check_zero(id) ({ \ + unsigned long __val =3D 0xdeadbeef; \ + asm("mrs %0, "#id : "=3Dr" (__val)); \ + if (__val) { \ + printf("%-20s: 0x%016lx (not RAZ!)\n", #id, __val); = \ + failed_bit_count++; \ + } \ +}) + +/* Chunk up mask into 63:48, 47:32, 31:16, 15:0 to ease counting */ +#define _m(a, b, c, d) (0x ## a ## b ## c ## d ##ULL) + +bool should_fail; +int should_fail_count; +int should_not_fail_count; +uintptr_t failed_pc[10]; + +void sigill_handler(int signo, siginfo_t *si, void *data) +{ + ucontext_t *uc =3D (ucontext_t *)data; + + if (should_fail) { + should_fail_count++; + } else { + uintptr_t pc =3D (uintptr_t) uc->uc_mcontext.pc; + failed_pc[should_not_fail_count++] =3D pc; + } + uc->uc_mcontext.pc +=3D 4; +} + +int main(void) +{ + struct sigaction sa; + + /* Hook in a SIGILL handler */ + memset(&sa, 0, sizeof(struct sigaction)); + sa.sa_flags =3D SA_SIGINFO; + sa.sa_sigaction =3D &sigill_handler; + sigemptyset(&sa.sa_mask); + + if (sigaction(SIGILL, &sa, 0) !=3D 0) { + perror("sigaction"); + return 1; + } + + /* Counter values have been exposed since Linux 4.12 */ + printf("Checking Counter registers\n"); + + get_cpu_reg(ctr_el0); + get_cpu_reg(cntvct_el0); + get_cpu_reg(cntfrq_el0); + + /* HWCAP_CPUID indicates we can read feature registers, since Linux 4.= 11 */ + if (!(getauxval(AT_HWCAP) & HWCAP_CPUID)) { + printf("CPUID registers unavailable\n"); + return 1; + } else { + printf("Checking CPUID registers\n"); + } + + /* + * Some registers only expose some bits to user-space. Anything + * that is IMPDEF is exported as 0 to user-space. The _mask checks + * assert no extra bits are set. + * + * This check is *not* comprehensive as some fields are set to + * minimum valid fields - for the purposes of this check allowed + * to have non-zero values. + */ + get_cpu_reg_check_mask(id_aa64isar0_el1, _m(00ff,ffff,f0ff,fff0)); + get_cpu_reg_check_mask(id_aa64isar1_el1, _m(0000,00f0,ffff,ffff)); + /* TGran4 & TGran64 as pegged to -1 */ + get_cpu_reg_check_mask(id_aa64mmfr0_el1, _m(0000,0000,ff00,0000)); + get_cpu_reg_check_zero(id_aa64mmfr1_el1); + /* EL1/EL0 reported as AA64 only */ + get_cpu_reg_check_mask(id_aa64pfr0_el1, _m(000f,000f,00ff,0011)); + get_cpu_reg_check_mask(id_aa64pfr1_el1, _m(0000,0000,0000,00f0)); + /* all hidden, DebugVer fixed to 0x6 (ARMv8 debug architecture) */ + get_cpu_reg_check_mask(id_aa64dfr0_el1, _m(0000,0000,0000,0006)); + get_cpu_reg_check_zero(id_aa64dfr1_el1); + get_cpu_reg_check_zero(id_aa64zfr0_el1); + + get_cpu_reg_check_zero(id_aa64afr0_el1); + get_cpu_reg_check_zero(id_aa64afr1_el1); + + get_cpu_reg_check_mask(midr_el1, _m(0000,0000,ffff,ffff)); + /* mpidr sets bit 31, everything else hidden */ + get_cpu_reg_check_mask(mpidr_el1, _m(0000,0000,8000,0000)); + /* REVIDR is all IMPDEF so should be all zeros to user-space */ + get_cpu_reg_check_zero(revidr_el1); + + /* + * There are a block of more registers that are RAZ in the rest of + * the Op0=3D3, Op1=3D0, CRn=3D0, CRm=3D0,4,5,6,7 space. However for + * brevity we don't check stuff that is currently un-allocated + * here. Feel free to add them ;-) + */ + + printf("Remaining registers should fail\n"); + should_fail =3D true; + + /* Unexposed register access causes SIGILL */ + get_cpu_reg(id_mmfr0_el1); + get_cpu_reg(id_mmfr1_el1); + get_cpu_reg(id_mmfr2_el1); + get_cpu_reg(id_mmfr3_el1); + + get_cpu_reg(mvfr0_el1); + get_cpu_reg(mvfr1_el1); + + if (should_not_fail_count > 0) { + int i; + for (i =3D 0; i < should_not_fail_count; i++) { + uintptr_t pc =3D failed_pc[i]; + uint32_t insn =3D *(uint32_t *) pc; + printf("insn %#x @ %#lx unexpected FAIL\n", insn, pc); + } + return 1; + } + + if (failed_bit_count > 0) { + printf("Extra information leaked to user-space!\n"); + return 1; + } + + return should_fail_count =3D=3D 6 ? 0 : 1; +} --=20 2.20.1