*/
test = sextract64(ptr, bot_bit, top_bit - bot_bit);
if (test != 0 && test != -1) {
- pac ^= MAKE_64BIT_MASK(top_bit - 1, 1);
+ /*
+ * Note that our top_bit is one greater than the pseudocode's
+ * version, hence "- 2" here.
+ */
+ pac ^= MAKE_64BIT_MASK(top_bit - 2, 1);
}
/*
# Pauth Tests
ifneq ($(DOCKER_IMAGE)$(CROSS_CC_HAS_ARMV8_3),)
-AARCH64_TESTS += pauth-1 pauth-2 pauth-4
+AARCH64_TESTS += pauth-1 pauth-2 pauth-4 pauth-5
pauth-%: CFLAGS += -march=armv8.3-a
run-pauth-%: QEMU_OPTS += -cpu max
run-plugin-pauth-%: QEMU_OPTS += -cpu max
--- /dev/null
+#include <assert.h>
+
+static int x;
+
+int main()
+{
+ int *p0 = &x, *p1, *p2, *p3;
+ unsigned long salt = 0;
+
+ /*
+ * With TBI enabled and a 48-bit VA, there are 7 bits of auth, and so
+ * a 1/128 chance of auth = pac(ptr,key,salt) producing zero.
+ * Find a salt that creates auth != 0.
+ */
+ do {
+ salt++;
+ asm("pacda %0, %1" : "=r"(p1) : "r"(salt), "0"(p0));
+ } while (p0 == p1);
+
+ /*
+ * This pac must fail, because the input pointer bears an encryption,
+ * and so is not properly extended within bits [55:47]. This will
+ * toggle bit 54 in the output...
+ */
+ asm("pacda %0, %1" : "=r"(p2) : "r"(salt), "0"(p1));
+
+ /* ... so that the aut must fail, setting bit 53 in the output ... */
+ asm("autda %0, %1" : "=r"(p3) : "r"(salt), "0"(p2));
+
+ /* ... which means this equality must not hold. */
+ assert(p3 != p0);
+ return 0;
+}