mte-7.c - cachepc-qemu - Fork of AMDESE/qemu with changes for cachepc side-channel attack

	cachepc-qemu Fork of AMDESE/qemu with changes for cachepc side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-qemu
	Log \| Files \| Refs \| Submodules \| LICENSE \| sfeed.txt

mte-7.c (713B)

      1/*
      2 * Memory tagging, unaligned access crossing pages.
      3 * https://gitlab.com/qemu-project/qemu/-/issues/403
      4 *
      5 * Copyright (c) 2021 Linaro Ltd
      6 * SPDX-License-Identifier: GPL-2.0-or-later
      7 */
      8
      9#include "mte.h"
     10
     11int main(int ac, char **av)
     12{
     13    void *p;
     14
     15    enable_mte(PR_MTE_TCF_SYNC);
     16    p = alloc_mte_mem(2 * 0x1000);
     17
     18    /* Tag the pointer. */
     19    p = (void *)((unsigned long)p | (1ul << 56));
     20
     21    /* Store tag in sequential granules. */
     22    asm("stg %0, [%0]" : : "r"(p + 0x0ff0));
     23    asm("stg %0, [%0]" : : "r"(p + 0x1000));
     24
     25    /*
     26     * Perform an unaligned store with tag 1 crossing the pages.
     27     * Failure dies with SIGSEGV.
     28     */
     29    asm("str %0, [%0]" : : "r"(p + 0x0ffc));
     30    return 0;
     31}