On Mon, 18 May 2026 at 17:16, Torbjörn SVENSSON
<[email protected]> wrote:
>
> This commit adds the pointer authentication instructions from the Arm
> v8.1-m PACBTI extension.
> While the instructions are properly recognized, they are all NOPs.
>
> Signed-off-by: Torbjörn SVENSSON <[email protected]>
I think it's worth mentioning in the commit message that we previously
decoded these as SMMLA, and that changing what we do is OK because
for v7A and v8A these SMMLA etc encodings say that Rd == 0b1111 is
UNPREDICTABLE.
> ---
> target/arm/tcg/t32.decode | 21 +++++++++++++---
> target/arm/tcg/translate.c | 62
> ++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 80 insertions(+), 3 deletions(-)
>
> diff --git a/target/arm/tcg/t32.decode b/target/arm/tcg/t32.decode
> index 49b8d0037e..a885eed101 100644
> --- a/target/arm/tcg/t32.decode
> +++ b/target/arm/tcg/t32.decode
> @@ -263,6 +263,7 @@ BFCI 1111 0011 011 0 .... 0 ... .... ..0.....
> @bfi
> @s0_rnadm .... .... .... rn:4 ra:4 rd:4 .... rm:4 &s_rrrr s=0
> @s0_rn0dm .... .... .... rn:4 .... rd:4 .... rm:4 &s_rrrr ra=0
> s=0
> @rnadm .... .... .... rn:4 ra:4 rd:4 .... rm:4 &rrrr
> +@rna0m .... .... .... rn:4 ra:4 .... .... rm:4 &rrrr rd=0
> @rn0dm .... .... .... rn:4 .... rd:4 .... rm:4 &rrrr ra=0
> @rndm .... .... .... rn:4 .... rd:4 .... rm:4 &rrr
> @rdm .... .... .... .... .... rd:4 .... rm:4 &rr
> @@ -319,9 +320,18 @@ SMLALDX 1111 1011 1100 .... .... .... 1101 ....
> @rnadm
> SMLSLD 1111 1011 1101 .... .... .... 1100 .... @rnadm
> SMLSLDX 1111 1011 1101 .... .... .... 1101 .... @rnadm
>
> -SMMLA 1111 1011 0101 .... .... .... 0000 .... @rnadm
> -SMMLAR 1111 1011 0101 .... .... .... 0001 .... @rnadm
> -SMMLS 1111 1011 0110 .... .... .... 0000 .... @rnadm
> +{
> + AUTG 1111 1011 0101 .... .... 1111 0000 .... @rna0m
> + SMMLA 1111 1011 0101 .... .... .... 0000 .... @rnadm
> +}
> +{
> + BXAUT 1111 1011 0101 .... .... 1111 0001 .... @rna0m
> + SMMLAR 1111 1011 0101 .... .... .... 0001 .... @rnadm
> +}
> +{
> + PACG 1111 1011 0110 .... 1111 .... 0000 .... @rndm
> + SMMLS 1111 1011 0110 .... .... .... 0000 .... @rnadm
> +}
> SMMLSR 1111 1011 0110 .... .... .... 0001 .... @rnadm
>
> SDIV 1111 1011 1001 .... 1111 .... 1111 .... @rndm
> @@ -375,6 +385,11 @@ CLZ 1111 1010 1011 ---- 1111 .... 1000 ....
> @rdm
> # SEVL 1111 0011 1010 1111 1000 0000 0000 0101
>
> ESB 1111 0011 1010 1111 1000 0000 0001 0000
> +
> + # v8.1-m PACBTI extention
> + AUT 1111 0011 1010 1111 1000 0000 0010 1101
> + PAC 1111 0011 1010 1111 1000 0000 0001 1101
> + PACBTI 1111 0011 1010 1111 1000 0000 0000 1101
> ]
>
> # The canonical nop ends in 0000 0000, but the whole rest
> diff --git a/target/arm/tcg/translate.c b/target/arm/tcg/translate.c
> index c744b16345..ae1351ef03 100644
> --- a/target/arm/tcg/translate.c
> +++ b/target/arm/tcg/translate.c
> @@ -5012,6 +5012,68 @@ static bool trans_SMMLSR(DisasContext *s, arg_rrrr *a)
> return op_smmla(s, a, true, true);
> }
>
> +static bool trans_PAC(DisasContext *s, arg_empty *a)
> +{
> + if (!arm_dc_feature(s, ARM_FEATURE_V8_1M)) {
> + return false;
> + }
> +
> + /* Handle as if PACBTI is disabled. */
> + return true;
> +}
I think the patchset would be clearer if we implemented
the insns (in whatever combinations make sense) in the same
patches as we add their decode, rather than adding decode
only in one patch and then implementation later.
thanks
-- PMM
