Linux s390 Architecture development
 help / color / mirror / Atom feed
From: Ilya Leoshkevich <iii@linux.ibm.com>
To: freude@linux.ibm.com
Cc: richard.henderson@linaro.org, david@kernel.org, thuth@redhat.com,
	berrange@redhat.com, qemu-s390x@nongnu.org,
	qemu-devel@nongnu.org,
	linux390-list@tuxmaker.boeblingen.de.ibm.com,
	linux-s390@vger.kernel.org, dengler@linux.ibm.com,
	borntraeger@linux.ibm.com, fcallies@linux.ibm.com,
	cohuck@redhat.com
Subject: Re: [PATCH v8 01/18] target/s390x: Fix wrong address handling in address loops
Date: Tue, 30 Jun 2026 12:54:36 +0200	[thread overview]
Message-ID: <9cbb2f6f-c80e-4ba8-a307-4f640f64a8a5@linux.ibm.com> (raw)
In-Reply-To: <a6e637d07024e0ff8a457500110e225f@linux.ibm.com>



On 6/30/26 12:23, Harald Freudenberger wrote:
> On 2026-06-30 11:33, Ilya Leoshkevich wrote:
>> On 6/29/26 14:57, Harald Freudenberger wrote:
>>> On 2026-06-24 14:56, Ilya Leoshkevich wrote:
>>>> On 6/24/26 10:09, Harald Freudenberger wrote:
>>>>> With the introduction of the address wrapping function
>>>>> wrap_address() the result can't be used to walk the
>>>>> source address any more. So introduce a new local variable
>>>>> to hold the wrapped address to avoid mixing source and
>>>>> wrapped address value.
>>>>>
>>>>> Fixes: fcc2699d41 ("target/s390x: Have MSA helper pass a mmu_idx 
>>>>> argument")
>>>>> Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
>>>>> ---
>>>>>   target/s390x/tcg/crypto_helper.c | 16 ++++++++--------
>>>>>   1 file changed, 8 insertions(+), 8 deletions(-)
>>>>
>>>> If I take as an example AMODE 24 and look at the third loop iteration,
>>>> with the current code in master I would get:
>>>>
>>>>     ((((addr & 0xffffff) + 8) & 0xffffff) + 8) & 0xffffff
>>>>
>>>> and with your patch it would be:
>>>>
>>>>     (addr + 8 + 8) & 0xffffff
>>>>
>>>> which is undeniably more elegant, but otherwise looks equivalent to me.
>>>>
>>>> What is the functional issue here?
>>>>
>>>>> diff --git a/target/s390x/tcg/crypto_helper.c b/target/s390x/tcg/ 
>>>>> crypto_helper.c
>>>>> index ae392bce0e..29ad2aff43 100644
>>>>> --- a/target/s390x/tcg/crypto_helper.c
>>>>> +++ b/target/s390x/tcg/crypto_helper.c
>>>>> @@ -126,8 +126,8 @@ static void sha512_read_icv(CPUS390XState *env, 
>>>>> const int mmu_idx,
>>>>>       const MemOpIdx oi = make_memop_idx(MO_BE | MO_64 | MO_UNALN, 
>>>>> mmu_idx);
>>>>>         for (int i = 0; i < 8; i++, addr += 8) {
>>>>> -        addr = wrap_address(env, addr);
>>>>> -        a[i] = cpu_ldq_mmu(env, addr, oi, ra);
>>>>> +        uint64_t _addr = wrap_address(env, addr);
>>>>> +        a[i] = cpu_ldq_mmu(env, _addr, oi, ra);
>>>>>       }
>>>>>   }
>>>>
>>>> [...]
>>>
>>> It is a fix, not an improvement. The original code
>>> used the addr variable to hold the wrapped address.
>>> But as addr is also used as the loop variable there
>>> is a mixing between unwrapped and wrapped address here
>>> and the unfixed code only works when wrap_address does
>>> return the very same address as output as it became as
>>> input. My fix corrects this.
>>
>> What does the patch change w.r.t. wrapping?
>> Suppose we have amode 24 and addr = 0xfffff0:
>>
>> Before:
>>
>>   i = 0; addr = wrap(0xfffff0) = 0xfffff0;
>>          a[0] = ldq(0xfffff0);
>>   i = 1; addr = wrap(0xfffff0 + 8) = 0xfffff8;
>>          a[1] = ldq(0xfffff8);
>>   i = 2; addr = wrap(0xfffff8 + 8) = 0;
>>          a[2] = ldq(0);
>>   i = 3; addr = wrap(0 + 8) = 8;
>>          a[3] = ldq(8);
>>
>> After:
>>
>>   i = 0; addr = 0xfffff0;
>>          _addr = wrap(0xfffff0) = 0xfffff0;
>>          a[0] = ldq(0xfffff0)
>>   i = 1; addr = 0xfffff0 + 8;
>>          _addr = wrap(0xfffff8) = 0xfffff8;
>>          a[1] = ldq(0xfffff8);
>>   i = 2; addr = 0xfffff8 + 8 = 0x1000000
>>          _addr = wrap(0x1000000) = 0;
>>          a[2] = ldq(0);
>>   i = 3; addr = 0x1000000 + 8 = 0x1000008;
>>          _addr = wrap(0x1000008) = 8;
>>          a[3] = ldq(8);
>>
>> The behavior look identical to me.
>> What am I missing?
> 
> Lets assume addr is some 0x1000 and wrap does just add some offset, e.g. 
> 0x8000
> 
> for (int i = 0; i < 8; i++, addr += 8) {
>      addr = wrap_address(env, addr);
>      fetch or write something at the wrapped address addr;
> }
> 
> Then the idea of this loop is to run through addr 0x1000 ... 0x103F.
> 1. loop with i=0 and addr 0x1000
> 2. loop with i=1 and addr 0x1000 + 8
> 3. loop with i=2 and addr 0x1000 + 8 + 8
> 4. loop with i=3 and addr 0x1000 + 8 + 8 + 8
> 5. loop with i=4 and addr 0x1000 + 8 + 8 + 8 + 8
> 6. loop with i=5 and addr 0x1000 + 8 + 8 + 8 + 8 + 8
> 7. loop with i=6 and addr 0x1000 + 8 + 8 + 8 + 8 + 8 + 8
> 8. loop with i=7 and addr 0x1000 + 8 + 8 + 8 + 8 + 8 + 8 + 8
> 
> BUT the given code does something different. As the addr is used in the 
> loop
> to hold the wrapped address this loop in fact does:
> 1. loop with i=0 and addr 0x1000 - all fine, but as addr = 
> wrap_address() at the
>     end of the loop now addr is 0x1000 + 0x8000 = 0x9000, so next loop 
> starts with
> 2. loop with i=1 and addr 0x9000 + 8
>     and at the end of the loop addr is 0x9008 + 0x8000 = 0x11008 and 
> next loop starts
> 3. loop with i=2 and addr 0x11008 + 8
>     ...
> 
> So introducing an intermediate variable which holds the wrapped address
> makes sure the surrounding addr walk in the loop does as intended.

Ah, now I see where we were talking past each other, thanks for the
clarification. You assume that wrap_address() may do arbitrary
transformations, like addition in your example above. But today it does
only bitwise "and", as defined by the architecture:

static inline uint64_t wrap_address(CPUS390XState *env, uint64_t a)
{
     if (!(env->psw.mask & PSW_MASK_64)) {
         if (!(env->psw.mask & PSW_MASK_32)) {
             /* 24-Bit mode */
             a &= 0x00ffffff;
         } else {
             /* 31-Bit mode */
             a &= 0x7fffffff;
         }
     }
     return a;
}

and I believe in this specific case the order doesn't matter.

  reply	other threads:[~2026-06-30 10:54 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-24  8:09 [PATCH v8 00/18] target/s390x: Extend qemu CPACF support Harald Freudenberger
2026-06-24  8:09 ` [PATCH v8 01/18] target/s390x: Fix wrong address handling in address loops Harald Freudenberger
2026-06-24 10:05   ` Philippe Mathieu-Daudé
2026-06-25  7:31     ` Harald Freudenberger
2026-06-25 10:37       ` Philippe Mathieu-Daudé
2026-06-29 12:43         ` Harald Freudenberger
2026-06-29 12:26     ` Harald Freudenberger
2026-06-24 12:56   ` Ilya Leoshkevich
2026-06-29 12:57     ` Harald Freudenberger
2026-06-30  9:33       ` Ilya Leoshkevich
2026-06-30 10:23         ` Harald Freudenberger
2026-06-30 10:54           ` Ilya Leoshkevich [this message]
2026-06-30 14:19             ` Philippe Mathieu-Daudé
2026-07-01  7:42               ` Harald Freudenberger
2026-07-01  8:52                 ` Ilya Leoshkevich
2026-06-24  8:09 ` [PATCH v8 02/18] target/s390x: Rework s390 cpacf implementations Harald Freudenberger
2026-06-24 14:27   ` Ilya Leoshkevich
2026-06-24  8:10 ` [PATCH v8 03/18] target/s390x: Move cpacf sha512 code into a new file Harald Freudenberger
2026-06-24 10:07   ` Philippe Mathieu-Daudé
2026-06-24 14:30   ` Ilya Leoshkevich
2026-06-24  8:10 ` [PATCH v8 04/18] target/s390x: Support cpacf sha256 Harald Freudenberger
2026-06-24 14:39   ` Ilya Leoshkevich
2026-06-24  8:10 ` [PATCH v8 05/18] target/s390x: Support AES ECB for cpacf km instruction Harald Freudenberger
2026-06-24 17:13   ` Ilya Leoshkevich
2026-06-24  8:10 ` [PATCH v8 06/18] target/s390x: Support AES CBC for cpacf kmc instruction Harald Freudenberger
2026-06-24 17:22   ` Ilya Leoshkevich
2026-06-30 13:59     ` Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 07/18] target/s390x: Support AES CTR for cpacf kmctr instruction Harald Freudenberger
2026-06-24 17:26   ` Ilya Leoshkevich
2026-06-25  7:17     ` Harald Freudenberger
2026-06-30 13:58     ` Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 08/18] target/s390x: Minimal AES XTS support for cpacf pcc instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 09/18] target/s390x: Support AES XTS for cpacf km instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 10/18] target/s390x: Support pckmo encrypt AES subfunctions Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 11/18] target/s390x: Support protected key AES ECB for cpacf km instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 12/18] target/s390x: Support protected key AES CBC for cpacf kmc instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 13/18] target/s390x: Support protected key AES CTR for cpacf kmctr instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 14/18] target/s390x: Minimal protected key AES XTS support for cpacf pcc instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 15/18] target/s390x: Support protected key AES XTS for cpacf km instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 16/18] docs/s390: Document CPACF instructions support Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 17/18] crypto: Add aes-helpers file to support some AES modes Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 18/18] target/s390x: Use generic AES helper functions Harald Freudenberger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9cbb2f6f-c80e-4ba8-a307-4f640f64a8a5@linux.ibm.com \
    --to=iii@linux.ibm.com \
    --cc=berrange@redhat.com \
    --cc=borntraeger@linux.ibm.com \
    --cc=cohuck@redhat.com \
    --cc=david@kernel.org \
    --cc=dengler@linux.ibm.com \
    --cc=fcallies@linux.ibm.com \
    --cc=freude@linux.ibm.com \
    --cc=linux-s390@vger.kernel.org \
    --cc=linux390-list@tuxmaker.boeblingen.de.ibm.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-s390x@nongnu.org \
    --cc=richard.henderson@linaro.org \
    --cc=thuth@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox