Linux s390 Architecture development
 help / color / mirror / Atom feed
From: Harald Freudenberger <freude@linux.ibm.com>
To: Ilya Leoshkevich <iii@linux.ibm.com>
Cc: richard.henderson@linaro.org, david@kernel.org, thuth@redhat.com,
	berrange@redhat.com, qemu-s390x@nongnu.org,
	qemu-devel@nongnu.org,
	linux390-list@tuxmaker.boeblingen.de.ibm.com,
	linux-s390@vger.kernel.org, dengler@linux.ibm.com,
	borntraeger@linux.ibm.com, fcallies@linux.ibm.com,
	cohuck@redhat.com
Subject: Re: [PATCH v8 01/18] target/s390x: Fix wrong address handling in address loops
Date: Tue, 30 Jun 2026 12:23:23 +0200	[thread overview]
Message-ID: <a6e637d07024e0ff8a457500110e225f@linux.ibm.com> (raw)
In-Reply-To: <6e7ce946-1128-4b2c-9520-a171bca3ceb7@linux.ibm.com>

On 2026-06-30 11:33, Ilya Leoshkevich wrote:
> On 6/29/26 14:57, Harald Freudenberger wrote:
>> On 2026-06-24 14:56, Ilya Leoshkevich wrote:
>>> On 6/24/26 10:09, Harald Freudenberger wrote:
>>>> With the introduction of the address wrapping function
>>>> wrap_address() the result can't be used to walk the
>>>> source address any more. So introduce a new local variable
>>>> to hold the wrapped address to avoid mixing source and
>>>> wrapped address value.
>>>> 
>>>> Fixes: fcc2699d41 ("target/s390x: Have MSA helper pass a mmu_idx 
>>>> argument")
>>>> Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
>>>> ---
>>>>   target/s390x/tcg/crypto_helper.c | 16 ++++++++--------
>>>>   1 file changed, 8 insertions(+), 8 deletions(-)
>>> 
>>> If I take as an example AMODE 24 and look at the third loop 
>>> iteration,
>>> with the current code in master I would get:
>>> 
>>>     ((((addr & 0xffffff) + 8) & 0xffffff) + 8) & 0xffffff
>>> 
>>> and with your patch it would be:
>>> 
>>>     (addr + 8 + 8) & 0xffffff
>>> 
>>> which is undeniably more elegant, but otherwise looks equivalent to 
>>> me.
>>> 
>>> What is the functional issue here?
>>> 
>>>> diff --git a/target/s390x/tcg/crypto_helper.c b/target/s390x/tcg/ 
>>>> crypto_helper.c
>>>> index ae392bce0e..29ad2aff43 100644
>>>> --- a/target/s390x/tcg/crypto_helper.c
>>>> +++ b/target/s390x/tcg/crypto_helper.c
>>>> @@ -126,8 +126,8 @@ static void sha512_read_icv(CPUS390XState *env, 
>>>> const int mmu_idx,
>>>>       const MemOpIdx oi = make_memop_idx(MO_BE | MO_64 | MO_UNALN, 
>>>> mmu_idx);
>>>>         for (int i = 0; i < 8; i++, addr += 8) {
>>>> -        addr = wrap_address(env, addr);
>>>> -        a[i] = cpu_ldq_mmu(env, addr, oi, ra);
>>>> +        uint64_t _addr = wrap_address(env, addr);
>>>> +        a[i] = cpu_ldq_mmu(env, _addr, oi, ra);
>>>>       }
>>>>   }
>>> 
>>> [...]
>> 
>> It is a fix, not an improvement. The original code
>> used the addr variable to hold the wrapped address.
>> But as addr is also used as the loop variable there
>> is a mixing between unwrapped and wrapped address here
>> and the unfixed code only works when wrap_address does
>> return the very same address as output as it became as
>> input. My fix corrects this.
> 
> What does the patch change w.r.t. wrapping?
> Suppose we have amode 24 and addr = 0xfffff0:
> 
> Before:
> 
>   i = 0; addr = wrap(0xfffff0) = 0xfffff0;
>          a[0] = ldq(0xfffff0);
>   i = 1; addr = wrap(0xfffff0 + 8) = 0xfffff8;
>          a[1] = ldq(0xfffff8);
>   i = 2; addr = wrap(0xfffff8 + 8) = 0;
>          a[2] = ldq(0);
>   i = 3; addr = wrap(0 + 8) = 8;
>          a[3] = ldq(8);
> 
> After:
> 
>   i = 0; addr = 0xfffff0;
>          _addr = wrap(0xfffff0) = 0xfffff0;
>          a[0] = ldq(0xfffff0)
>   i = 1; addr = 0xfffff0 + 8;
>          _addr = wrap(0xfffff8) = 0xfffff8;
>          a[1] = ldq(0xfffff8);
>   i = 2; addr = 0xfffff8 + 8 = 0x1000000
>          _addr = wrap(0x1000000) = 0;
>          a[2] = ldq(0);
>   i = 3; addr = 0x1000000 + 8 = 0x1000008;
>          _addr = wrap(0x1000008) = 8;
>          a[3] = ldq(8);
> 
> The behavior look identical to me.
> What am I missing?

Lets assume addr is some 0x1000 and wrap does just add some offset, e.g. 
0x8000

for (int i = 0; i < 8; i++, addr += 8) {
     addr = wrap_address(env, addr);
     fetch or write something at the wrapped address addr;
}

Then the idea of this loop is to run through addr 0x1000 ... 0x103F.
1. loop with i=0 and addr 0x1000
2. loop with i=1 and addr 0x1000 + 8
3. loop with i=2 and addr 0x1000 + 8 + 8
4. loop with i=3 and addr 0x1000 + 8 + 8 + 8
5. loop with i=4 and addr 0x1000 + 8 + 8 + 8 + 8
6. loop with i=5 and addr 0x1000 + 8 + 8 + 8 + 8 + 8
7. loop with i=6 and addr 0x1000 + 8 + 8 + 8 + 8 + 8 + 8
8. loop with i=7 and addr 0x1000 + 8 + 8 + 8 + 8 + 8 + 8 + 8

BUT the given code does something different. As the addr is used in the 
loop
to hold the wrapped address this loop in fact does:
1. loop with i=0 and addr 0x1000 - all fine, but as addr = 
wrap_address() at the
    end of the loop now addr is 0x1000 + 0x8000 = 0x9000, so next loop 
starts with
2. loop with i=1 and addr 0x9000 + 8
    and at the end of the loop addr is 0x9008 + 0x8000 = 0x11008 and next 
loop starts
3. loop with i=2 and addr 0x11008 + 8
    ...

So introducing an intermediate variable which holds the wrapped address
makes sure the surrounding addr walk in the loop does as intended.




  reply	other threads:[~2026-06-30 10:23 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-24  8:09 [PATCH v8 00/18] target/s390x: Extend qemu CPACF support Harald Freudenberger
2026-06-24  8:09 ` [PATCH v8 01/18] target/s390x: Fix wrong address handling in address loops Harald Freudenberger
2026-06-24 10:05   ` Philippe Mathieu-Daudé
2026-06-25  7:31     ` Harald Freudenberger
2026-06-25 10:37       ` Philippe Mathieu-Daudé
2026-06-29 12:43         ` Harald Freudenberger
2026-06-29 12:26     ` Harald Freudenberger
2026-06-24 12:56   ` Ilya Leoshkevich
2026-06-29 12:57     ` Harald Freudenberger
2026-06-30  9:33       ` Ilya Leoshkevich
2026-06-30 10:23         ` Harald Freudenberger [this message]
2026-06-30 10:54           ` Ilya Leoshkevich
2026-06-30 14:19             ` Philippe Mathieu-Daudé
2026-07-01  7:42               ` Harald Freudenberger
2026-07-01  8:52                 ` Ilya Leoshkevich
2026-06-24  8:09 ` [PATCH v8 02/18] target/s390x: Rework s390 cpacf implementations Harald Freudenberger
2026-06-24 14:27   ` Ilya Leoshkevich
2026-06-24  8:10 ` [PATCH v8 03/18] target/s390x: Move cpacf sha512 code into a new file Harald Freudenberger
2026-06-24 10:07   ` Philippe Mathieu-Daudé
2026-06-24 14:30   ` Ilya Leoshkevich
2026-06-24  8:10 ` [PATCH v8 04/18] target/s390x: Support cpacf sha256 Harald Freudenberger
2026-06-24 14:39   ` Ilya Leoshkevich
2026-06-24  8:10 ` [PATCH v8 05/18] target/s390x: Support AES ECB for cpacf km instruction Harald Freudenberger
2026-06-24 17:13   ` Ilya Leoshkevich
2026-06-24  8:10 ` [PATCH v8 06/18] target/s390x: Support AES CBC for cpacf kmc instruction Harald Freudenberger
2026-06-24 17:22   ` Ilya Leoshkevich
2026-06-30 13:59     ` Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 07/18] target/s390x: Support AES CTR for cpacf kmctr instruction Harald Freudenberger
2026-06-24 17:26   ` Ilya Leoshkevich
2026-06-25  7:17     ` Harald Freudenberger
2026-06-30 13:58     ` Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 08/18] target/s390x: Minimal AES XTS support for cpacf pcc instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 09/18] target/s390x: Support AES XTS for cpacf km instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 10/18] target/s390x: Support pckmo encrypt AES subfunctions Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 11/18] target/s390x: Support protected key AES ECB for cpacf km instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 12/18] target/s390x: Support protected key AES CBC for cpacf kmc instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 13/18] target/s390x: Support protected key AES CTR for cpacf kmctr instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 14/18] target/s390x: Minimal protected key AES XTS support for cpacf pcc instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 15/18] target/s390x: Support protected key AES XTS for cpacf km instruction Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 16/18] docs/s390: Document CPACF instructions support Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 17/18] crypto: Add aes-helpers file to support some AES modes Harald Freudenberger
2026-06-24  8:10 ` [PATCH v8 18/18] target/s390x: Use generic AES helper functions Harald Freudenberger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a6e637d07024e0ff8a457500110e225f@linux.ibm.com \
    --to=freude@linux.ibm.com \
    --cc=berrange@redhat.com \
    --cc=borntraeger@linux.ibm.com \
    --cc=cohuck@redhat.com \
    --cc=david@kernel.org \
    --cc=dengler@linux.ibm.com \
    --cc=fcallies@linux.ibm.com \
    --cc=iii@linux.ibm.com \
    --cc=linux-s390@vger.kernel.org \
    --cc=linux390-list@tuxmaker.boeblingen.de.ibm.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-s390x@nongnu.org \
    --cc=richard.henderson@linaro.org \
    --cc=thuth@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox