Rename NULL_XOR_MASK to MEM_XOR_MASK

The latter makes it more obvious that this is the value intended to be
xored with values loaded from/stored to memory. A follow-up commit will
change this to be zero for Morello as it should have always been.

The old name is still provided with a deprecation warning.

cheri_compressed_cap_128.h

@@ -148,7 +148,7 @@ _CC_STATIC_ASSERT_SAME(CC128_MANTISSA_WIDTH, CC128_FIELD_EXP_ZERO_BOTTOM_SIZE);
 #include "cheri_compressed_cap_common.h"
 
 // Sanity-check mask is the expected NULL encoding
-_CC_STATIC_ASSERT_SAME(CC128_NULL_XOR_MASK, UINT64_C(0x00001ffffc018004));
+_CC_STATIC_ASSERT_SAME(CC128_MEM_XOR_MASK, UINT64_C(0x00001ffffc018004));
 
 __attribute__((deprecated("Use cc128_compress_raw"))) static inline uint64_t
 compress_128cap_without_xor(const cc128_cap_t* csp) {

cheri_compressed_cap_128m.h

@@ -182,7 +182,7 @@ _CC_STATIC_ASSERT_SAME(CC128M_MANTISSA_WIDTH, CC128M_FIELD_EXP_ZERO_BOTTOM_SIZE)
 #include "cheri_compressed_cap_common.h"
 
 // Sanity-check mask is the expected NULL encoding
-_CC_STATIC_ASSERT_SAME(CC128M_NULL_XOR_MASK, UINT64_C(0x0000000040070007));
+_CC_STATIC_ASSERT_SAME(CC128M_MEM_XOR_MASK, UINT64_C(0x0000000040070007));
 
 #define CC128M_FIELD(name, last, start) _CC_FIELD(name, last, start)
 #define CC128M_ENCODE_FIELD(value, name) _CC_ENCODE_FIELD(value, name)

cheri_compressed_cap_64.h

@@ -136,7 +136,7 @@ _CC_STATIC_ASSERT_SAME(CC64_MANTISSA_WIDTH, CC64_FIELD_EXP_ZERO_BOTTOM_SIZE);
 #include "cheri_compressed_cap_common.h"
 
 // Sanity-check mask is the expected NULL encoding
-_CC_STATIC_ASSERT_SAME(CC64_NULL_XOR_MASK, UINT32_C(0x7c302));
+_CC_STATIC_ASSERT_SAME(CC64_MEM_XOR_MASK, UINT32_C(0x7c302));
 
 #define CC64_FIELD(name, last, start) _CC_FIELD(name, last, start)
 #define CC64_ENCODE_FIELD(value, name) _CC_ENCODE_FIELD(value, name)

cheri_compressed_cap_common.h

@@ -70,7 +70,8 @@ enum {
                         _CC_ENCODE_FIELD(_CC_N(NULL_EXP) >> _CC_N(FIELD_EXPONENT_LOW_PART_SIZE), EXPONENT_HIGH_PART) |
                         _CC_ENCODE_FIELD(_CC_N(NULL_EXP) & _CC_N(FIELD_EXPONENT_LOW_PART_MAX_VALUE), EXPONENT_LOW_PART),
     // We mask on store/load so this invisibly keeps null 0 whatever we choose it to be.
-    _CC_N(NULL_XOR_MASK) = _CC_N(NULL_PESBT),
+    _CC_N(MEM_XOR_MASK) = _CC_N(NULL_PESBT),
+    _CC_N(NULL_XOR_MASK) __attribute__((deprecated("Use _MEM_XOR_MASK instead"))) = _CC_N(MEM_XOR_MASK),
 };
 #pragma GCC diagnostic pop
 
@@ -291,7 +292,7 @@ static inline _cc_bounds_bits _cc_N(extract_bounds_bits)(_cc_addr_t pesbt) {
         // So, I cheated by inverting E on memory load (to match the rest of CHERI), which Morello does not do.
         // This means parts of B and T are incorrectly inverted. So invert back again.
 #ifdef CC_IS_MORELLO
-        pesbt ^= _CC_N(NULL_XOR_MASK);
+        pesbt ^= _CC_N(MEM_XOR_MASK);
 #endif
         result.E = 0;
         L_msb = 0;
@@ -456,7 +457,7 @@ static inline void _cc_N(decompress_raw)(_cc_addr_t pesbt, _cc_addr_t cursor, bo
  * Decompress a 128-bit capability.
  */
 static inline void _cc_N(decompress_mem)(uint64_t pesbt, uint64_t cursor, bool tag, _cc_cap_t* cdp) {
-    _cc_N(decompress_raw)(pesbt ^ _CC_N(NULL_XOR_MASK), cursor, tag, cdp);
+    _cc_N(decompress_raw)(pesbt ^ _CC_N(MEM_XOR_MASK), cursor, tag, cdp);
 }
 
 static inline bool _cc_N(is_cap_sealed)(const _cc_cap_t* cp) { return _cc_N(get_otype)(cp) != _CC_N(OTYPE_UNSEALED); }
@@ -492,7 +493,7 @@ static inline _cc_addr_t _cc_N(compress_raw)(const _cc_cap_t* csp) {
 }
 
 static inline _cc_addr_t _cc_N(compress_mem)(const _cc_cap_t* csp) {
-    return _cc_N(compress_raw)(csp) ^ _CC_N(NULL_XOR_MASK);
+    return _cc_N(compress_raw)(csp) ^ _CC_N(MEM_XOR_MASK);
 }
 
 static bool _cc_N(fast_is_representable_new_addr)(const _cc_cap_t* cap, _cc_addr_t new_addr);

test/sail_wrapper_128m.c

@@ -77,7 +77,7 @@ static inline uint64_t extract_sail_cap_bits(sail_cap_bits* bits, uint64_t start
 /* Exported API */
 struct cc128m_bounds_bits sail_extract_bounds_bits_128m(uint64_t pesbt) {
     // We have to XOR the pesbt bits here since the Morello sail model does not invert on load/store.
-    lbits sailcap = to_sail_cap(pesbt ^ CC128M_NULL_XOR_MASK, 0, false);
+    lbits sailcap = to_sail_cap(pesbt ^ CC128M_MEM_XOR_MASK, 0, false);
     struct cc128m_bounds_bits result = {.E = sailgen_CapGetExponent(sailcap),
                                         .B = sailgen_CapGetBottom(sailcap),
                                         .T = sailgen_CapGetTop(sailcap),

test/sail_wrapper_common.c

@@ -131,7 +131,7 @@ static lbits to_sail_cap(uint64_t mem_pesbt, uint64_t mem_cursor, bool tag) {
 }
 
 static lbits cap_t_to_sail_cap(const _cc_cap_t* c) {
-    return to_sail_cap(c->cr_pesbt ^ _CC_N(NULL_XOR_MASK), c->_cr_cursor, c->cr_tag);
+    return to_sail_cap(c->cr_pesbt ^ _CC_N(MEM_XOR_MASK), c->_cr_cursor, c->cr_tag);
 }
 
 /* Exported API */
@@ -168,7 +168,7 @@ static _cc_cap_t from_sail_cap(const lbits* sail_cap) {
     _cc_N(update_flags)(&result, 0);
     _cc_N(update_uperms)(&result, 0);
     // Morello sail does not include the XOR, so we have to apply it here to match the C compression library.
-    result.cr_pesbt = extract_bits(*sail_cap, 64, 64) ^ _CC_N(NULL_XOR_MASK);
+    result.cr_pesbt = extract_bits(*sail_cap, 64, 64) ^ _CC_N(MEM_XOR_MASK);
     return result;
 }
 
@@ -181,7 +181,7 @@ _cc_cap_t _cc_sail_decode_mem(uint64_t mem_pesbt, uint64_t mem_cursor, bool tag)
 
 _cc_cap_t _cc_sail_decode_raw(uint64_t mem_pesbt, uint64_t mem_cursor, bool tag) {
     // Morello RAW has no mask. If this has been masked, undo it.
-    return _cc_sail_decode_mem(mem_pesbt ^ _CC_N(NULL_XOR_MASK), mem_cursor, tag);
+    return _cc_sail_decode_mem(mem_pesbt ^ _CC_N(MEM_XOR_MASK), mem_cursor, tag);
 }
 
 uint64_t sail_compress_common_mem(const _cc_cap_t* csp) {
@@ -194,7 +194,7 @@ uint64_t sail_compress_common_mem(const _cc_cap_t* csp) {
 
 uint64_t sail_compress_common_raw(const _cc_cap_t* csp) {
     // Morello sail does not include the XOR, so we have to apply it here to match the C compression library.
-    return sail_compress_common_mem(csp) ^ _CC_N(NULL_XOR_MASK);
+    return sail_compress_common_mem(csp) ^ _CC_N(MEM_XOR_MASK);
 }
 
 #else

test/simple_test_common.cpp

@@ -29,7 +29,7 @@ TEST_CASE("Compressed NULL cap encodes to zeroes", "[nullcap]") {
     auto pesbt_from_sail_without_xor = _cc_sail_compress_raw(&null_cap);
     CHECK(pesbt_without_xor == pesbt_from_sail_without_xor);
     fprintf(stderr, "NULL ENCODED: 0x%llx\n", (long long)pesbt_without_xor);
-    CHECK(pesbt_without_xor == _CC_N(NULL_XOR_MASK));
+    CHECK(pesbt_without_xor == _CC_N(MEM_XOR_MASK));
     check(pesbt, (_cc_addr_t)0, "compressing NULL should result in zero pesbt");
     _cc_cap_t decompressed;
     memset(&decompressed, 'b', sizeof(decompressed));
@@ -121,7 +121,7 @@ TEST_CASE("Check make_max_perms_cap() sets cr_exp correctly", "[sail]") {
 TEST_CASE("Check NULL mask matches sail", "[sail]") {
 #ifndef TEST_CC_IS_MORELLO // TODO: currently incorrectly inverted in the C code
     CHECK(_cc_sail(null_pesbt)() == _CC_N(NULL_PESBT));
-    CHECK(_cc_sail(null_pesbt)() == _CC_N(NULL_XOR_MASK));
+    CHECK(_cc_sail(null_pesbt)() == _CC_N(MEM_XOR_MASK));
 #endif
 }
 
@@ -131,7 +131,7 @@ TEST_CASE("Check reset PESBT matches sail", "[sail]") {
 #ifndef TEST_CC_IS_MORELLO // TODO: currently incorrectly inverted in the C code
     // reset_pesbt returns the internal "raw" pesbt value rather than the in-memory representation
     CHECK(_cc_sail(reset_pesbt)() == _CC_N(RESET_PESBT));
-    CHECK(TestAPICC::compress_mem(reset_cap) == (_CC_N(RESET_PESBT) ^ _CC_N(NULL_XOR_MASK)));
+    CHECK(TestAPICC::compress_mem(reset_cap) == (_CC_N(RESET_PESBT) ^ _CC_N(MEM_XOR_MASK)));
 #endif
     fprintf(stderr, "Decompressed reset cap:\n");
     dump_cap_fields(stderr, reset_cap);