From 69d5a5c36a603876dfee8a3c267133a5475e9f54 Mon Sep 17 00:00:00 2001 From: Tariq Kurd Date: Fri, 9 Feb 2024 13:49:28 +0000 Subject: [PATCH 1/3] replace null-cap CSR reset values with a tag clear --- src/csv/CHERI_CSR.csv | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/csv/CHERI_CSR.csv b/src/csv/CHERI_CSR.csv index 36b2d98b..748b68ae 100644 --- a/src/csv/CHERI_CSR.csv +++ b/src/csv/CHERI_CSR.csv @@ -1,15 +1,15 @@ "Extended CSR","CLEN Address","Alias","XLEN Address","Mode","Permissions","Reset Value","Action on XLEN write","Action on CLEN write","Executable Vector","Data Pointer","Unseal On Execution","Store full metadata","Zcheri_legacy","Zcheri_purecap","Prerequisites","Description","","","","","","","","","","","","","","","","","","","","","" -"dpcc","0x7b9","dpc","0x7b1","D","DRW, <>","<>","Apply <>. +"dpcc","0x7b9","dpc","0x7b1","D","DRW, <>","tag=0, otherwise undefined","Apply <>. Always update the CSR with <> even if the address didn't change.","Apply <> and update the CSR with the result if the address changed, direct write if address didn't change","✔","","✔","","✔","✔","Sdext","Debug Program Counter Capability","","","","","","","","","","","","","","","","","","","","","" -"dscratch0c","0x7ba","dscratch0","0x7b2","D","DRW, <>","<>","Update the CSR using <>.","direct write","","","","✔","✔","✔","Sdext","Debug Scratch Capability 0","","","","","","","","","","","","","","","","","","","","","" -"dscratch1c","0x7bb","dscratch1","0x7b3","D","DRW, <>","<>","Update the CSR using <>.","direct write","","","","✔","✔","✔","Sdext","Debug Scratch Capability 1","","","","","","","","","","","","","","","","","","","","","" +"dscratch0c","0x7ba","dscratch0","0x7b2","D","DRW, <>","tag=0, otherwise undefined","Update the CSR using <>.","direct write","","","","✔","✔","✔","Sdext","Debug Scratch Capability 0","","","","","","","","","","","","","","","","","","","","","" +"dscratch1c","0x7bb","dscratch1","0x7b3","D","DRW, <>","tag=0, otherwise undefined","Update the CSR using <>.","direct write","","","","✔","✔","✔","Sdext","Debug Scratch Capability 1","","","","","","","","","","","","","","","","","","","","","" "mtvecc","0x765","mtvec","0x305","M","MRW, <>","<>","Apply <>. Always update the CSR with <> even if the address didn't change, including the MODE field in the address for simplicity. Vector range check ^*^ if vectored mode is programmed.","Apply <>. Always update the CSR with <> even if the address didn't change, including the MODE field in the address for simplicity. Vector range check ^*^ if vectored mode is programmed.","✔","","","","✔","✔","M-mode","Machine Trap-Vector Base-Address Capability","","","","","","","","","","","","","","","","","","","","","" -"mscratchc","0x760","mscratch","0x340","M","MRW, <>","<>","Update the CSR using <>.","direct write","","","","✔","✔","✔","M-mode","Machine Scratch Capability","","","","","","","","","","","","","","","","","","","","","" +"mscratchc","0x760","mscratch","0x340","M","MRW, <>","tag=0, otherwise undefined","Update the CSR using <>.","direct write","","","","✔","✔","✔","M-mode","Machine Scratch Capability","","","","","","","","","","","","","","","","","","","","","" "mepcc","0x761","mepc","0x341","M","MRW, <>","<>","Apply <>. Always update the CSR with <> even if the address didn't change.","Apply <> and update the CSR with the result if the address changed, direct write if address didn't change","✔","","✔","","✔","✔","M-mode","Machine Exception Program Counter Capability","","","","","","","","","","","","","","","","","","","","","" @@ -18,16 +18,16 @@ Always update the CSR with <> even if the address didn't change, inclu Vector range check ^*^ if vectored mode is programmed.","Apply <>. Always update the CSR with <> even if the address didn't change, including the MODE field in the address for simplicity. Vector range check ^*^ if vectored mode is programmed.","✔","","","","✔","✔","S-mode","Supervisor Trap-Vector Base-Address Capability","","","","","","","","","","","","","","","","","","","","","" -"sscratchc","0x540","sscratch","0x140","S","SRW, <>","<>","Update the CSR using <>.","direct write","","","","✔","✔","✔","S-mode","Supervisor Scratch Capability","","","","","","","","","","","","","","","","","","","","","" +"sscratchc","0x540","sscratch","0x140","S","SRW, <>","tag=0, otherwise undefined","Update the CSR using <>.","direct write","","","","✔","✔","✔","S-mode","Supervisor Scratch Capability","","","","","","","","","","","","","","","","","","","","","" "sepcc","0x541","sepc","0x141","S","SRW, <>","<>","Apply <>. Always update the CSR with <> even if the address didn't change.","Apply <> and update the CSR with the result if the address changed, direct write if address didn't change","✔","","✔","","✔","✔","S-mode","Supervisor Exception Program Counter Capability","","","","","","","","","","","","","","","","","","","","","" "jvtc","0x417","jvt","0x017","U","URW","<>","Apply <>. Always update the CSR with <> even if the address didn't change.","Apply <> and update the CSR with the result if the address changed, direct write if address didn't change","✔","","","","✔","✔","Zcmt","Jump Vector Table Capability","","","","","","","","","","","","","","","","","","","","","" -"dddc","0x7bc","","","D","DRW, <>","<>","","","","✔","","","✔","","Sdext","Debug Default Data Capabilty (saved/restored on debug mode entry/exit)","","","","","","","","","","","","","","","","","","","","","" -"mtdc","0x74c","","","M","MRW, <>","<>","","","","","","","✔","","M-mode","Machine Trap Data Capability (scratch register)","","","","","","","","","","","","","","","","","","","","","" -"stdc","0x163","","","S","SRW, <>","<>","","","","","","","✔","","S-mode","Supervisor Trap Data Capability (scratch register)","","","","","","","","","","","","","","","","","","","","","" +"dddc","0x7bc","","","D","DRW, <>","tag=0, otherwise undefined","","","","✔","","","✔","","Sdext","Debug Default Data Capabilty (saved/restored on debug mode entry/exit)","","","","","","","","","","","","","","","","","","","","","" +"mtdc","0x74c","","","M","MRW, <>","tag=0, otherwise undefined","","","","","","","✔","","M-mode","Machine Trap Data Capability (scratch register)","","","","","","","","","","","","","","","","","","","","","" +"stdc","0x163","","","S","SRW, <>","tag=0, otherwise undefined","","","","","","","✔","","S-mode","Supervisor Trap Data Capability (scratch register)","","","","","","","","","","","","","","","","","","","","","" "ddc","0x416","","","U","URW","<>","","","","✔","","","✔","","none","User Default Data Capability","","","","","","","","","","","","","","","","","","","","","" "pcc","0xcb0","","","U","URO","<> (address = boot address)","","","✔","","","","✔","✔","none","User Program Counter Capability (to allow reading in legacy mode)","","","","","","","","","","","","","","","","","","","","","" From 7a5ee45aaa23e05dcce28135eb22a8f45b5e2f31 Mon Sep 17 00:00:00 2001 From: Tariq Kurd Date: Mon, 12 Feb 2024 13:24:52 +0000 Subject: [PATCH 2/3] Update text to show correct CSR reset values --- src/debug-integration.adoc | 14 +++++++++----- src/riscv-cheri.adoc | 2 ++ src/riscv-integration.adoc | 4 +++- src/riscv-legacy-integration.adoc | 15 ++++++++++----- 4 files changed, 24 insertions(+), 11 deletions(-) diff --git a/src/debug-integration.adoc b/src/debug-integration.adoc index 88cbffc4..b2edd2bb 100644 --- a/src/debug-integration.adoc +++ b/src/debug-integration.adoc @@ -39,7 +39,9 @@ include::img/dpcreg.edn[] ==== Debug Program Counter Capability (dpcc) The <> register is a extension to <> that is able to hold a -capability. Its reset value is the <> capability. +capability. + +{TAG_RESET_CSR} .Debug program counter capability include::img/dpccreg.edn[] @@ -67,8 +69,9 @@ its mode, permissions, sealing or bounds. The <> register is as defined in cite:[riscv-debug-spec]. It is an optional DXLEN-bit scratch register that can be used by implementations which -need it. Its reset value is the <> capability. <> is -extended into <>. +need it. <> is extended into <>. + +{TAG_RESET_CSR} .Debug scratch 0 register include::img/dscratch0reg.edn[] @@ -88,8 +91,9 @@ include::img/dscratch0creg.edn[] The <> register is as defined in cite:[riscv-debug-spec]. It is an optional DXLEN-bit scratch register that can be used by implementations which -need it. Its reset value is the <> capability. <> is -extended into <>. +need it. <> is extended into <>. + +{TAG_RESET_CSR} .Debug scratch 0 register include::img/dscratch1reg.edn[] diff --git a/src/riscv-cheri.adoc b/src/riscv-cheri.adoc index e6b0b6a0..b41196a0 100644 --- a/src/riscv-cheri.adoc +++ b/src/riscv-cheri.adoc @@ -62,6 +62,8 @@ endif::[] :non-csrrw-or: <>, <>, <>, <> or <> :non-csrrw-and: <>, <>, <>, <> and <> +:TAG_RESET_CSR: The tag of the CSR must be reset to zero. The reset values of the metadata and address fields are UNSPECIFIED. + /////////////////////////////////////////////////////////////////////////////// // Cap definitions /////////////////////////////////////////////////////////////////////////////// diff --git a/src/riscv-integration.adoc b/src/riscv-integration.adoc index c371a293..2f677009 100644 --- a/src/riscv-integration.adoc +++ b/src/riscv-integration.adoc @@ -545,7 +545,9 @@ include::img/mscratchreg.edn[] ==== Machine Scratch Register Capability (mscratchc) The <> register is an extension to <> that is able to hold -a capability. Its reset value is the <> capability. +a capability. + +{TAG_RESET_CSR} It is not WARL, all capability fields must be implemented. diff --git a/src/riscv-legacy-integration.adoc b/src/riscv-legacy-integration.adoc index c5933bb6..803a2e0c 100644 --- a/src/riscv-legacy-integration.adoc +++ b/src/riscv-legacy-integration.adoc @@ -226,10 +226,11 @@ shown in xref:legacy-csrnames-added[xrefstyle=short]. [#dddc,reftext="dddc"] === Debug Default Data Capability (dddc) -<> is a register that is able to hold a capability. Its reset value is -the <> capability. The address is shown in +<> is a register that is able to hold a capability. The address is shown in xref:legacy-csrnames-added[xrefstyle=short]. +{TAG_RESET_CSR} + .Debug default data capability include::img/dddcreg.edn[] @@ -327,7 +328,10 @@ hardware register (i.e. CLEN bits) to correctly decode capability bounds. The <> register is capability width read/write register dedicated for use by machine mode. Typically, it is used to hold a data capability to a -machine-mode hart-local context space, to load into <>. <>'s reset +machine-mode hart-local context space, to load into <>. + +{TAG_RESET_CSR} + value is the <> capability. .Machine-mode trap data capability register @@ -352,8 +356,9 @@ CHERI execution mode is Capability. When CME=0, the mode is Legacy. The <> register is capability width read/write register dedicated for use by supervisor mode. Typically, it is used to hold a data capability to -a supervisor-mode hart-local context space, to load into <>. <>'s -reset value is the <> capability. +a supervisor-mode hart-local context space, to load into <>. + +{TAG_RESET_CSR} .Supervisor trap data capability register (*stdc*) include::img/stdcreg.edn[] From 0a0b442953090fe8ca6242a13a89a140221ea458 Mon Sep 17 00:00:00 2001 From: Tariq Kurd Date: Mon, 12 Feb 2024 17:36:34 +0000 Subject: [PATCH 3/3] correct mepcc, sepcc, sscratchc reset values --- src/riscv-integration.adoc | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/riscv-integration.adoc b/src/riscv-integration.adoc index 2f677009..a21b6c0a 100644 --- a/src/riscv-integration.adoc +++ b/src/riscv-integration.adoc @@ -567,7 +567,7 @@ include::img/mepcreg.edn[] ==== Machine Exception Program Counter Capability (mepcc) The <> register is an extension to <> that is able to hold a -capability. Its reset value is the <> capability. +capability. Its reset value is the <> capability. .Machine exception program counter capability register include::img/mepccreg.edn[] @@ -858,7 +858,9 @@ include::img/sscratchreg.edn[] ==== Supervisor Scratch Registers (sscratchc) The <> register is an extension to <> that is able to hold -a capability. Its reset value is the <> capability. +a capability. + +{TAG_RESET_CSR} It is not WARL, all capability fields must be implemented. @@ -878,7 +880,7 @@ include::img/sepcreg.edn[] ==== Supervisor Exception Program Counter Capability (sepcc) The <> register is an extension to <> that is able to hold a -capability. Its reset value is the <> capability. +capability. Its reset value is the <> capability. As shown in xref:CSR_exevectors[xrefstyle=short], <> is an executable vector, so it need not be able to hold all possible invalid addresses.