PCC does not grant store permission before PTE checks

src/cheri-pte-ext.adoc

@@ -36,8 +36,9 @@ The CW bit indicates whether writing capabilities with tag set to the virtual
 page is permitted. Two schemes to manage the CW bit are permitted:
 
 * A store page fault exception is raised when a capability store or AMO
-instruction is executed, the <<pcc>> grants store capability permission and the
-store address corresponds to a virtual page with the CW bit clear.
+instruction is executed, the authorizing capability grants <<w_perm>> and
+<<c_perm>>, and the store address corresponds to a virtual page with the CW bit
+clear.
 * When a capability store or AMO instruction is executed, the implementation
 clears the tag bit of the capability written to a virtual page with the CW bit
 clear.
@@ -52,11 +53,11 @@ strongly encouraged, but not required, to support CD. If supported, two schemes
 to manage the CD bit are permitted:
 
 * A store page fault exception is raised when a capability store or AMO
-instruction is executed, the <<pcc>> grants store capability permission, the
-tag bit of the capability being written is set and the address written
-corresponds to a virtual page with the CD bit clear.
-* When a capability store or AMO instruction is executed, the <<pcc>> grants store
-capability permission, the tag bit of the capability being written is set and
+instruction is executed, the authorizing capability grants <<w_perm>> and
+<<c_perm>>, the tag bit of the capability being written is set and the address
+written corresponds to a virtual page with the CD bit clear.
+* When a capability store or AMO instruction is executed, the authorizing
+capability grants <<w_perm>> and <<c_perm>>, the tag bit of the capability being written is set and
 the store address corresponds to a virtual page with the CD bit clear, the
 implementation sets the corresponding bit in the PTE. The PTE update must be
 atomic with respect to other accesses to the PTE, and must atomically check