From c189447b5b9d5629fe7f983c2af81ffe8b62f0fa Mon Sep 17 00:00:00 2001 From: Tariq Kurd Date: Fri, 20 Dec 2024 15:05:51 +0000 Subject: [PATCH] clarify PCC fault vs instruction access fault (#495) fixes https://github.com/riscv/riscv-cheri/issues/494 @tomaird the diff is a bit confused as a renumbered the notes below the table the only real addition is the new note number 1 --- src/riscv-integration.adoc | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/src/riscv-integration.adoc b/src/riscv-integration.adoc index a232febd..6867ef11 100644 --- a/src/riscv-integration.adoc +++ b/src/riscv-integration.adoc @@ -710,7 +710,7 @@ _Reserved_ |Priority |Exc.Code |Description |_Highest_ |3 |Instruction address breakpoint | .>|*{cheri_excep_mcause}* .<|*Prior to instruction address translation:* + -*CHERI fault due to PCC checks (tag, execute permission, invalid address and bounds)* +*CHERI fault due to PCC checks (tag, execute permission, invalid address and bounds^1^)* | .>|12, 1 .<|During instruction address translation: + First encountered page fault or access fault | .>|1 .<|With physical address for instruction: + @@ -736,19 +736,22 @@ Load/store/AMO address breakpoint Optionally: + Load/store/AMO address misaligned | .>|13, 15, 5, 7 .<|During address translation for an explicit memory access: + -First encountered *CHERI PTE page fault*^12^, page fault or access fault +First encountered *CHERI PTE page fault*^23^, page fault or access fault | .>|5,7 .<|With physical address for an explicit memory access: + Load/store/AMO access fault | .>|4,6 .<|If not higher priority: + .>|_Lowest_ .>|13 .<|If not higher priority: + -CHERI load PTE fault^3^ +CHERI load PTE fault^4^ |=== -^1^ The higher priority CHERI <> page fault covers capability loads or atomics where the loaded tag _is not_ checked, and all capability stores and atomics where the stored tag is set. +^1^ PCC bounds are intended to be checked against all the bytes of fetched instructions. + In the case of variable length instruction encoding, and that the fetch has failed to return any data, then only a minimum length instruction is checked against the PCC bounds. -^2^ CHERI <> page fault exceptions have the same priority against access faults as normal RISC-V page faults. If a normal RISC-V page fault _and_ a CHERI <> fault are both detected simultaneously, then both are recorded as shown in <>. +^2^ The higher priority CHERI <> page fault covers capability loads or atomics where the loaded tag _is not_ checked, and all capability stores and atomics where the stored tag is set. -^3^ The lower priority <> fault only covers capability loads and atomics where the loaded tag _is_ checked. +^3^ CHERI <> page fault exceptions have the same priority against access faults as normal RISC-V page faults. If a normal RISC-V page fault _and_ a CHERI <> fault are both detected simultaneously, then both are recorded as shown in <>. + +^4^ The lower priority <> fault only covers capability loads and atomics where the loaded tag _is_ checked. NOTE: The full details of the CHERI exceptions with cause value {cheri_excep_mcause} are in xref:cheri_exception_combs_descriptions[xrefstyle=short].