Skip to content

Commit

Permalink
PCC does not grant store permission before PTE checks (riscv#111)
Browse files Browse the repository at this point in the history 
Fixes riscv#107

---------

Co-authored-by: Andres Amaya Garcia <[email protected]>
  • Loading branch information
@andresag01
andresag01 and andresag01 authored Feb 15, 2024
1 parent a271449 commit 3d8d4fd
Showing 1 changed file with 8 additions and 7 deletions.
15 changes: 8 additions & 7 deletions src/cheri-pte-ext.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,9 @@ The CW bit indicates whether writing capabilities with tag set to the virtual
page is permitted. Two schemes to manage the CW bit are permitted:

* A store page fault exception is raised when a capability store or AMO
instruction is executed, the <<pcc>> grants store capability permission and the
store address corresponds to a virtual page with the CW bit clear.
instruction is executed, the authorizing capability grants <<w_perm>> and
<<c_perm>>, and the store address corresponds to a virtual page with the CW bit
clear.
* When a capability store or AMO instruction is executed, the implementation
clears the tag bit of the capability written to a virtual page with the CW bit
clear.
Expand All @@ -52,11 +53,11 @@ strongly encouraged, but not required, to support CD. If supported, two schemes
to manage the CD bit are permitted:

* A store page fault exception is raised when a capability store or AMO
instruction is executed, the <<pcc>> grants store capability permission, the
tag bit of the capability being written is set and the address written
corresponds to a virtual page with the CD bit clear.
* When a capability store or AMO instruction is executed, the <<pcc>> grants store
capability permission, the tag bit of the capability being written is set and
instruction is executed, the authorizing capability grants <<w_perm>> and
<<c_perm>>, the tag bit of the capability being written is set and the address
written corresponds to a virtual page with the CD bit clear.
* When a capability store or AMO instruction is executed, the authorizing
capability grants <<w_perm>> and <<c_perm>>, the tag bit of the capability being written is set and
the store address corresponds to a virtual page with the CD bit clear, the
implementation sets the corresponding bit in the PTE. The PTE update must be
atomic with respect to other accesses to the PTE, and must atomically check
Expand Down

0 comments on commit 3d8d4fd

Please sign in to comment.