add more exceptintypes to distinguish CHERI page fault types

riscv · Dec 12, 2024 · 9f436bd · 9f436bd
1 parent b9656e1
commit 9f436bd
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 9 deletions.
diff --git a/src/attributes.adoc b/src/attributes.adoc
@@ -92,6 +92,12 @@ endif::[]
 :cheri_excep_type_pcc:       0
 :cheri_excep_type_data:      1
 :cheri_excep_type_jump:      2
+//load page fault
+:cheri_excep_type_lpf:       3
+//store page fault - CRG=0
+:cheri_excep_type_spf_crg0:  4
+//store page fault - CRG=1
+:cheri_excep_type_spf_crg1:  5
 :cheri_excep_cause_tag:      0
 :cheri_excep_cause_seal:     1
 :cheri_excep_cause_perm:     2

diff --git a/src/riscv-integration.adoc b/src/riscv-integration.adoc
@@ -426,7 +426,7 @@ include::generated/csr_renamed_purecap_mode_u_table_body.adoc[]
 === Machine-Level CSRs
 
 {cheri_base_ext_name} extends some M-mode CSRs to hold capabilities or
-otherwise add new functions. <<asr-perm>> in the <<pcc>> is typically required for access.
+otherwise add new functions. <<asr_perm>> in the <<pcc>> is typically required for access.
 
 [#mstatus,reftext="mstatus"]
 ==== Machine Status Registers (mstatus and mstatush)
@@ -801,18 +801,23 @@ xref:mtval2-cheri-causes[xrefstyle=short] respectively.
 .Encoding of TYPE field
 [#mtval2-cheri-type,width=65%,float="center",align="center",options=header,cols="30%,70%"]
 |==============================================================================
-| CHERI Type Code           | Description
-| {cheri_excep_type_pcc}    | CHERI instruction fetch fault
-| {cheri_excep_type_data}   | CHERI data fault due to load, store or AMO
-| {cheri_excep_type_jump}   | CHERI jump or branch fault
-| 3-15                      | Reserved
+| CHERI Type Code             | Description
+| {cheri_excep_type_pcc}      | CHERI instruction fetch fault
+| {cheri_excep_type_data}     | CHERI data fault due to load, store or AMO
+| {cheri_excep_type_jump}     | CHERI jump or branch fault
+| {cheri_excep_type_lpf}      | CHERI <<cheri_pte_ext,PTE>> load page fault^1^
+| {cheri_excep_type_spf_crg0} | CHERI <<cheri_pte_ext,PTE>> store page fault^1^ (PTE.CRG=0)
+| {cheri_excep_type_spf_crg1} | CHERI <<cheri_pte_ext,PTE>> store page fault^1^ (PTE.CRG=1)
+| 6-15                        | Reserved
 |==============================================================================
 
+^1^ if {cheri_pte_ext_name} is implemented
+
 .Encoding of CAUSE field
 [#mtval2-cheri-causes,width=55%,float="center",align="center",options=header]
 |==============================================================================
 | CHERI Cause Code              | Description
-| {cheri_excep_cause_tag}       | Tag violation
+| {cheri_excep_cause_tag}       | Tag violation, or TYPE is a <<cheri_pte_ext,PTE>> fault
 | {cheri_excep_cause_seal}      | Seal violation
 | {cheri_excep_cause_perm}      | Permission violation
 | {cheri_excep_cause_inv_addr}  | Invalid address violation
@@ -832,7 +837,7 @@ CHERI violations have the following order in priority:
 === Supervisor-Level CSRs
 
 {cheri_base_ext_name} extends some of the existing RISC-V CSRs to be able to
-hold capabilities or with other new functions. <<asr-perm>> in the <<pcc>> is typically required for access.
+hold capabilities or with other new functions. <<asr_perm>> in the <<pcc>> is typically required for access.
 
 [#stvec,reftext="stvec"]
 ==== Supervisor Trap Vector Base Address Register (stvec)
@@ -1062,7 +1067,7 @@ NOTE: `auth_cap` is <<ddc>> for {cheri_int_mode_name} and `cs1` for {cheri_cap_m
 [#cheri_exception_combs_descriptions]
 [width="100%",options=header,cols="2,1,1,1,3,4"]
 |=========================================================================================
-| Instructions | Xcause | Xtval. TYPE | Xtval. CAUSE | Description | Check
+| Instructions | Xcause | Xtval2. TYPE | Xtval2. CAUSE | Description | Check
 6+| *All instructions have these exception checks first*
 | All | {cheri_excep_mcause} | {cheri_excep_type_pcc} | {cheri_excep_cause_tag}      | <<pcc>> tag             | not(<<pcc>>.tag)
 | All | {cheri_excep_mcause} | {cheri_excep_type_pcc} | {cheri_excep_cause_seal}     | <<pcc>> seal            | isCapSealed(<<pcc>>)^1^
@@ -1098,6 +1103,10 @@ NOTE: `auth_cap` is <<ddc>> for {cheri_int_mode_name} and `cs1` for {cheri_cap_m
 | CBO.CLEAN*, CBO.FLUSH*                         | {cheri_excep_mcause} | {cheri_excep_type_data} | {cheri_excep_cause_bounds}   |`auth_cap` bounds          | all bytes of cache block out of `auth_cap` bounds
 | CBO.INVAL*                                     | {cheri_excep_mcause} | {cheri_excep_type_pcc}  | {cheri_excep_cause_perm}     |<<pcc>> permission         | not(<<pcc>>.<<asr_perm>>)
 | capability stores                              | 6                    | N/A                     | N/A                          |capability alignment       | Misaligned capability store
+6+| *CHERI PTE Page Faults*
+| all capability loads, all capability atomics   | 13                   | {cheri_excep_type_lpf}      | 0 | Revocation sweep fault | Fault if PTE.CW=1 and PTE.CRG &#8800; <<sstatusreg_pte,sstatus>>.CRG, with an optional check on the loaded tag
+| all capability stores, all capability atomics  | 15                   | {cheri_excep_type_spf_crg0} | 0 | Revocation sweep fault | Fault if PTE.CW=0 and PTE.CRG = 0 and storing a valid tag
+| all capability stores, all capability atomics  | 15                   | {cheri_excep_type_spf_crg1} | 0 | Revocation sweep fault | Fault if PTE.CW=0 and PTE.CRG = 1 and storing a valid tag and _Svade_ is implemented
 |=========================================================================================
 
 ^1^ This check is architecturally required, but is impossible to encounter so may not required in an implementation.