-
The trigger action 0 (Raise a breakpoint exception) is legal in debug mode. This will be a problem if we:
1. enable debug for partition A
2. set trigger to raise exception in address of partition B
…
-
The current proposal has only a knob in CSR to enable debuggability for supervisor mode. It will result in privilege escalation if a domain has only U-mode application (e.g. PENGLAI TEE architecture)…
-
Some TEE OSes may have a requirement to toggle the interrupt enable bit from the REE. For instance, OPTEE calls `spin_lock_xsave()` to disable both FIQ and IRQ during some critical sections. It seems …
-
Reference: https://lists.riscv.org/g/tech-ap-tee-io/topic/103498833#47
The term instance is generally confusing, I think it is referring to the logical instance. Should be reworded in concert with …
jyao1 updated
6 months ago
-
Add PMP as an option for supervisor domain isolation:
- Add PMP as a mode in table 3.1
- When PMP mode is used, then MTT is not required and PMP is used instead for physical memory isolation betwe…
-
Hi,
A couple of questions relating to Chapter 7 (Smsdia) please.
**1**
With respect to the Supervisor Domain External Interrupt (SDEI); The current text does not contain where in the priority o…
-
Machine Debug Security Control Register (mdbgsec) is reprogrammed by M-mode software when domain switching between security domains. This approach has the following concerns:
- Context Switching pe…
-
RISC-V Trace Control Interface Specification defines the mechanism to filter trace per privilege level (trTeFilterMatchChoicePrivilege) without providing protection for vicious configuration: https://…
-
Root supervisor domain manager should be able to control which supervisor domains are allowed to be debugged.
Initial debug configuration for a supervisor domain is expected to be derived from some…
-
I think the intent of Smmtt is that data that passes PMP / MTT checks should be shared between supervisor domains based on:
`To support IO/memory sharing, a hart/device may perform accesses to memo…