Open leBsky opened 1 month ago
tyshyu
commented
1 month ago From my perspective, it doesn't need to check the IOPMP entries, because the behavior of the IOPMP is not changed if the IOPMP additionally checks IOPMP entries. As for error record in IOPMP, I think the error record should be record when the first error is happened and settings for error record is enable. Therefore, the error record is also not changed if the IOPMP additionally checks IOPMP entries.
leBsky
commented
1 month ago From my perspective, it doesn't need to check the IOPMP entries, because the behavior of the IOPMP is not changed if the IOPMP additionally checks IOPMP entries. As for error record in IOPMP, I think the error record should be record when the first error is happened and settings for error record is enable. Therefore, the error record is also not changed if the IOPMP additionally checks IOPMP entries.
Assume it is not required to check IOPMP entries in this case, then the interrupt or error response or error record behavior will only be controlled by ERR_CFG register. The Entry_CFG should have no influence on the behavior of interrupt, error response and error record.
tyshyu
commented
1 month ago From my perspective, it doesn't need to check the IOPMP entries, because the behavior of the IOPMP is not changed if the IOPMP additionally checks IOPMP entries. As for error record in IOPMP, I think the error record should be record when the first error is happened and settings for error record is enable. Therefore, the error record is also not changed if the IOPMP additionally checks IOPMP entries.
Assume it is not required to check IOPMP entries in this case, then the interrupt or error response or error record behavior will only be controlled by ERR_CFG register. The Entry_CFG should have no influence on the behavior of interrupt, error response and error record.
My thoughts are the same as yours.
However, the current IOPMP spec does not seem to explicitly clarify the behaviors. Only "When SPS extension is enabled, the IOPMP checks both the R/W/X and the ENTRY_CFG.r/w/x permission and follows a fail-first rule." in Chapter 5 reflects the rules we mentioned. It will be better if the behaviors will be clarified in IOPMP spec.
tyshyu
commented
1 month ago From the previous comments, interrupt, bus error response and error record behavior of SRCMD_R/W only be controlled by ERR_CFG register. It can not be controlled locally. I am not sure if it should be controlled only by ERR_CFG register, or there are additional options.
I have opened discussion about this in IOPMP TG mailing list in the following link: https://lists.riscv.org/g/tech-iopmp/message/320
tyshyu
commented
1 month ago My previous comments are not accurate.
From the message in IOPMP TG mailing list (https://lists.riscv.org/g/tech-iopmp/message/323). IOPMP should check permission on both the SRCMD table and entries.
leBsky
commented
1 month ago My previous comments are not accurate.
From the message in IOPMP TG mailing list (https://lists.riscv.org/g/tech-iopmp/message/323). IOPMP should check permission on both the SRCMD table and entries.
Let's consider the following case
Do I understand correctly?
tyshyu
commented
4 weeks ago According to the messages in IOPMP TG mailing list, I have the same understanding as you.
leBsky
commented
3 days ago According to the messages in IOPMP TG mailing list, I have the same understanding as you.
See the formula here, If SPS check fails and IOPMP entry check passes with suppressing bits of all the matched IOPMP entries set, then the interrupt will still be suppressed, Which is different from what talked before. Before we thought when SPS check fails and IOPMP entry check passes, then the interrupt/bus error/error record behavior are controlled only by ERR_CFG but the formula in Spec indicates that ENTRY_CFG should still be considered in this case.
I think in this case we should only refer to ERR_CFG because from the perspective of IOPMP entry, the transaction is allowed so the local control for interrupt/bus error/error record should not work. Then, some notes are needed in the Spec to make it for clear.
When IOPMP/SPS is implemented, is is said in spec "IOPMP/SPS shall check read and write permission on both the SRCMD table and entries, a transaction fail the IOPMP/SPS check if it violates either of the permission settings"
Since SRCMD table is looked up first then the permission from SRCMD_R/W can be checked firstly. If the permission from SRCMD_R/W are all 0, then for a read or write request, does it still need to check the IOPMP entries because it has already get a denied permission ?