search

riscv / riscv-cheri

This repository contains the CHERI extension specification, adding hardware capabilities to RISC-V ISA to enable fine-grained memory protection and scalable compartmentalization.
https://jira.riscv.org/browse/RVG-148
Creative Commons Attribution 4.0 International
56 stars 29 forks source link

Zcherilevels RV32 stripping EL clarification #428

Closed jamie-melling closed 3 weeks ago

jamie-melling commented 1 month ago

If you have a quadrant 1 capability with perms[2:0] equal to either 0-1 or 4-5 (with w-perm) and remove just EL, there are two possible outcomes, neither of which break monotonicity. Either you stay in quadrant 1 and strip C and LM to get an R, W and X capability. The other option is to create a quadrant 2 capability where you strip LM, W and X to get an R and C capability. The rules laid out in ACPERM do not cover which mutation is desired.

One other note, small spec bug in ACPERM rules. image

tariqkurd-repo commented 1 month ago

It looks like these rules need a thorough review. In https://github.com/riscv/riscv-cheri/pull/421 we default to RC permission where there is a choice, so maybe we should do the same here.

tomaird commented 1 month ago

Typo fix here: #429