Closed ingallsj closed 1 month ago
I think it should be the same behavior as if it was a load or store – i.e., usually the PMM settings for the current privilege mode, or the effective privilege mode as per MPRV and SPVP.
We discussed today that we should add a similar Note for SFENCE.* as what is written for HLV/HSV: https://github.com/riscv/riscv-j-extension/blob/e108fc489cf4f9c5be48e509ce0f96879e782afa/zjpm/instructions.adoc?plain=1#L30-L33
In consultation with the Architecture Review Committee, a decision was reached that these instructions should not apply pointer masking altogether. The rationale is as follows:
Applying pointer masking to SFENCE.* creates a scenario where supervisor code can map an executable code region by modifying the page table, but not apply an SFENCE to it.
Since operating systems are already expected to untag user pointers in software, and since SFENCE often occurs in page fault handlers where the address is already untagged, it was determined that SFENCE., HFENCE., SINVAL., or HINVAL. should not apply pointer masking and code should manually untag addresses before passing them to one of these instructions.
The spec was updated accordingly (654a5c4).
The Pointer Masking spec describes
and
but which PMM should a SFENCE.* instruction select when executed from, say, M-mode?