Possible ISA incompliance in PMP #392
Labels
Component:RTL
For issues in the RTL (e.g. for files in the rtl directory)
Type:Bug
For bugs in the RTL, Documentation, Verification environment or Tool and Build system
WAIVED:CV32E40P
Issue does not impact a major release of CV32E40P and is waived
Hi,
I possibly found behaviour in the PMP that is not compliant with the Privileged ISA Specification.
The current implementation (if I understand it correctly) first checks for each rule if it is enabled and if the R/W permissions of the rule fit the write enable signal of the current access. In case the rule permits the requested access, it is checked whether the access matches the rule's region. (See the following code snippet, lines 577 - 582:)
If at least one region is matched this way, the access is granted and no error is raised. If no region is matched and the current privilege level is not machine mode, the PMP raises an error and denies the access. (See lines 644 - 668:)
This behaviour is not compliant with the Privileged ISA Specification (20190608-Priv-MSU-Ratified) in the following two points:
The same issues exist analogously for instruction accesses.
For a fix, the region matching could be conducted independently of the permission checking for each rule. In this way, the result from the permission checking of the highest priority match could be used to determine whether the access is granted or denied - even if the result is negative.
The text was updated successfully, but these errors were encountered: