Clarify wording of CRE (#474)

Extended Zcherihybrid to reflect that access is not allowed to CHERI instructions. This was previously implicit in the text, make it explicit instead. Closes: #464 Co-authored-by: Franz Fuchs <[email protected]>
riscv · Dec 11, 2024 · cec9fee · cec9fee
1 parent 8b6f7e4
commit cec9fee
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 10 deletions.
diff --git a/src/attributes.adoc b/src/attributes.adoc
@@ -65,7 +65,7 @@ endif::[]
 :non-csrrw-and:  <<CSRRWI>>, <<CSRRS>>, <<CSRRSI>>, <<CSRRC>> and <<CSRRCI>>
 
 :TAG_RESET_CSR: The tag of the CSR must be reset to zero. The reset values of the metadata and address fields are UNSPECIFIED.
-:REQUIRE_CRE_CSR: Access to this CSR is illegal if <<section_cheri_disable,CHERI register access is disabled>> for the current privilege.
+:REQUIRE_CRE_CSR: Access to this CSR is illegal if <<section_cheri_disable,CHERI register and instruction access is disabled>> for the current privilege.
 
 :CAP_MODE_VALUE: 0
 :INT_MODE_VALUE: 1

diff --git a/src/insns/require_cre.adoc b/src/insns/require_cre.adoc
@@ -1 +1 @@
-This instruction is illegal if the <<section_cheri_disable,CHERI register access is disabled>> for the current privilege.
+This instruction is illegal if the <<section_cheri_disable,CHERI register and instruction access is disabled>> for the current privilege.
diff --git a/src/riscv-hybrid-integration.adoc b/src/riscv-hybrid-integration.adoc
@@ -79,9 +79,9 @@ In both encodings:
 * Mode (M)={CAP_MODE_VALUE} indicates {cheri_cap_mode_name}.
 * Mode (M)={INT_MODE_VALUE} indicates {cheri_int_mode_name}.
 
-The current CHERI execution mode is given by the <<m_bit>> of the <<pcc>> and the <<section_cheri_disable,CHERI register access settings>> as follows:
+The current CHERI execution mode is given by the <<m_bit>> of the <<pcc>> and the <<section_cheri_disable,CHERI register and instruction access settings>> as follows:
 
-* The Mode is {cheri_cap_mode_name} when the <<m_bit>> of the <<pcc>> is {CAP_MODE_VALUE}, *and* <<section_cheri_disable,CHERI register access is enabled>> for the current privilege.
+* The Mode is {cheri_cap_mode_name} when the <<m_bit>> of the <<pcc>> is {CAP_MODE_VALUE}, *and* <<section_cheri_disable,CHERI register and instruction access is enabled>> for the current privilege.
 * Otherwise the Mode is {cheri_int_mode_name}.
 
 When the <<m_bit>> can be set, the rules defined by <<ACPERM>> must be followed.
@@ -313,7 +313,7 @@ As shown in xref:CSR_exevectors[xrefstyle=short], <<dddc>> is a data pointer,
 so it does not need to be able to hold all possible invalid addresses.
 
 [#section_cheri_disable]
-=== Disabling CHERI Registers
+=== Disabling CHERI Registers and Instructions
 
 ifdef::cheri_v9_annotations[]
 NOTE: *CHERI v9 Note:* This feature is new and different from CHERI v9's
@@ -324,7 +324,7 @@ it is not possible to disable CHERI checks completely.
 endif::[]
 
 {cheri_default_ext_name} includes functions to disable explicit access to CHERI
-registers.  The following occurs when executing code in a privilege mode that
+registers and instructions.  The following occurs when executing code in a privilege mode that
 has CHERI register access disabled:
 
 * The CHERI instructions in xref:section_cap_instructions[xrefstyle=short] and
@@ -462,8 +462,9 @@ xref:menvcfgmodereg[xrefstyle=short].
 include::img/menvcfgmodereg.edn[]
 
 The CHERI Register Enable (CRE) bit controls whether less privileged levels can
-perform explicit accesses to CHERI registers. When <<menvcfg>>.CRE=1 and <<mseccfg>>.CRE=1,
-CHERI registers can be read and written by less privileged levels. When <<menvcfg>>.CRE=0,
+perform explicit accesses to CHERI registers and execute CHERI instructions.
+When <<menvcfg>>.CRE=1 and <<mseccfg>>.CRE=1, CHERI registers can be read and
+written by less privileged levels. When <<menvcfg>>.CRE=0,
 CHERI registers are disabled in less privileged levels as described in
 xref:section_cheri_disable[xrefstyle=short].
 
@@ -495,8 +496,9 @@ xref:senvcfgreg[xrefstyle=short].
 include::img/senvcfgreg.edn[]
 
 The CHERI Register Enable (CRE) bit controls whether U-mode can perform
-explicit accesses to CHERI registers. When <<senvcfg>>.CRE=1 and <<menvcfg>>.CRE=1 and
-<<mseccfg>>.CRE=1 CHERI registers can be read and written by U-mode. When <<senvcfg>>.CRE=0,
+explicit accesses to CHERI registers and execute CHERI instructions. When
+<<senvcfg>>.CRE=1 and <<menvcfg>>.CRE=1 and <<mseccfg>>.CRE=1 CHERI registers
+can be read and written by U-mode. When <<senvcfg>>.CRE=0,
 CHERI registers are disabled in U-mode as described in
 xref:section_cheri_disable[xrefstyle=short].
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		This instruction is illegal if the <<section_cheri_disable,CHERI register access is disabled>> for the current privilege.
		This instruction is illegal if the <<section_cheri_disable,CHERI register and instruction access is disabled>> for the current privilege.