diff --git a/arch/csr/hstateen0.yaml b/arch/csr/hstateen0.yaml new file mode 100644 index 000000000..938628a2a --- /dev/null +++ b/arch/csr/hstateen0.yaml @@ -0,0 +1,219 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: hstateen0 +long_name: Hypervisor State Enable 0 Register +address: 0x60C +priv_mode: S +length: 64 +description: + - id: csr-hstateen0-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + for an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-hstateen0-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-hstateen0-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-hstateen0-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-hstateen0-encodings + normative: true + text: | + With the hypervisor extension, the `hstateen` CSRs have identical encodings to the `mstateen` CSRs, + except controlling accesses for a virtual machine (from VS and VU modes). + - id: csr-hstateen0-zero + normative: true + text: | + For every bit in an `hstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in `sstateen` when accessed in VS-mode. + - id: csr-hstateen0-read-only + normative: true + text: | + A bit in an `hstateen` CSR cannot be read-only one unless the same bit is read-only one + in the matching `mstateen` CSR. + +definedBy: + allOf: + - H + - Smstateen + - Ssstateen +fields: + SE0: + long_name: sstateen0 access control + location: 63 + description: | + The SE0 bit in `hstateen0` controls access to the `sstateen0` CSR. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].SE0 == 1'b0){ + return 0; + } + return csr_value.SE0; + ENVCFG: + long_name: senvcfg access control + location: 62 + definedBy: + name: S + version: ">= 1.11" + description: | + The ENVCFG bit in `hstateen0` controls access to the `senvcfg` CSRs. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].ENVCFG == 1'b0){ + return 0; + } + return csr_value.ENVCFG; + CSRIND: + long_name: siselect and sireg* access control + location: 60 + definedBy: Sscsrind + description: | + The CSRIND bit in `hstateen0` controls access to the `siselect` and the + `sireg*`, (really `vsiselect` and `vsireg*`) CSRs provided by the Sscsrind + extensions. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].CSRIND == 1'b0){ + return 0; + } + return csr_value.CSRIND; + AIA: + long_name: Ssaia state access control + location: 59 + definedBy: Ssaia + description: | + The AIA bit in `hstateen0` controls access to all state introduced by + the Ssaia extension and is not controlled by either the CSRIND or the + IMSIC bits of `hstateen0`. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].AIA == 1'b0){ + return 0; + } + return csr_value.AIA; + IMSIC: + long_name: IMSIC state access control + location: 58 + definedBy: Ssaia + description: | + The IMSIC bit in `hstateen0` controls access to the guest IMSIC state, + including CSRs `stopei` (really `vstopei`), provided by the Ssaia extension. + + Setting the IMSIC bit in `hstateen0` to zero prevents a virtual machine + from accessing the hart’s IMSIC the same as setting `hstatus.`VGEIN = 0. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].IMSIC == 1'b0){ + return 0; + } + return csr_value.IMSIC; + CONTEXT: + long_name: scontext access control + location: 57 + definedBy: Sdtrig + description: | + The CONTEXT bit in `hstateen0` controls access to the `scontext` CSR provided + by the Sdtrig extension. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].CONTEXT == 1'b0){ + return 0; + } + return csr_value.CONTEXT; + CTR: + long_name: ctr access control + location: 54 + description: | + If the H extension is implemented and `mstateen0.CTR=1`, the `hstateen0.CTR` bit controls access to + supervisor CTR state when V=1. This state includes `sctrctl` (really `vsctrctl`), `sctrstatus`, and `sireg*` + (really `vsireg*`) when `siselect` (really `vsiselect`) is in 0x200..0x2FF. `hstateen0.CTR` is read-only 0 when + `mstateen0.CTR=0`. + type: RW + reset_value: 0 + sw_write(csr_value): | + if (CSR[mstateen0].CTR == 1'b0){ + return 0; + } + return csr_value.CTR; + JVT: + long_name: jvt access control + location: 2 + definedBy: Zcmt + description: | + The JVT bit controls access to the `jvt` CSR provided by the Zcmt extension. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].JVT == 1'b0){ + return 0; + } + return csr_value.JVT; + FCSR: + long_name: fcsr access control + location: 1 + #definedBy: + #anyOf: [Zhinx, Zfinx, Zdinx] + description: | + The FCSR bit controls access to `fcsr` for the case when floating-point instructions + operate on `x` registers instead of `f` registers as specified by the Zfinx and related + extensions (Zdinx, etc.). Whenever `misa.F` = 1, FCSR bit of `mstateen0` is read-only + zero (and hence read-only zero in `hstateen0` and `sstateen0` too). For convenience, + when the `stateen` CSRs are implemented and `misa.F` = 0, then if the FCSR bit of a + controlling `stateen0` CSR is zero, all floating-point instructions cause an illegal + instruction trap (or virtual instruction trap, if relevant), as though they all access + `fcsr`, regardless of whether they really do. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].FCSR == 1'b0){ + return 0; + } + return csr_value.FCSR; + C: + long_name: custom state access control + location: 0 + description: | + The C bit controls access to any and all custom state. The C bit of these registers is + not custom state itself; it is a standard field of a standard CSR, either `mstateen0`, + `hstateen0`, or `sstateen0`. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].C == 1'b0){ + return 0; + } + return csr_value.C; +sw_read(): | + # for every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching hstateen CSR + + Bits<64> mstateen0_mask = $bits(CSR[mstateen0]); + Bits<64> hstateen0_value = $bits(CSR[hstateen0]) & mstateen0_mask; + return hstateen0_value; diff --git a/arch/csr/hstateen0h.yaml b/arch/csr/hstateen0h.yaml new file mode 100644 index 000000000..2e05f5ede --- /dev/null +++ b/arch/csr/hstateen0h.yaml @@ -0,0 +1,147 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: hstateen0h +long_name: Upper 32 bits of Hypervisor State Enable 0 Register +address: 0x61C +priv_mode: S +length: 32 +base: 32 +description: + - id: csr-hstateen0h-purpose + normative: true + text: | + For RV64 harts, the Smstateen/Ssstateen extension adds four new 64-bit CSRs at machine level: `mstateen0` (Machine State Enable 0), + `mstateen1`, `mstateen2`, and `mstateen3`. If supervisor mode is implemented, another four CSRs are defined at + supervisor level: `sstateen0`, `sstateen1`, `sstateen2`, and `sstateen3`. And if the hypervisor extension is implemented, + another set of CSRs is added: `hstateen0`, `hstateen1`, `hstateen2`, and `hstateen3`. + + For RV32, the registers listed above are 32-bit, and for the machine-level and hypervisor CSRs there is a corresponding + set of high-half CSRs for the upper 32 bits of each register: `mstateen0h`, `mstateen1h`, `mstateen2h`, `mstateen3h`, `hstateen0h`, + `hstateen1h`, `hstateen2h`, and `hstateen3h`. + +definedBy: + allOf: + - H + - Smstateen + - Ssstateen +fields: + SE0: + long_name: sstateen0 access control + location: 31 + alias: hstateen0.SE0 + sw_write(csr_value): | + if (CSR[mstateen0].SE0 == 1'b0){ + return 0; + } + CSR[hstateen0].SE0 = csr_value.SE0; + return csr_value.SE0; + description: | + The SE0 bit in `hstateen0h` controls access to the `sstateen0` CSR. + type: RW + reset_value: UNDEFINED_LEGAL + ENVCFG: + long_name: senvcfg access control + location: 30 + definedBy: + name: S + version: ">= 1.11" + alias: hstateen0.ENVCFG + sw_write(csr_value): | + if (CSR[mstateen0].ENVCFG == 1'b0){ + return 0; + } + CSR[hstateen0].ENVCFG = csr_value.ENVCFG; + return csr_value.ENVCFG; + description: | + The ENVCFG bit in `hstateen0h` controls access to the `senvcfg` CSRs. + type: RW + reset_value: UNDEFINED_LEGAL + CSRIND: + long_name: siselect and sireg* access control + location: 28 + definedBy: Sscsrind + alias: hstateen0.CSRIND + sw_write(csr_value): | + if (CSR[mstateen0].CSRIND == 1'b0){ + return 0; + } + CSR[hstateen0].CSRIND = csr_value.CSRIND; + return csr_value.CSRIND; + description: | + The CSRIND bit in `hstateen0h` controls access to the `siselect` and the + `sireg*`, (really `vsiselect` and `vsireg*`) CSRs provided by the Sscsrind + extensions. + type: RW + reset_value: UNDEFINED_LEGAL + AIA: + long_name: Ssaia state access control + location: 27 + definedBy: Ssaia + alias: hstateen0.AIA + sw_write(csr_value): | + if (CSR[mstateen0].AIA == 1'b0){ + return 0; + } + CSR[hstateen0].AIA = csr_value.AIA; + return csr_value.AIA; + description: | + The AIA bit in `hstateen0h` controls access to all state introduced by + the Ssaia extension and is not controlled by either the CSRIND or the + IMSIC bits of `hstateen0`. + type: RW + reset_value: UNDEFINED_LEGAL + IMSIC: + long_name: IMSIC state access control + location: 26 + definedBy: Ssaia + alias: hstateen0.IMSIC + sw_write(csr_value): | + if (CSR[mstateen0].IMSIC == 1'b0){ + return 0; + } + CSR[hstateen0].IMSIC = csr_value.IMSIC; + return csr_value.IMSIC; + description: | + The IMSIC bit in `hstateen0h` controls access to the guest IMSIC state, + including CSRs `stopei` (really `vstopei`), provided by the Ssaia extension. + + Setting the IMSIC bit in `hstateen0h` to zero prevents a virtual machine + from accessing the hart’s IMSIC the same as setting `hstatus.`VGEIN = 0. + type: RW + reset_value: UNDEFINED_LEGAL + CONTEXT: + long_name: scontext access control + location: 25 + definedBy: Sdtrig + alias: hstateen0.CONTEXT + sw_write(csr_value): | + if (CSR[mstateen0].CONTEXT == 1'b0){ + return 0; + } + CSR[hstateen0].CONTEXT = csr_value.CONTEXT; + return csr_value.CONTEXT; + description: | + The CONTEXT bit in `hstateen0h` controls access to the `scontext` CSR provided + by the Sdtrig extension. + type: RW + reset_value: UNDEFINED_LEGAL + CTR: + long_name: ctr access control + location: 22 + alias: hstateen0.CTR + sw_write(csr_value): | + if (CSR[mstateen0].CTR == 1'b0){ + return 0; + } + CSR[hstateen0].CTR = csr_value.CTR; + return csr_value.CTR; + description: | + If the H extension is implemented and `mstateen0.CTR=1`, the `hstateen0.CTR` bit controls access to + supervisor CTR state when V=1. This state includes `sctrctl` (really `vsctrctl`), `sctrstatus`, and `sireg*` + (really `vsireg*`) when `siselect` (really `vsiselect`) is in 0x200..0x2FF. `hstateen0.CTR` is read-only 0 when + `mstateen0.CTR=0`. + type: RW + reset_value: 0 +sw_read(): return $bits(CSR[hstateen0])[63:32]; diff --git a/arch/csr/hstateen1.yaml b/arch/csr/hstateen1.yaml new file mode 100644 index 000000000..d89c32d73 --- /dev/null +++ b/arch/csr/hstateen1.yaml @@ -0,0 +1,80 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: hstateen1 +long_name: Hypervisor State Enable 1 Register +address: 0x60D +priv_mode: S +length: 64 +description: + - id: csr-hstateen1-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + for an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-hstateen1-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-hstateen1-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-hstateen1-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-hstateen1-encodings + normative: true + text: | + With the hypervisor extension, the `hstateen` CSRs have identical encodings to the `mstateen` CSRs, + except controlling accesses for a virtual machine (from VS and VU modes). + - id: csr-hstateen1-zero + normative: true + text: | + For every bit in an `hstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in `sstateen` when accessed in VS-mode. + - id: csr-hstateen1-read-only + normative: true + text: | + A bit in an `hstateen` CSR cannot be read-only one unless the same bit is read-only one + in the matching `mstateen` CSR. + +definedBy: + allOf: + - H + - Smstateen + - Ssstateen +fields: + SE0: + long_name: sstateen1 access control + location: 63 + description: | + The SE0 bit in `hstateen1` controls access to the `sstateen1` CSR. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen1].SE0 == 1'b0){ + return 0; + } + return csr_value.SE0; +sw_read(): | + # for every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching hstateen CSR + + Bits<64> mstateen1_mask = $bits(CSR[mstateen1]); + Bits<64> hstateen1_value = $bits(CSR[hstateen1]) & mstateen1_mask; + return hstateen1_value; diff --git a/arch/csr/hstateen1h.yaml b/arch/csr/hstateen1h.yaml new file mode 100644 index 000000000..342591cab --- /dev/null +++ b/arch/csr/hstateen1h.yaml @@ -0,0 +1,44 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: hstateen1h +long_name: Upper 32 bits of Hypervisor State Enable 1 Register +address: 0x61D +priv_mode: S +length: 32 +base: 32 +description: + - id: csr-hstateen0h-purpose + normative: true + text: | + For RV64 harts, the Smstateen/Ssstateen extension adds four new 64-bit CSRs at machine level: `mstateen0` (Machine State Enable 0), + `mstateen1`, `mstateen2`, and `mstateen3`. If supervisor mode is implemented, another four CSRs are defined at + supervisor level: `sstateen0`, `sstateen1`, `sstateen2`, and `sstateen3`. And if the hypervisor extension is implemented, + another set of CSRs is added: `hstateen0`, `hstateen1`, `hstateen2`, and `hstateen3`. + + For RV32, the registers listed above are 32-bit, and for the machine-level and hypervisor CSRs there is a corresponding + set of high-half CSRs for the upper 32 bits of each register: `mstateen0h`, `mstateen1h`, `mstateen2h`, `mstateen3h`, `hstateen0h`, + `hstateen1h`, `hstateen2h`, and `hstateen3h`. + +definedBy: + allOf: + - H + - Smstateen + - Ssstateen +fields: + SE0: + long_name: sstateen1 access control + location: 31 + alias: hstateen1.SE0 + sw_write(csr_value): | + if (CSR[mstateen1].SE0 == 1'b0){ + return 0; + } + CSR[hstateen1].SE0 = csr_value.SE0; + return csr_value.SE0; + description: | + The SE0 bit in `hstateen1h` controls access to the `sstateen1` CSR. + type: RW + reset_value: UNDEFINED_LEGAL +sw_read(): return $bits(CSR[hstateen1])[63:32]; diff --git a/arch/csr/hstateen2.yaml b/arch/csr/hstateen2.yaml new file mode 100644 index 000000000..f9873c385 --- /dev/null +++ b/arch/csr/hstateen2.yaml @@ -0,0 +1,80 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: hstateen2 +long_name: Hypervisor State Enable 2 Register +address: 0x60E +priv_mode: S +length: 64 +description: + - id: csr-hstateen2-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + for an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-hstateen2-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-hstateen2-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-hstateen2-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-hstateen2-encodings + normative: true + text: | + With the hypervisor extension, the `hstateen` CSRs have identical encodings to the `mstateen` CSRs, + except controlling accesses for a virtual machine (from VS and VU modes). + - id: csr-hstateen2-zero + normative: true + text: | + For every bit in an `hstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in `sstateen` when accessed in VS-mode. + - id: csr-hstateen2-read-only + normative: true + text: | + A bit in an `hstateen` CSR cannot be read-only one unless the same bit is read-only one + in the matching `mstateen` CSR. + +definedBy: + allOf: + - H + - Smstateen + - Ssstateen +fields: + SE0: + long_name: sstateen2 access control + location: 63 + description: | + The SE0 bit in `hstateen2` controls access to the `sstateen2` CSR. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen2].SE0 == 1'b0){ + return 0; + } + return csr_value.SE0; +sw_read(): | + # for every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching hstateen CSR + + Bits<64> mstateen2_mask = $bits(CSR[mstateen2]); + Bits<64> hstateen2_value = $bits(CSR[hstateen2]) & mstateen2_mask; + return hstateen2_value; diff --git a/arch/csr/hstateen2h.yaml b/arch/csr/hstateen2h.yaml new file mode 100644 index 000000000..4756be5d2 --- /dev/null +++ b/arch/csr/hstateen2h.yaml @@ -0,0 +1,44 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: hstateen2h +long_name: Upper 32 bits of Hypervisor State Enable 2 Register +address: 0x61E +priv_mode: S +length: 32 +base: 32 +description: + - id: csr-hstateen0h-purpose + normative: true + text: | + For RV64 harts, the Smstateen/Ssstateen extension adds four new 64-bit CSRs at machine level: `mstateen0` (Machine State Enable 0), + `mstateen1`, `mstateen2`, and `mstateen3`. If supervisor mode is implemented, another four CSRs are defined at + supervisor level: `sstateen0`, `sstateen1`, `sstateen2`, and `sstateen3`. And if the hypervisor extension is implemented, + another set of CSRs is added: `hstateen0`, `hstateen1`, `hstateen2`, and `hstateen3`. + + For RV32, the registers listed above are 32-bit, and for the machine-level and hypervisor CSRs there is a corresponding + set of high-half CSRs for the upper 32 bits of each register: `mstateen0h`, `mstateen1h`, `mstateen2h`, `mstateen3h`, `hstateen0h`, + `hstateen1h`, `hstateen2h`, and `hstateen3h`. + +definedBy: + allOf: + - H + - Smstateen + - Ssstateen +fields: + SE0: + long_name: sstateen2 access control + location: 31 + alias: hstateen2.SE0 + sw_write(csr_value): | + if (CSR[mstateen2].SE0 == 1'b0){ + return 0; + } + CSR[hstateen2].SE0 = csr_value.SE0; + return csr_value.SE0; + description: | + The SE0 bit in `hstateen2h` controls access to the `sstateen2` CSR. + type: RW + reset_value: UNDEFINED_LEGAL +sw_read(): return $bits(CSR[hstateen2])[63:32]; diff --git a/arch/csr/hstateen3.yaml b/arch/csr/hstateen3.yaml new file mode 100644 index 000000000..9c8d4ca76 --- /dev/null +++ b/arch/csr/hstateen3.yaml @@ -0,0 +1,80 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: hstateen3 +long_name: Hypervisor State Enable 3 Register +address: 0x60F +priv_mode: S +length: 64 +description: + - id: csr-hstateen3-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + for an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-hstateen3-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-hstateen3-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-hstateen3-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-hstateen3-encodings + normative: true + text: | + With the hypervisor extension, the `hstateen` CSRs have identical encodings to the `mstateen` CSRs, + except controlling accesses for a virtual machine (from VS and VU modes). + - id: csr-hstateen3-zero + normative: true + text: | + For every bit in an `hstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in `sstateen` when accessed in VS-mode. + - id: csr-hstateen3-read-only + normative: true + text: | + A bit in an `hstateen` CSR cannot be read-only one unless the same bit is read-only one + in the matching `mstateen` CSR. + +definedBy: + allOf: + - H + - Smstateen + - Ssstateen +fields: + SE0: + long_name: sstateen3 access control + location: 63 + description: | + The SE0 bit in `hstateen3` controls access to the `sstateen3` CSR. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen3].SE0 == 1'b0){ + return 0; + } + return csr_value.SE0; +sw_read(): | + # for every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching hstateen CSR + + Bits<64> mstateen3_mask = $bits(CSR[mstateen3]); + Bits<64> hstateen3_value = $bits(CSR[hstateen3]) & mstateen3_mask; + return hstateen3_value; diff --git a/arch/csr/hstateen3h.yaml b/arch/csr/hstateen3h.yaml new file mode 100644 index 000000000..feb2393e3 --- /dev/null +++ b/arch/csr/hstateen3h.yaml @@ -0,0 +1,44 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: hstateen3h +long_name: Upper 32 bits of Hypervisor State Enable 3 Register +address: 0x61F +priv_mode: S +length: 32 +base: 32 +description: + - id: csr-hstateen0h-purpose + normative: true + text: | + For RV64 harts, the Smstateen/Ssstateen extension adds four new 64-bit CSRs at machine level: `mstateen0` (Machine State Enable 0), + `mstateen1`, `mstateen2`, and `mstateen3`. If supervisor mode is implemented, another four CSRs are defined at + supervisor level: `sstateen0`, `sstateen1`, `sstateen2`, and `sstateen3`. And if the hypervisor extension is implemented, + another set of CSRs is added: `hstateen0`, `hstateen1`, `hstateen2`, and `hstateen3`. + + For RV32, the registers listed above are 32-bit, and for the machine-level and hypervisor CSRs there is a corresponding + set of high-half CSRs for the upper 32 bits of each register: `mstateen0h`, `mstateen1h`, `mstateen2h`, `mstateen3h`, `hstateen0h`, + `hstateen1h`, `hstateen2h`, and `hstateen3h`. + +definedBy: + allOf: + - H + - Smstateen + - Ssstateen +fields: + SE0: + long_name: sstateen3 access control + location: 31 + alias: hstateen3.SE0 + sw_write(csr_value): | + if (CSR[mstateen3].SE0 == 1'b0){ + return 0; + } + CSR[hstateen3].SE0 = csr_value.SE0; + return csr_value.SE0; + description: | + The SE0 bit in `hstateen3h` controls access to the `sstateen3` CSR. + type: RW + reset_value: UNDEFINED_LEGAL +sw_read(): return $bits(CSR[hstateen3])[63:32]; diff --git a/arch/csr/mstateen0.yaml b/arch/csr/mstateen0.yaml new file mode 100644 index 000000000..314f9ace2 --- /dev/null +++ b/arch/csr/mstateen0.yaml @@ -0,0 +1,178 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: mstateen0 +long_name: Machine State Enable 0 Register +address: 0x30C +priv_mode: M +length: 64 +description: + - id: csr-mstateen0-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + or an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-mstateen0-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-mstateen0-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-mstateen0-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-mstateen0-bit-allocation + normative: true + text: | + For every bit with a defined purpose in an `sstateen` CSR, the same bit is defined in the matching + `mstateen` CSR to control access below machine level to the same state. The upper 32 bits of an + `mstateen` CSR (or for RV32, the corresponding high-half CSR) control access to state that is inherently + inaccessible to user level, so no corresponding enable bits in the supervisor-level `sstateen` CSR are + applicable. The intention is to allocate bits for this purpose starting at the most-significant end, bit 63, + through to bit 32, and then on to the next-higher `mstateen` CSR. If the rate that bits are being allocated + from the least-significant end for `sstateen` CSRs is sufficiently low, allocation from the most-significant + end of `mstateen` CSRs may be allowed to encroach on the lower 32 bits before jumping to the next-higher + `mstateen` CSR. In that case, the bit positions of "encroaching" bits will remain forever read-only zeros in + the matching `sstateen` CSRs. + - id: csr-mstateen0-zero + normative: true + text: | + For every bit in an `mstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in the matching `hstateen` and `sstateen` CSRs. + - id: csr-mstateen0-read-only + normative: true + text: | + A bit in a supervisor-level `sstateen` CSR cannot be read-only one unless the same bit is read-only one in the matching + `mstateen` CSR and, if it exists, in the matching `hstateen` CSR. A bit in an `hstateen` CSR cannot be read-only one unless + the same bit is read-only one in the matching `mstateen` CSR. Bit 63 of each `mstateen` CSR may be read-only zero only if + the hypervisor extension is not implemented and the matching supervisor-level `sstateen` CSR is all read-only zeros. + +definedBy: Smstateen +fields: + SE0: + long_name: hstateen0, hstateen0h, and sstateen0 access control + location: 63 + description: | + The SE0 bit in `mstateen0` controls access to the `hstateen0`, `hstateen0h`, and the `sstateen0` CSRs. + type: RW + reset_value: 0 + ENVCFG: + long_name: henvcfg, henvcfgh, and senvcfg access control + location: 62 + definedBy: + name: S + version: ">= 1.11" + description: | + The ENVCFG bit in `mstateen0` controls access to the `henvcfg`, `henvcfgh`, and the `senvcfg` CSRs. + type: RW + reset_value: 0 + CSRIND: + long_name: siselect, sireg*, vsiselect, and vsireg* access control + location: 60 + definedBy: Sscsrind + description: | + The CSRIND bit in `mstateen0` controls access to the `siselect`, `sireg*`, `vsiselect`, and the `vsireg*` + CSRs provided by the Sscsrind extensions. + type: RW + reset_value: 0 + AIA: + long_name: Ssaia state access control + location: 59 + definedBy: Ssaia + description: | + The AIA bit in `mstateen0` controls access to all state introduced by the Ssaia extension and is not + controlled by either the CSRIND or the IMSIC bits. + type: RW + reset_value: 0 + IMSIC: + long_name: IMSIC state access control + location: 58 + definedBy: Ssaia + description: | + The IMSIC bit in `mstateen0` controls access to the IMSIC state, including CSRs `stopei` and `vstopei`, + provided by the Ssaia extension. + type: RW + reset_value: 0 + CONTEXT: + long_name: scontext and hcontext access control + location: 57 + definedBy: Sdtrig + description: | + The CONTEXT bit in `mstateen0` controls access to the `scontext` and `hcontext` CSRs provided by the + Sdtrig extension. + type: RW + reset_value: 0 + P1P13: + long_name: hedelegh access control + location: 56 + description: | + The P1P13 bit in `mstateen0` controls access to the `hedelegh` introduced by Privileged Specification + Version 1.13. + type: RW + reset_value: 0 + SRMCFG: + long_name: srmcfg access control + location: 55 + #definedBy: Ssqosid + description: | + The SRMCFG bit in `mstateen0` controls access to the `srmcfg`` CSR introduced by the Ssqosid Chapter 18 + extension. + type: RW + reset_value: 0 + CTR: + long_name: ctr access control + location: 54 + description: | + When Smstateen is implemented, the `mstateen0.CTR` bit controls access to CTR register state from + privilege modes less privileged than M-mode. + type: RW + reset_value: 0 + JVT: + long_name: jvt access control + location: 2 + definedBy: Zcmt + description: | + The JVT bit controls access to the `jvt` CSR provided by the Zcmt extension. + type: RW + reset_value: 0 + FCSR: + long_name: fcsr access control + location: 1 + #definedBy: + #anyOf: [Zhinx, Zfinx, Zdinx] + description: | + The FCSR bit controls access to `fcsr` for the case when floating-point instructions + operate on `x` registers instead of `f` registers as specified by the Zfinx and related + extensions (Zdinx, etc.). Whenever `misa.F` = 1, FCSR bit of `mstateen0` is read-only + zero (and hence read-only zero in `hstateen0` and `sstateen0` too). For convenience, + when the `stateen` CSRs are implemented and `misa.F` = 0, then if the FCSR bit of a + controlling `stateen0` CSR is zero, all floating-point instructions cause an illegal + instruction trap (or virtual instruction trap, if relevant), as though they all access + `fcsr`, regardless of whether they really do. + type: RW + reset_value: 0 + C: + long_name: custom state access control + location: 0 + description: | + The C bit controls access to any and all custom state. The C bit of these registers is + not custom state itself; it is a standard field of a standard CSR, either `mstateen0`, + `hstateen0`, or `sstateen0`. + type: RW + reset_value: 0 diff --git a/arch/csr/mstateen0h.yaml b/arch/csr/mstateen0h.yaml new file mode 100644 index 000000000..036910f19 --- /dev/null +++ b/arch/csr/mstateen0h.yaml @@ -0,0 +1,136 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: mstateen0h +long_name: Upper 32 bits of Machine State Enable 0 Register +address: 0x31C +priv_mode: M +length: 32 +base: 32 +description: + - id: csr-mstateen0h-purpose + normative: true + text: | + For RV64 harts, the Smstateen extension adds four new 64-bit CSRs at machine level: `mstateen0` (Machine State + Enable 0), `mstateen1`, `mstateen2`, and `mstateen3`. For RV32, the registers listed above are 32-bit, and for the + machine-level CSRs there is a corresponding set of high-half CSRs for the upper 32 bits of each register: + `mstateen0h`, `mstateen1h`, `mstateen2h`, `mstateen3h`. + +definedBy: Smstateen +fields: + SE0: + long_name: hstateen0, hstateen0h, and sstateen0 access control + location: 31 + alias: mstateen0.SE0 + sw_write(csr_value): | + CSR[mstateen0].SE0 = csr_value.SE0; + return csr_value.SE0; + description: | + The SE0 bit in `mstateen0h` controls access to the `hstateen0`, `hstateen0h`, and the `sstateen0` CSRs. + type: RW + reset_value: 0 + ENVCFG: + long_name: henvcfg, henvcfgh, and senvcfg access control + location: 30 + definedBy: + name: S + version: ">= 1.11" + alias: mstateen0.ENVCFG + sw_write(csr_value): | + CSR[mstateen0].ENVCFG = csr_value.ENVCFG; + return csr_value.ENVCFG; + description: | + The ENVCFG bit in `mstateen0h` controls access to the `henvcfg`, `henvcfgh`, and the `senvcfg` CSRs. + type: RW + reset_value: 0 + CSRIND: + long_name: siselect, sireg*, vsiselect, and vsireg* access control + location: 28 + definedBy: Sscsrind + alias: mstateen0.CSRIND + sw_write(csr_value): | + CSR[mstateen0].CSRIND = csr_value.CSRIND; + return csr_value.CSRIND; + description: | + The CSRIND bit in `mstateen0h` controls access to the `siselect`, `sireg*`, `vsiselect`, and the `vsireg*` + CSRs provided by the Sscsrind extensions. + type: RW + reset_value: 0 + AIA: + long_name: Ssaia state access control + location: 27 + definedBy: Ssaia + alias: mstateen0.AIA + sw_write(csr_value): | + CSR[mstateen0].AIA = csr_value.AIA; + return csr_value.AIA; + description: | + The AIA bit in `mstateen0h` controls access to all state introduced by the Ssaia extension and is not + controlled by either the CSRIND or the IMSIC bits. + type: RW + reset_value: 0 + IMSIC: + long_name: IMSIC state access control + location: 26 + definedBy: Ssaia + alias: mstateen0.IMSIC + sw_write(csr_value): | + CSR[mstateen0].IMSIC = csr_value.IMSIC; + return csr_value.IMSIC; + description: | + The IMSIC bit in `mstateen0h` controls access to the IMSIC state, including CSRs `stopei` and `vstopei`, + provided by the Ssaia extension. + type: RW + reset_value: 0 + CONTEXT: + long_name: scontext and hcontext access control + location: 25 + definedBy: Sdtrig + alias: mstateen0.CONTEXT + sw_write(csr_value): | + CSR[mstateen0].CONTEXT = csr_value.CONTEXT; + return csr_value.CONTEXT; + description: | + The CONTEXT bit in `mstateen0h` controls access to the `scontext` and `hcontext` CSRs provided by the + Sdtrig extension. + type: RW + reset_value: 0 + P1P13: + long_name: hedelegh access control + location: 24 + alias: mstateen0.P1P13 + sw_write(csr_value): | + CSR[mstateen0].P1P13 = csr_value.P1P13; + return csr_value.P1P13; + description: | + The P1P13 bit in `mstateen0h` controls access to the `hedelegh` introduced by Privileged Specification + Version 1.13. + type: RW + reset_value: 0 + SRMCFG: + long_name: srmcfg access control + location: 23 + #definedBy: Ssqosid + alias: mstateen0.SRMCFG + sw_write(csr_value): | + CSR[mstateen0].SRMCFG = csr_value.SRMCFG; + return csr_value.SRMCFG; + description: | + The SRMCFG bit in `mstateen0h` controls access to the `srmcfg`` CSR introduced by the Ssqosid Chapter 18 + extension. + type: RW + reset_value: 0 + CTR: + long_name: ctr access control + location: 22 + alias: mstateen0.CTR + sw_write(csr_value): | + CSR[mstateen0].CTR = csr_value.CTR; + return csr_value.CTR; + description: | + When Smstateen is implemented, the `mstateen0.CTR` bit controls access to CTR register state from + privilege modes less privileged than M-mode. + type: RW + reset_value: 0 +sw_read(): return $bits(CSR[mstateen0])[63:32]; diff --git a/arch/csr/mstateen1.yaml b/arch/csr/mstateen1.yaml new file mode 100644 index 000000000..df87b315b --- /dev/null +++ b/arch/csr/mstateen1.yaml @@ -0,0 +1,74 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: mstateen1 +long_name: Machine State Enable 1 Register +address: 0x30D +priv_mode: M +length: 64 +description: + - id: csr-mstateen1-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + or an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-mstateen1-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-mstateen1-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-mstateen1-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-mstateen1-bit-allocation + normative: true + text: | + For every bit with a defined purpose in an `sstateen` CSR, the same bit is defined in the matching + `mstateen` CSR to control access below machine level to the same state. The upper 32 bits of an + `mstateen` CSR (or for RV32, the corresponding high-half CSR) control access to state that is inherently + inaccessible to user level, so no corresponding enable bits in the supervisor-level `sstateen` CSR are + applicable. The intention is to allocate bits for this purpose starting at the most-significant end, bit 63, + through to bit 32, and then on to the next-higher `mstateen` CSR. If the rate that bits are being allocated + from the least-significant end for `sstateen` CSRs is sufficiently low, allocation from the most-significant + end of `mstateen` CSRs may be allowed to encroach on the lower 32 bits before jumping to the next-higher + `mstateen` CSR. In that case, the bit positions of "encroaching" bits will remain forever read-only zeros in + the matching `sstateen` CSRs. + - id: csr-mstateen1-zero + normative: true + text: | + For every bit in an `mstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in the matching `hstateen` and `sstateen` CSRs. + - id: csr-mstateen1-read-only + normative: true + text: | + A bit in a supervisor-level `sstateen` CSR cannot be read-only one unless the same bit is read-only one in the matching + `mstateen` CSR and, if it exists, in the matching `hstateen` CSR. A bit in an `hstateen` CSR cannot be read-only one unless + the same bit is read-only one in the matching `mstateen` CSR. Bit 63 of each `mstateen` CSR may be read-only zero only if + the hypervisor extension is not implemented and the matching supervisor-level `sstateen` CSR is all read-only zeros. + +definedBy: Smstateen +fields: + SE0: + long_name: hstateen1, hstateen1h, and sstateen1 access control + location: 63 + description: | + The SE0 bit in `mstateen1` controls access to the `hstateen1`, `hstateen1h`, and the `sstateen1` CSRs. + type: RW + reset_value: 0 diff --git a/arch/csr/mstateen1h.yaml b/arch/csr/mstateen1h.yaml new file mode 100644 index 000000000..ff0993311 --- /dev/null +++ b/arch/csr/mstateen1h.yaml @@ -0,0 +1,33 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: mstateen1h +long_name: Upper 32 bits of Machine State Enable 1 Register +address: 0x31D +priv_mode: M +length: 32 +base: 32 +description: + - id: csr-mstateen1h-purpose + normative: true + text: | + For RV64 harts, the Smstateen extension adds four new 64-bit CSRs at machine level: `mstateen0` (Machine State + Enable 0), `mstateen1`, `mstateen2`, and `mstateen3`. For RV32, the registers listed above are 32-bit, and for the + machine-level CSRs there is a corresponding set of high-half CSRs for the upper 32 bits of each register: + `mstateen0h`, `mstateen1h`, `mstateen2h`, `mstateen3h`. + +definedBy: Smstateen +fields: + SE0: + long_name: hstateen1, hstateen1h, and sstateen1 access control + location: 31 + alias: mstateen1.SE0 + sw_write(csr_value): | + CSR[mstateen1].SE0 = csr_value.SE0; + return csr_value.SE0; + description: | + The SE0 bit in `mstateen1h` controls access to the `hstateen1`, `hstateen1h`, and the `sstateen1` CSRs. + type: RW + reset_value: 0 +sw_read(): return $bits(CSR[mstateen1])[63:32]; diff --git a/arch/csr/mstateen2.yaml b/arch/csr/mstateen2.yaml new file mode 100644 index 000000000..63b4e8796 --- /dev/null +++ b/arch/csr/mstateen2.yaml @@ -0,0 +1,74 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: mstateen2 +long_name: Machine State Enable 2 Register +address: 0x30E +priv_mode: M +length: 64 +description: + - id: csr-mstateen2-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + or an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-mstateen2-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-mstateen2-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-mstateen2-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-mstateen2-bit-allocation + normative: true + text: | + For every bit with a defined purpose in an `sstateen` CSR, the same bit is defined in the matching + `mstateen` CSR to control access below machine level to the same state. The upper 32 bits of an + `mstateen` CSR (or for RV32, the corresponding high-half CSR) control access to state that is inherently + inaccessible to user level, so no corresponding enable bits in the supervisor-level `sstateen` CSR are + applicable. The intention is to allocate bits for this purpose starting at the most-significant end, bit 63, + through to bit 32, and then on to the next-higher `mstateen` CSR. If the rate that bits are being allocated + from the least-significant end for `sstateen` CSRs is sufficiently low, allocation from the most-significant + end of `mstateen` CSRs may be allowed to encroach on the lower 32 bits before jumping to the next-higher + `mstateen` CSR. In that case, the bit positions of "encroaching" bits will remain forever read-only zeros in + the matching `sstateen` CSRs. + - id: csr-mstateen2-zero + normative: true + text: | + For every bit in an `mstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in the matching `hstateen` and `sstateen` CSRs. + - id: csr-mstateen2-read-only + normative: true + text: | + A bit in a supervisor-level `sstateen` CSR cannot be read-only one unless the same bit is read-only one in the matching + `mstateen` CSR and, if it exists, in the matching `hstateen` CSR. A bit in an `hstateen` CSR cannot be read-only one unless + the same bit is read-only one in the matching `mstateen` CSR. Bit 63 of each `mstateen` CSR may be read-only zero only if + the hypervisor extension is not implemented and the matching supervisor-level `sstateen` CSR is all read-only zeros. + +definedBy: Smstateen +fields: + SE0: + long_name: hstateen2, hstateen2h, and sstateen2 access control + location: 63 + description: | + The SE0 bit in `mstateen2` controls access to the `hstateen2`, `hstateen2h`, and the `sstateen2` CSRs. + type: RW + reset_value: 0 diff --git a/arch/csr/mstateen2h.yaml b/arch/csr/mstateen2h.yaml new file mode 100644 index 000000000..d86a62118 --- /dev/null +++ b/arch/csr/mstateen2h.yaml @@ -0,0 +1,33 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: mstateen2h +long_name: Upper 32 bits of Machine State Enable 2 Register +address: 0x31E +priv_mode: M +length: 32 +base: 32 +description: + - id: csr-mstateen2h-purpose + normative: true + text: | + For RV64 harts, the Smstateen extension adds four new 64-bit CSRs at machine level: `mstateen0` (Machine State + Enable 0), `mstateen1`, `mstateen2`, and `mstateen3`. For RV32, the registers listed above are 32-bit, and for the + machine-level CSRs there is a corresponding set of high-half CSRs for the upper 32 bits of each register: + `mstateen0h`, `mstateen1h`, `mstateen2h`, `mstateen3h`. + +definedBy: Smstateen +fields: + SE0: + long_name: hstateen2, hstateen2h, and sstateen2 access control + location: 31 + alias: mstateen2.SE0 + sw_write(csr_value): | + CSR[mstateen2].SE0 = csr_value.SE0; + return csr_value.SE0; + description: | + The SE0 bit in `mstateen2h` controls access to the `hstateen2`, `hstateen2h`, and the `sstateen2` CSRs. + type: RW + reset_value: 0 +sw_read(): return $bits(CSR[mstateen2])[63:32]; diff --git a/arch/csr/mstateen3.yaml b/arch/csr/mstateen3.yaml new file mode 100644 index 000000000..bb968f417 --- /dev/null +++ b/arch/csr/mstateen3.yaml @@ -0,0 +1,74 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: mstateen3 +long_name: Machine State Enable 3 Register +address: 0x30F +priv_mode: M +length: 64 +description: + - id: csr-mstateen3-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + or an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-mstateen3-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-mstateen3-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-mstateen3-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-mstateen3-bit-allocation + normative: true + text: | + For every bit with a defined purpose in an `sstateen` CSR, the same bit is defined in the matching + `mstateen` CSR to control access below machine level to the same state. The upper 32 bits of an + `mstateen` CSR (or for RV32, the corresponding high-half CSR) control access to state that is inherently + inaccessible to user level, so no corresponding enable bits in the supervisor-level `sstateen` CSR are + applicable. The intention is to allocate bits for this purpose starting at the most-significant end, bit 63, + through to bit 32, and then on to the next-higher `mstateen` CSR. If the rate that bits are being allocated + from the least-significant end for `sstateen` CSRs is sufficiently low, allocation from the most-significant + end of `mstateen` CSRs may be allowed to encroach on the lower 32 bits before jumping to the next-higher + `mstateen` CSR. In that case, the bit positions of "encroaching" bits will remain forever read-only zeros in + the matching `sstateen` CSRs. + - id: csr-mstateen3-zero + normative: true + text: | + For every bit in an `mstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in the matching `hstateen` and `sstateen` CSRs. + - id: csr-mstateen3-read-only + normative: true + text: | + A bit in a supervisor-level `sstateen` CSR cannot be read-only one unless the same bit is read-only one in the matching + `mstateen` CSR and, if it exists, in the matching `hstateen` CSR. A bit in an `hstateen` CSR cannot be read-only one unless + the same bit is read-only one in the matching `mstateen` CSR. Bit 63 of each `mstateen` CSR may be read-only zero only if + the hypervisor extension is not implemented and the matching supervisor-level `sstateen` CSR is all read-only zeros. + +definedBy: Smstateen +fields: + SE0: + long_name: hstateen3, hstateen3h, and sstateen3 access control + location: 63 + description: | + The SE0 bit in `mstateen3` controls access to the `hstateen3`, `hstateen3h`, and the `sstateen3` CSRs. + type: RW + reset_value: 0 diff --git a/arch/csr/mstateen3h.yaml b/arch/csr/mstateen3h.yaml new file mode 100644 index 000000000..6e46bd2aa --- /dev/null +++ b/arch/csr/mstateen3h.yaml @@ -0,0 +1,33 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: mstateen3h +long_name: Upper 32 bits of Machine State Enable 3 Register +address: 0x31F +priv_mode: M +length: 32 +base: 32 +description: + - id: csr-mstateen3h-purpose + normative: true + text: | + For RV64 harts, the Smstateen extension adds four new 64-bit CSRs at machine level: `mstateen0` (Machine State + Enable 0), `mstateen1`, `mstateen2`, and `mstateen3`. For RV32, the registers listed above are 32-bit, and for the + machine-level CSRs there is a corresponding set of high-half CSRs for the upper 32 bits of each register: + `mstateen0h`, `mstateen1h`, `mstateen2h`, `mstateen3h`. + +definedBy: Smstateen +fields: + SE0: + long_name: hstateen3, hstateen3h, and sstateen3 access control + location: 31 + alias: mstateen3.SE0 + sw_write(csr_value): | + CSR[mstateen3].SE0 = csr_value.SE0; + return csr_value.SE0; + description: | + The SE0 bit in `mstateen3h` controls access to the `hstateen3`, `hstateen3h`, and the `sstateen3` CSRs. + type: RW + reset_value: 0 +sw_read(): return $bits(CSR[mstateen3])[63:32]; diff --git a/arch/csr/sstateen0.yaml b/arch/csr/sstateen0.yaml new file mode 100644 index 000000000..00c664dac --- /dev/null +++ b/arch/csr/sstateen0.yaml @@ -0,0 +1,142 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: sstateen0 +long_name: Supervisor State Enable 0 Register +address: 0x10C +priv_mode: S +length: MXLEN +description: + - id: csr-sstateen0-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + for an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-sstateen0-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-sstateen0-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-sstateen0-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-sstateen0-bit-allocation + normative: true + text: | + For every bit with a defined purpose in an `sstateen` CSR, the same bit is defined in the matching + `mstateen` CSR to control access below machine level to the same state. The upper 32 bits of an + `mstateen` CSR (or for RV32, the corresponding high-half CSR) control access to state that is inherently + inaccessible to user level, so no corresponding enable bits in the supervisor-level `sstateen` CSR are + applicable. The intention is to allocate bits for this purpose starting at the most-significant end, bit 63, + through to bit 32, and then on to the next-higher `mstateen` CSR. If the rate that bits are being allocated + from the least-significant end for `sstateen` CSRs is sufficiently low, allocation from the most-significant + end of `mstateen` CSRs may be allowed to encroach on the lower 32 bits before jumping to the next-higher + `mstateen` CSR. In that case, the bit positions of "encroaching" bits will remain forever read-only zeros in + the matching `sstateen` CSRs. + - id: csr-sstateen0-zero + normative: true + text: | + For every bit in an `mstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in the matching `hstateen` and `sstateen` CSRs. + For every bit in an `hstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in `sstateen` when accessed in VS-mode. + - id: csr-sstateen0-read-only + normative: true + text: | + A bit in a supervisor-level `sstateen` CSR cannot be read-only one unless the same bit is read-only one in the matching + `mstateen` CSR and, if it exists, in the matching `hstateen` CSR. Bit 63 of each `mstateen` CSR may be read-only zero + only if the hypervisor extension is not implemented and the matching supervisor-level `sstateen` CSR is all read-only zeros. + +definedBy: + allOf: + - Smstateen + - Ssstateen +fields: + JVT: + long_name: jvt access control + location: 2 + definedBy: Zcmt + description: | + The JVT bit controls access to the `jvt` CSR provided by the Zcmt extension. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].JVT == 1'b0){ + return 0; + } + else if (mode() == PrivilegeMode::VS && CSR[hstateen0].JVT == 1'b0) { + return 0; + } + return csr_value.JVT; + FCSR: + long_name: fcsr access control + location: 1 + #definedBy: + #anyOf: [Zhinx, Zfinx, Zdinx] + description: | + The FCSR bit controls access to `fcsr` for the case when floating-point instructions + operate on `x` registers instead of `f` registers as specified by the Zfinx and related + extensions (Zdinx, etc.). Whenever `misa.F` = 1, FCSR bit of `mstateen0` is read-only + zero (and hence read-only zero in `hstateen0` and `sstateen0` too). For convenience, + when the `stateen` CSRs are implemented and `misa.F` = 0, then if the FCSR bit of a + controlling `stateen0` CSR is zero, all floating-point instructions cause an illegal + instruction trap (or virtual instruction trap, if relevant), as though they all access + `fcsr`, regardless of whether they really do. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].FCSR == 1'b0){ + return 0; + } + else if (mode() == PrivilegeMode::VS && CSR[hstateen0].FCSR == 1'b0) { + return 0; + } + return csr_value.FCSR; + C: + long_name: custom state access control + location: 0 + description: | + The C bit controls access to any and all custom state. The C bit of these registers is + not custom state itself; it is a standard field of a standard CSR, either `mstateen0`, + `hstateen0`, or `sstateen0`. + type: RW + reset_value: UNDEFINED_LEGAL + sw_write(csr_value): | + if (CSR[mstateen0].C == 1'b0){ + return 0; + } + else if (mode() == PrivilegeMode::VS && CSR[hstateen0].C == 1'b0) { + return 0; + } + return csr_value.C; +sw_read(): | + # For every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching sstateen CSR. + Bits<64> mstateen0_mask = $bits(CSR[mstateen0]); + Bits<64> sstateen0_value = $bits(CSR[sstateen0]) & mstateen0_mask; + + # For every bit in an hstateen CSR that is zero, the same bit + # appears as read-only zero in sstateen when accessed in VS-mode. + if (mode() == PrivilegeMode::VS) { + Bits<64> hstateen0_mask = $bits(CSR[hstateen0]); + sstateen0_value = sstateen0_value & hstateen0_mask; + } + + return sstateen0_value; diff --git a/arch/csr/sstateen1.yaml b/arch/csr/sstateen1.yaml new file mode 100644 index 000000000..5c93aed6b --- /dev/null +++ b/arch/csr/sstateen1.yaml @@ -0,0 +1,106 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: sstateen1 +long_name: Supervisor State Enable 1 Register +address: 0x10D +priv_mode: S +length: MXLEN +description: + - id: csr-sstateen1-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + for an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-sstateen1-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-sstateen1-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-sstateen1-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-sstateen1-bit-allocation + normative: true + text: | + For every bit with a defined purpose in an `sstateen` CSR, the same bit is defined in the matching + `mstateen` CSR to control access below machine level to the same state. The upper 32 bits of an + `mstateen` CSR (or for RV32, the corresponding high-half CSR) control access to state that is inherently + inaccessible to user level, so no corresponding enable bits in the supervisor-level `sstateen` CSR are + applicable. The intention is to allocate bits for this purpose starting at the most-significant end, bit 63, + through to bit 32, and then on to the next-higher `mstateen` CSR. If the rate that bits are being allocated + from the least-significant end for `sstateen` CSRs is sufficiently low, allocation from the most-significant + end of `mstateen` CSRs may be allowed to encroach on the lower 32 bits before jumping to the next-higher + `mstateen` CSR. In that case, the bit positions of "encroaching" bits will remain forever read-only zeros in + the matching `sstateen` CSRs. + - id: csr-sstateen1-zero + normative: true + text: | + For every bit in an `mstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in the matching `hstateen` and `sstateen` CSRs. + For every bit in an `hstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in `sstateen` when accessed in VS-mode. + - id: csr-sstateen1-read-only + normative: true + text: | + A bit in a supervisor-level `sstateen` CSR cannot be read-only one unless the same bit is read-only one in the matching + `mstateen` CSR and, if it exists, in the matching `hstateen` CSR. Bit 63 of each `mstateen` CSR may be read-only zero + only if the hypervisor extension is not implemented and the matching supervisor-level `sstateen` CSR is all read-only zeros. + +definedBy: + allOf: + - Smstateen + - Ssstateen + +fields: + DATA: + location_rv64: 63-0 + location_rv32: 31-0 + description: Data value + type: RW + sw_write(csr_value): | + # For every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching sstateen CSR. + Bits<64> mstateen1_mask = $bits(CSR[mstateen1]); + Bits<64> data_value = csr_value.DATA & mstateen1_mask; + + # For every bit in an hstateen CSR that is zero, the same bit + # appears as read-only zero in sstateen when accessed in VS-mode. + if (mode() == PrivilegeMode::VS) { + Bits<64> hstateen1_mask = $bits(CSR[hstateen1]); + data_value = data_value & hstateen1_mask; + } + + return data_value; + reset_value: UNDEFINED_LEGAL +sw_read(): | + # For every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching sstateen CSR. + Bits<64> mstateen1_mask = $bits(CSR[mstateen1]); + Bits<64> sstateen1_value = $bits(CSR[sstateen1]) & mstateen1_mask; + + # For every bit in an hstateen CSR that is zero, the same bit + # appears as read-only zero in sstateen when accessed in VS-mode. + if (mode() == PrivilegeMode::VS) { + Bits<64> hstateen1_mask = $bits(CSR[hstateen1]); + sstateen1_value = sstateen1_value & hstateen1_mask; + } + + return sstateen1_value; diff --git a/arch/csr/sstateen2.yaml b/arch/csr/sstateen2.yaml new file mode 100644 index 000000000..b57bd234c --- /dev/null +++ b/arch/csr/sstateen2.yaml @@ -0,0 +1,106 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: sstateen2 +long_name: Supervisor State Enable 2 Register +address: 0x10E +priv_mode: S +length: MXLEN +description: + - id: csr-sstateen2-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + for an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-sstateen2-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-sstateen2-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-sstateen2-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-sstateen2-bit-allocation + normative: true + text: | + For every bit with a defined purpose in an `sstateen` CSR, the same bit is defined in the matching + `mstateen` CSR to control access below machine level to the same state. The upper 32 bits of an + `mstateen` CSR (or for RV32, the corresponding high-half CSR) control access to state that is inherently + inaccessible to user level, so no corresponding enable bits in the supervisor-level `sstateen` CSR are + applicable. The intention is to allocate bits for this purpose starting at the most-significant end, bit 63, + through to bit 32, and then on to the next-higher `mstateen` CSR. If the rate that bits are being allocated + from the least-significant end for `sstateen` CSRs is sufficiently low, allocation from the most-significant + end of `mstateen` CSRs may be allowed to encroach on the lower 32 bits before jumping to the next-higher + `mstateen` CSR. In that case, the bit positions of "encroaching" bits will remain forever read-only zeros in + the matching `sstateen` CSRs. + - id: csr-sstateen2-zero + normative: true + text: | + For every bit in an `mstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in the matching `hstateen` and `sstateen` CSRs. + For every bit in an `hstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in `sstateen` when accessed in VS-mode. + - id: csr-sstateen2-read-only + normative: true + text: | + A bit in a supervisor-level `sstateen` CSR cannot be read-only one unless the same bit is read-only one in the matching + `mstateen` CSR and, if it exists, in the matching `hstateen` CSR. Bit 63 of each `mstateen` CSR may be read-only zero + only if the hypervisor extension is not implemented and the matching supervisor-level `sstateen` CSR is all read-only zeros. + +definedBy: + allOf: + - Smstateen + - Ssstateen + +fields: + DATA: + location_rv64: 63-0 + location_rv32: 31-0 + description: Data value + type: RW + sw_write(csr_value): | + # For every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching sstateen CSR. + Bits<64> mstateen2_mask = $bits(CSR[mstateen2]); + Bits<64> data_value = csr_value.DATA & mstateen2_mask; + + # For every bit in an hstateen CSR that is zero, the same bit + # appears as read-only zero in sstateen when accessed in VS-mode. + if (mode() == PrivilegeMode::VS) { + Bits<64> hstateen2_mask = $bits(CSR[hstateen2]); + data_value = data_value & hstateen2_mask; + } + + return data_value; + reset_value: UNDEFINED_LEGAL +sw_read(): | + # For every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching sstateen CSR. + Bits<64> mstateen2_mask = $bits(CSR[mstateen2]); + Bits<64> sstateen2_value = $bits(CSR[sstateen2]) & mstateen2_mask; + + # For every bit in an hstateen CSR that is zero, the same bit + # appears as read-only zero in sstateen when accessed in VS-mode. + if (mode() == PrivilegeMode::VS) { + Bits<64> hstateen2_mask = $bits(CSR[hstateen2]); + sstateen2_value = sstateen2_value & hstateen2_mask; + } + + return sstateen2_value; diff --git a/arch/csr/sstateen3.yaml b/arch/csr/sstateen3.yaml new file mode 100644 index 000000000..accacc25b --- /dev/null +++ b/arch/csr/sstateen3.yaml @@ -0,0 +1,106 @@ +# yaml-language-server: $schema=../../schemas/csr_schema.json + +$schema: "csr_schema.json#" +kind: csr +name: sstateen3 +long_name: Supervisor State Enable 3 Register +address: 0x10F +priv_mode: S +length: MXLEN +description: + - id: csr-sstateen3-purpose + normative: true + text: | + Each bit of a `stateen` CSR controls less-privileged access to an extension’s state, + for an extension that was not deemed "worthy" of a full XS field in `sstatus` like the + FS and VS fields for the F and V extensions. + - id: csr-sstateen3-num-justification + normative: false + text: | + The number of registers provided at each level is four because it is believed that + 4 * 64 = 256 bits for machine and hypervisor levels, and 4 * 32 = 128 bits for + supervisor level, will be adequate for many years to come, perhaps for as long as + the RISC-V ISA is in use. + The exact number four is an attempted compromise between providing too few bits on + the one hand and going overboard with CSRs that will never be used on the other. + - id: csr-sstateen3-scope + normative: true + text: | + The `stateen` registers at each level control access to state at all less-privileged + levels, but not at its own level. + - id: csr-sstateen3-effect + normative: true + text: | + When a `stateen` CSR prevents access to state for a privilege mode, attempting to execute + in that privilege mode an instruction that implicitly updates the state without reading + it may or may not raise an illegal instruction or virtual instruction exception. + Such cases must be disambiguated by being explicitly specified one way or the other. + In some cases, the bits of the `stateen` CSRs will have a dual purpose as enables for the + ISA extensions that introduce the controlled state. + - id: csr-sstateen3-bit-allocation + normative: true + text: | + For every bit with a defined purpose in an `sstateen` CSR, the same bit is defined in the matching + `mstateen` CSR to control access below machine level to the same state. The upper 32 bits of an + `mstateen` CSR (or for RV32, the corresponding high-half CSR) control access to state that is inherently + inaccessible to user level, so no corresponding enable bits in the supervisor-level `sstateen` CSR are + applicable. The intention is to allocate bits for this purpose starting at the most-significant end, bit 63, + through to bit 32, and then on to the next-higher `mstateen` CSR. If the rate that bits are being allocated + from the least-significant end for `sstateen` CSRs is sufficiently low, allocation from the most-significant + end of `mstateen` CSRs may be allowed to encroach on the lower 32 bits before jumping to the next-higher + `mstateen` CSR. In that case, the bit positions of "encroaching" bits will remain forever read-only zeros in + the matching `sstateen` CSRs. + - id: csr-sstateen3-zero + normative: true + text: | + For every bit in an `mstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in the matching `hstateen` and `sstateen` CSRs. + For every bit in an `hstateen` CSR that is zero (whether read-only zero or set to zero), + the same bit appears as read-only zero in `sstateen` when accessed in VS-mode. + - id: csr-sstateen3-read-only + normative: true + text: | + A bit in a supervisor-level `sstateen` CSR cannot be read-only one unless the same bit is read-only one in the matching + `mstateen` CSR and, if it exists, in the matching `hstateen` CSR. Bit 63 of each `mstateen` CSR may be read-only zero + only if the hypervisor extension is not implemented and the matching supervisor-level `sstateen` CSR is all read-only zeros. + +definedBy: + allOf: + - Smstateen + - Ssstateen + +fields: + DATA: + location_rv64: 63-0 + location_rv32: 31-0 + description: Data value + type: RW + sw_write(csr_value): | + # For every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching sstateen CSR. + Bits<64> mstateen3_mask = $bits(CSR[mstateen3]); + Bits<64> data_value = csr_value.DATA & mstateen3_mask; + + # For every bit in an hstateen CSR that is zero, the same bit + # appears as read-only zero in sstateen when accessed in VS-mode. + if (mode() == PrivilegeMode::VS) { + Bits<64> hstateen3_mask = $bits(CSR[hstateen3]); + data_value = data_value & hstateen3_mask; + } + + return data_value; + reset_value: UNDEFINED_LEGAL +sw_read(): | + # For every bit in an mstateen CSR that is zero, the same bit + # appears as read-only zero in the matching sstateen CSR. + Bits<64> mstateen3_mask = $bits(CSR[mstateen3]); + Bits<64> sstateen3_value = $bits(CSR[sstateen3]) & mstateen3_mask; + + # For every bit in an hstateen CSR that is zero, the same bit + # appears as read-only zero in sstateen when accessed in VS-mode. + if (mode() == PrivilegeMode::VS) { + Bits<64> hstateen3_mask = $bits(CSR[hstateen3]); + sstateen3_value = sstateen3_value & hstateen3_mask; + } + + return sstateen3_value; diff --git a/arch/ext/S.yaml b/arch/ext/S.yaml index 863f24aa6..0d7f308bc 100644 --- a/arch/ext/S.yaml +++ b/arch/ext/S.yaml @@ -328,3 +328,35 @@ params: When not implemented mstatus.TVM will be read-only-zero. schema: type: boolean + MSTATEEN_ENVCFG_TYPE: + when: + name: Smstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the mstateen0.ENVCFG bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + HSTATEEN_ENVCFG_TYPE: + when: + allOf: + - name: H + version: ~> 1.0 + - name: Ssstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the hstateen0.ENVCFG bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + extra_validation: | + assert HSTATEEN_ENVCFG_TYPE == 'read-only-0' if MSTATEEN_ENVCFG_TYPE == 'read-only-0' + assert HSTATEEN_ENVCFG_TYPE == 'read-only-1' if MSTATEEN_ENVCFG_TYPE == 'read-only-1' diff --git a/arch/ext/Sdtrig.yaml b/arch/ext/Sdtrig.yaml index 28c25794f..b0523e40a 100644 --- a/arch/ext/Sdtrig.yaml +++ b/arch/ext/Sdtrig.yaml @@ -28,3 +28,37 @@ versions: - version: "1.0.0" state: ratified ratification_date: null + +params: + MSTATEEN_CONTEXT_TYPE: + when: + name: Smstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the mstateen0.CONTEXT bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + HSTATEEN_CONTEXT_TYPE: + when: + allOf: + - name: H + version: ~> 1.0 + - name: Ssstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the hstateen0.CONTEXT bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + extra_validation: | + assert HSTATEEN_CONTEXT_TYPE == 'read-only-0' if MSTATEEN_CONTEXT_TYPE == 'read-only-0' + assert HSTATEEN_CONTEXT_TYPE == 'read-only-1' if MSTATEEN_CONTEXT_TYPE == 'read-only-1' diff --git a/arch/ext/Smstateen.yaml b/arch/ext/Smstateen.yaml new file mode 100644 index 000000000..5b38200ca --- /dev/null +++ b/arch/ext/Smstateen.yaml @@ -0,0 +1,25 @@ +# yaml-language-server: $schema=../../schemas/ext_schema.json + +$schema: "ext_schema.json#" +kind: extension +name: Smstateen +long_name: Machine-mode view of the state-enable extension +description: | + Machine-mode view of the state-enable extension. The Smstateen + extension specification comprises the `mstateen*`, `sstateen*`, + and `hstateen*` CSRs and their functionality. + + NOTE: The Smstateen extension specification is an M-mode extension as + it includes M-mode features, but the supervisor-mode visible + components of the extension are named as the Ssstateen extension. Only + Ssstateen is mandated in the RVA22S64 profile when the hypervisor + extension is implemented. These registers are not mandated or + supported options without the hypervisor extension, as there are no + RVA22S64 supported options with relevant state to control in the + absence of the hypervisor extension. + +type: privileged +versions: + - version: "1.0.0" + state: ratified + ratification_date: null diff --git a/arch/ext/Ssaia.yaml b/arch/ext/Ssaia.yaml index 028adb0fa..d11fbe195 100644 --- a/arch/ext/Ssaia.yaml +++ b/arch/ext/Ssaia.yaml @@ -14,3 +14,69 @@ versions: requires: name: S version: ">= 1.12" + +params: + MSTATEEN_AIA_TYPE: + when: + name: Smstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the mstateen0.AIA bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + HSTATEEN_AIA_TYPE: + when: + allOf: + - name: H + version: ~> 1.0 + - name: Ssstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the hstateen0.AIA bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + extra_validation: | + assert HSTATEEN_AIA_TYPE == 'read-only-0' if MSTATEEN_AIA_TYPE == 'read-only-0' + assert HSTATEEN_AIA_TYPE == 'read-only-1' if MSTATEEN_AIA_TYPE == 'read-only-1' + MSTATEEN_IMSIC_TYPE: + when: + name: Smstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the mstateen0.IMSIC bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + HSTATEEN_IMSIC_TYPE: + when: + allOf: + - name: H + version: ~> 1.0 + - name: Ssstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the hstateen0.IMSIC bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + extra_validation: | + assert HSTATEEN_IMSIC_TYPE == 'read-only-0' if MSTATEEN_IMSIC_TYPE == 'read-only-0' + assert HSTATEEN_IMSIC_TYPE == 'read-only-1' if MSTATEEN_IMSIC_TYPE == 'read-only-1' diff --git a/arch/ext/Sscsrind.yaml b/arch/ext/Sscsrind.yaml index fba0681d9..1954f4538 100644 --- a/arch/ext/Sscsrind.yaml +++ b/arch/ext/Sscsrind.yaml @@ -42,3 +42,37 @@ versions: version: ~> 1.13 - name: Smcsrind version: ~> 1.0 + +params: + MSTATEEN_CSRIND_TYPE: + when: + name: Smstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the mstateen0.CSRIND bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + HSTATEEN_CSRIND_TYPE: + when: + allOf: + - name: H + version: ~> 1.0 + - name: Ssstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the hstateen0.CSRIND bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + extra_validation: | + assert HSTATEEN_CSRIND_TYPE == 'read-only-0' if MSTATEEN_CSRIND_TYPE == 'read-only-0' + assert HSTATEEN_CSRIND_TYPE == 'read-only-1' if MSTATEEN_CSRIND_TYPE == 'read-only-1' diff --git a/arch/ext/Zcmt.yaml b/arch/ext/Zcmt.yaml index f3ed2357e..171c3f0d6 100644 --- a/arch/ext/Zcmt.yaml +++ b/arch/ext/Zcmt.yaml @@ -90,3 +90,58 @@ versions: # - [Zcb, "1.0.0"] # - [Zcmp, "1.0.0"] # - [Zcmt, "1.0.0"] + +params: + MSTATEEN_JVT_TYPE: + when: + name: Smstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the mstateen0.JVT bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + HSTATEEN_JVT_TYPE: + when: + allOf: + - name: H + version: ~> 1.0 + - name: Ssstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the hstateen0.JVT bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + extra_validation: | + assert HSTATEEN_JVT_TYPE == 'read-only-0' if MSTATEEN_JVT_TYPE == 'read-only-0' + assert HSTATEEN_JVT_TYPE == 'read-only-1' if MSTATEEN_JVT_TYPE == 'read-only-1' + SSTATEEN_JVT_TYPE: + when: + allOf: + - name: S + version: ~> 1.0 + - name: Ssstateen + version: ~> 1.0 + schema: + type: string + enum: [rw, read-only-0, read-only-1] + description: | + Behavior of the sstateen0.JVT bit: + + * 'rw': read-write + * 'read-only-0': read-only, fixed to 0 + * 'read-only-1': read-only, fixed to 1 + extra_validation: | + assert SSTATEEN_JVT_TYPE == 'read-only-0' if MSTATEEN_JVT_TYPE == 'read-only-0' + assert SSTATEEN_JVT_TYPE == 'read-only-0' if HSTATEEN_JVT_TYPE == 'read-only-0' + assert SSTATEEN_JVT_TYPE == 'read-only-1' if MSTATEEN_JVT_TYPE == 'read-only-1' + assert SSTATEEN_JVT_TYPE == 'read-only-1' if HSTATEEN_JVT_TYPE == 'read-only-1' diff --git a/lib/cfg_arch.rb b/lib/cfg_arch.rb index f60ed1121..16de8bf4b 100644 --- a/lib/cfg_arch.rb +++ b/lib/cfg_arch.rb @@ -430,7 +430,7 @@ def not_prohibited_extension_versions elsif @config.partially_configured? extensions.map(&:versions).flatten.reject { |ext_ver| transitive_prohibited_extension_versions.include?(ext_ver) } else - extensions.map(&:version).flatten + extensions.map(&:versions).flatten end end alias possible_extension_versions not_prohibited_extension_versions