@@ -379,11 +379,20 @@ tables is ignored.
379379[[HYPERVISOR_LDST]]
380380=== Memory tagging and hypervisor memory accesses
381381
382- HLVX* instructions always generate unchecked loads. HLV*/HSV* instructions in
383- HS and HU mode may generate checked accesses depending on effective privilege
384- of VS or VU (as defined in privileged specification). Memory accesses generated
385- from HLV*/HSV* instructions in HU mode may generate checked accesses when
386- `hstatus.HU` is set.
382+ HLVX* instructions always generate unchecked loads and collect MTAG bit from
383+ VS-stage page table for code page of guest instruction in following manner
384+
385+ hstatus.MTAG_I = VS-stage_leaf_PTE(s).MTAG & VS-stage_leaf_PTE(s).X
386+
387+ If `vsat.MODE == BARE`, then `hstatus.MTAG_I` will always be clear.
388+
389+ HLV*/HSV* instructions generate unchecked memory accesses if VS-stage leaf
390+ PTE entry's execute permission bit is set.
391+
392+ If `hstatus.MTAG_I` is set, then HLV*/HSV* instructions do not generate
393+ checked accesses. If `hstatus.MTAG_I` is clear, then HLV*/HSV* instructions
394+ in HS and HU mode may generate checked accesses depending on effective privilege
395+ of VS or VU (as defined in privileged specification).
387396
388397`xMT_MODE` (see <<MEM_TAG_EN>>) for HLV* and HSV* instructions is defined based
389398on the effective privilege of VS or VU (as defined in privileged specification),
@@ -402,6 +411,25 @@ If HLV*/HSV* instructions result in a tag mismatch, software check exception is
402411delivered to HS mode with tval = 4 and hstatus.GVA set. In case of tag mismatch,
403412software check exception is always delivered synchronously.
404413
414+ [[MPRV_LDST]]
415+ === Memory tagging on loads/stores affected by Modify Privilege bit (MPRV)
416+
417+ If execution environment is M-mode, MPRV and MXR both are set, and memory
418+ tagging is enabled for effective privilege then load instruction collect MTAG
419+ bit from first stage page table for code page of guest instruction in following
420+ manner
421+
422+ mstatus.MTAG_I = first-stage_leaf_PTE(s).MTAG & first-stage_leaf_PTE(s).X
423+
424+ If `sat.MODE == BARE`, then `mstatus.MTAG_I` will always be clear.
425+
426+ If MRPV=1 and first-stage page table leaf entry PTE (for effective mode S/U/VU/VS
427+ /HS/HU) has execute permission bit set then load generate unchecked accesses. If
428+ MPRV=1 and `mstatus.MTAG_I` is set, then load and store instructions generate
429+ unchecked accesses. If MPRV=1 and `mstatus.MTAG_I` is clear, then load and store
430+ instructions may generate checked accesses depending on effective privilege.
431+ `xMT_MODE` is selected based on effective privilege (see <<MEM_TAG_EN>>).
432+
405433[[MEMTAG_CSR_CTRL]]
406434=== CSR bits for memory tagging
407435
@@ -573,6 +601,54 @@ When `MT_MODE` is `0b00`, the following rules apply to VS-mode:
573601
574602* Zimt instructions will revert to their behavior as defined by Zimop.
575603
604+ ==== Machine Status Register (`mstatus`)
605+
606+ .Machine-mode status register (`mstatus`) for RV64
607+ [wavedrom, ,svg]
608+ ....
609+ {reg: [
610+ {bits: 1, name: 'WPRI'},
611+ {bits: 1, name: 'SIE'},
612+ {bits: 1, name: 'WPRI'},
613+ {bits: 1, name: 'MIE'},
614+ {bits: 1, name: 'WPRI'},
615+ {bits: 1, name: 'SPIE'},
616+ {bits: 1, name: 'UBE'},
617+ {bits: 1, name: 'MPIE'},
618+ {bits: 1, name: 'SPP'},
619+ {bits: 2, name: 'VS[1:0]'},
620+ {bits: 2, name: 'MPP[1:0]'},
621+ {bits: 2, name: 'FS[1:0]'},
622+ {bits: 2, name: 'XS[1:0]'},
623+ {bits: 1, name: 'MPRV'},
624+ {bits: 1, name: 'SUM'},
625+ {bits: 1, name: 'MXR'},
626+ {bits: 1, name: 'TVM'},
627+ {bits: 1, name: 'TW'},
628+ {bits: 1, name: 'TSR'},
629+ {bits: 1, name: 'SPELP'},
630+ {bits: 1, name: 'SDT'},
631+ {bits: 7, name: 'WPRI'},
632+ {bits: 2, name: 'UXL[1:0]'},
633+ {bits: 2, name: 'SXL[1:0]'},
634+ {bits: 1, name: 'SBE'},
635+ {bits: 1, name: 'MBE'},
636+ {bits: 1, name: 'GVA'},
637+ {bits: 1, name: 'MPV'},
638+ {bits: 1, name: 'MTAG_I'},
639+ {bits: 1, name: 'MPELP'},
640+ {bits: 1, name: 'MDT'},
641+ {bits: 20, name: 'WPRI'},
642+ {bits: 1, name: 'SD'},
643+ ], config:{lanes: 4, hspace:1024}}
644+ ....
645+
646+ The Zimt extension adds `MTAG_I` bit to `mstatus`. When a trap is taken to
647+ M-mode and `mtval` is written with nonzero value, then MTAG bit for code page
648+ of qualifying instruction is deposited in `mstatus.MTAG_I`. If in M-mode, MPRV
649+ and MXR both are set, load sets `mstatus.MTAG_I` to bitwise AND of first-stage
650+ leaf page entry MTAG bit and execute permission bit.
651+
576652==== Hypervisor Status Register (`hstatus`)
577653
578654.Hypervisor status register (`hstatus`)
@@ -585,7 +661,8 @@ When `MT_MODE` is `0b00`, the following rules apply to VS-mode:
585661 {bits: 1, name: 'SPV'},
586662 {bits: 1, name: 'SPVP'},
587663 {bits: 1, name: 'HU'},
588- {bits: 2, name: 'WPRI'},
664+ {bits: 1, name: 'MTAG_I'},
665+ {bits: 1, name: 'WPRI'},
589666 {bits: 6, name: 'VGEIN'},
590667 {bits: 2, name: 'WPRI'},
591668 {bits: 1, name: 'VTVM'},
@@ -600,9 +677,15 @@ When `MT_MODE` is `0b00`, the following rules apply to VS-mode:
600677], config:{lanes: 4, hspace:1024}}
601678....
602679
603- The Zimt extension adds `VUMT_MODE` (bit 51:50) to `hstatus`. When the `HU`
604- field is set, HLV*/HSV* may generate checked accesses in HU mode. `VUMT_MODE`
605- selects the `xMT_MODE` if effective privilege mode is VU.
680+ The Zimt extension adds `VUMT_MODE` (bit 51:50) to `hstatus`. `VUMT_MODE`
681+ selects the `xMT_MODE` if execution environment is HU mode and effective
682+ privilege mode is VU. `hstatus.MTAG_I` bit emulates `MTAG` bit for
683+ instruction fetch from code page. When a trap is taken to HS mode and `htinst`
684+ is written with nonzero value, then VS-stage page table's MTAG bit on code page
685+ for qualifying instruction is deposited in `hstatus.MTAG_I`. Furthermore, when
686+ HLVX* instructions walks VS-stage page table to fetch instruction then
687+ `hstatus.MTAG_I` is set to bitwise AND of VS-stage leaf entry's `MTAG` and
688+ execute permission bits.
606689
607690<<<
608691
0 commit comments