1. Tech-Privileged
  2. Messages

Re: [RISC-V] [tech-tee] [RISC-V] [tech-privileged] enhanced PMP with four security levels

Allen Baum
 

I'm going to suggest removing the DMC bit and replacing it with "any region locked".
This is a lot less expensive than a configuration bit, and I'd argue it gives you the functionality you need.

On Wed, Feb 19, 2020 at 9:12 AM Mr Tariq Kurd <tariq.kurd@...> wrote:
Thanks Allen and John,

I found John's version easier to read and I have added an extra sheet "permissions" to it showing the effect of the 4 different schemes. I give an idea of how to program the different modes, but I'm mainly showing which combinations of

M-mode permissions
S/U-mode permissions
Locked / unlocked

....are possible.

I'm planning to use this to help an internal discussion on the options in the next few days.

Tariq


-----Original Message-----
From: tech-tee@... [mailto:tech-tee@...] On Behalf Of John Hauser
Sent: 19 February 2020 06:23
To: tech-tee@...; tech-privileged@...
Subject: Re: [RISC-V] [tech-tee] [RISC-V] [tech-privileged] enhanced PMP with four security levels

Allen Baum wrote:
> Here is my visual cheat sheet showing the 3 proposals

I've attached my own version, somewhat simplified.  (I edited Allen's file with LibreOffice on Linux.  Hope it comes through clear for
everyone.)

Since the MML and MSL variables serve the same purpose, I've rearranged the tables to keep those dimensions aligned.  Also, I feel that the question of whether a "security exception" or an ordinary access fault is taken is an entirely separate debate, so I removed that distinction from the tables.  I've made some other simplifications and realignments to aid comparison, as you'll see.

Regards,

    - John Hauser
Join tech-privileged@lists.riscv.org to automatically receive all group messages.