tech-privileged@lists.riscv.org | MPIE and MPP update when returning from interrupt with MRET

Home Messages Hashtags Subgroups

Date Date 1 - 4 of 4

MPIE and MPP update when returning from interrupt with MRET

Bill Huffman #420 When an exception or an ECALL arrives at its handler, the privilege of the code running before the exception/ECALL is always available in MPP or SPP. Bill toggle quoted message Show quoted text From: tech-privileged@... <tech-privileged@...> On Behalf Of Allen Baum Sent: Tuesday, December 15, 2020 12:01 PM To: Richard Trauben <rtrauben@...> Cc: anne.merlande@...; tech-privileged@... Subject: Re: [RISC-V] [tech-privileged] MPIE and MPP update when returning from interrupt with MRET EXTERNAL MAIL This is in the priv spec sec 3.1.6.1 - just search for mret. My explanation of why MPP reverts to Umode is to prevent privilege escalation if you go off the end of the 1-deep privilege level stack. Whichever mode you return to, you can always set PP to either your own mode, or a lower priv level, but not higher, and this ensures it doesn't start out higher. The absence of which mode you are in is quite deliberate: its existence is a virtualization hole. On Tue, Dec 15, 2020 at 11:48 AM Richard Trauben <rtrauben@...> wrote: privilege transitions from levels other than U to a handler at levels other than M are certainly possible. DELEG,IE amd EXCEPT will enable exception handler entry to non-M privilege moss handler and set the callera privilege level in the PP field to q non-U mode which calls the non-M mode handler. Please provide the spec name, version, chapter, page, paragraph and sentence so an editor can consider details to clarify the reference. for me, the more problematic issue was there was no psr to identify the privilege of the caller. technically however it is implicit and it’s assumed the code knows the privilege it was written for. it’s ok once you get used to the convention. Richard On Dec 15, 2020, at 7:18 AM, Anne MERLANDE via lists.riscv.org <anne.merlande=st.com@...> wrote: Hello The privileged architecture says that when returning from interrupt with MRET, MPIE is set to 1 (and MPP is set to U). What is the rational behind ? Is it still in the context of supporting nested traps ? In case of an implementation with 2 privileged modes but no N extension is it still necessary ? Thanks for your help Anne
More All Messages By This Member
Allen Baum #419 This is in the priv spec sec 3.1.6.1 - just search for mret. My explanation of why MPP reverts to Umode is to prevent privilege escalation if you go off the end of the 1-deep privilege level stack. Whichever mode you return to, you can always set PP to either your own mode, or a lower priv level, but not higher, and this ensures it doesn't start out higher. The absence of which mode you are in is quite deliberate: its existence is a virtualization hole. toggle quoted message Show quoted text On Tue, Dec 15, 2020 at 11:48 AM Richard Trauben <rtrauben@...> wrote: privilege transitions from levels other than U to a handler at levels other than M are certainly possible. DELEG,IE amd EXCEPT will enable exception handler entry to non-M privilege moss handler and set the callera privilege level in the PP field to q non-U mode which calls the non-M mode handler. Please provide the spec name, version, chapter, page, paragraph and sentence so an editor can consider details to clarify the reference. for me, the more problematic issue was there was no psr to identify the privilege of the caller. technically however it is implicit and it’s assumed the code knows the privilege it was written for. it’s ok once you get used to the convention. Richard On Dec 15, 2020, at 7:18 AM, Anne MERLANDE via lists.riscv.org <anne.merlande=st.com@...> wrote: Hello The privileged architecture says that when returning from interrupt with MRET, MPIE is set to 1 (and MPP is set to U). What is the rational behind ? Is it still in the context of supporting nested traps ? In case of an implementation with 2 privileged modes but no N extension is it still necessary ? Thanks for your help Anne
More All Messages By This Member
Richard Trauben #418 privilege transitions from levels other than U to a handler at levels other than M are certainly possible. DELEG,IE amd EXCEPT will enable exception handler entry to non-M privilege moss handler and set the callera privilege level in the PP field to q non-U mode which calls the non-M mode handler. Please provide the spec name, version, chapter, page, paragraph and sentence so an editor can consider details to clarify the reference. for me, the more problematic issue was there was no psr to identify the privilege of the caller. technically however it is implicit and it’s assumed the code knows the privilege it was written for. it’s ok once you get used to the convention. Richard toggle quoted message Show quoted text On Dec 15, 2020, at 7:18 AM, Anne MERLANDE via lists.riscv.org <anne.merlande=st.com@...> wrote: Hello The privileged architecture says that when returning from interrupt with MRET, MPIE is set to 1 (and MPP is set to U). What is the rational behind ? Is it still in the context of supporting nested traps ? In case of an implementation with 2 privileged modes but no N extension is it still necessary ? Thanks for your help Anne
More All Messages By This Member
Anne MERLANDE #417 Hello The privileged architecture says that when returning from interrupt with MRET, MPIE is set to 1 (and MPP is set to U). What is the rational behind ? Is it still in the context of supporting nested traps ? In case of an implementation with 2 privileged modes but no N extension is it still necessary ? Thanks for your help Anne
More All Messages By This Member

1 - 4 of 4

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms