Skip to content

Commit

Permalink
local/global clarification
Browse files Browse the repository at this point in the history
  • Loading branch information
tariqkurd-repo committed Oct 29, 2024
1 parent 86417e4 commit aaf875b
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 3 deletions.
2 changes: 1 addition & 1 deletion src/insns/atomic_exceptions.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ If <<c_perm>> is not granted then store the memory tag as zero, and load `cd.tag
+
If the authorizing capability does not grant <<lm_perm>>, and the tag of `cd` is 1 and `cd` is not sealed, then an implicit <<ACPERM>> clearing <<w_perm>> and <<lm_perm>> is performed to obtain the intermediate permissions on `cd` (see <<LC>>).
+
If the authorizing capability does not grant <<el_perm>>, and the tag of `cd` is 1, then an implicit <<ACPERM>> clearing <<el_perm>> and restricting <<section_cap_level>> to the level of the authorizing capability is performed to obtain the final permissions on `cd` (see <<LC>>).
If the authorizing capability does not grant <<el_perm>>, the authorizing <<section_cap_level>> is _local_ and the tag of `cd` is 1, then an implicit <<ACPERM>> clearing <<el_perm>> and restricting the <<section_cap_level>> to the level of the authorizing capability is performed to obtain the final permissions on `cd` (see <<LC>>).
+
endif::[]
ifndef::cap_atomic[]
Expand Down
2 changes: 1 addition & 1 deletion src/insns/load_tag_perms.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ The tag value written to `cd` is 0 if the tag of the memory location loaded is
+
If the authorizing capability does not grant <<lm_perm>>, and the tag of `cd` is 1 and `cd` is not sealed, then an implicit <<ACPERM>> clearing <<w_perm>> and <<lm_perm>> is performed to obtain the intermediate permissions on `cd`.
+
If the authorizing capability does not grant <<el_perm>>, and the tag of `cd` is 1, then an implicit <<ACPERM>> clearing <<el_perm>> and restricting <<section_cap_level>> to the level of the authorizing capability is performed to obtain the final permissions on `cd`.
If the authorizing capability does not grant <<el_perm>>, the authorizing <<section_cap_level>> is _local_ and the tag of `cd` is 1, then an implicit <<ACPERM>> clearing <<el_perm>> and restricting the <<section_cap_level>> to the level of the authorizing capability is performed to obtain the final permissions on `cd`.

NOTE: Missing <<lm_perm>> does not affect untagged values since this could result in surprising bit patterns when copying non-capability data.
Similarly, sealed capabilities are not modified as they are not directly dereferenceable.
Expand Down
4 changes: 3 additions & 1 deletion src/level-ext.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ NOTE: The <<cap_encoding_xlen64,`MXLEN=64` capability encoding>> diagram shows t
NOTE: {cheri_levels_ext_name} requires that LVLBITS&#8805;1 although LVLBITS>1 is considered an experimental enhancement of this extension.
See <<section_ext_cheri_multiple_levels>> for the mechanics when LVLBITS>1.

[#section_cap_level,reftext="capability level"]
[#section_cap_level,reftext="Capability Level (CL)"]
==== Capability Level (CL)

The Capability Level (CL) is a new field added to the capability encoding, as shown in xref:section_cap_encoding[xrefstyle=short].
Expand Down Expand Up @@ -108,6 +108,8 @@ This avoids the need for a dedicated instruction and allows reducing the level a
[#section_cap_level_summary]
=== Capability level summary table

NOTE: A capability with <<section_cap_level,CL>>=1 is *global* and with <<section_cap_level,CL>>=0 is *local*.

.{cheri_levels_ext_name} `LVLBITS=1` summary table for stored capabilities
[#cap_level_store_summary,width="100%",options=header,halign=center,cols="1,1,1,1,5"]
|==============================================================================
Expand Down

0 comments on commit aaf875b

Please sign in to comment.