From c3fe25aeda97187fa8d9829ab924e9513c78fd8b Mon Sep 17 00:00:00 2001 From: OlivierBetschi <140494506+OlivierBetschi@users.noreply.github.com> Date: Wed, 12 Mar 2025 13:17:40 +0100 Subject: [PATCH] PMP Verif Plan and tests (#2648) Verification Plan provided in VP_TOOL for the PMP. The verification plan should be complete, however only a partial set of the tests is available. This is not included in the CI but a bash script is available to run the test. --- core/cva6_rvfi.sv | 3 +- verif/docs/VerifPlans/PMP/VP_IP000.yml | 358 + verif/docs/VerifPlans/PMP/VP_IP001.yml | 45 + verif/docs/VerifPlans/PMP/VP_IP002.yml | 159 + verif/docs/VerifPlans/PMP/VP_IP003.yml | 277 + verif/docs/VerifPlans/PMP/VP_IP004.yml | 146 + verif/docs/VerifPlans/PMP/VP_IP005.yml | 90 + verif/docs/VerifPlans/PMP/VP_IP006.yml | 82 + verif/docs/VerifPlans/PMP/VP_IP010.yml | 128 + verif/docs/VerifPlans/PMP/VP_IP011.yml | 2069 ++ verif/docs/VerifPlans/PMP/VP_IP012.yml | 2052 ++ verif/docs/VerifPlans/PMP/VP_IP013.yml | 1133 ++ verif/docs/VerifPlans/PMP/VP_IP014.yml | 1119 ++ verif/docs/VerifPlans/PMP/VP_IP015.yml | 1502 ++ verif/docs/VerifPlans/PMP/VP_IP016.yml | 1482 ++ verif/docs/VerifPlans/PMP/VP_IP017.yml | 1153 ++ verif/docs/VerifPlans/PMP/VP_IP018.yml | 1129 ++ verif/docs/VerifPlans/PMP/VP_IP019.yml | 525 + verif/docs/VerifPlans/PMP/VP_IP021.yml | 376 + verif/docs/VerifPlans/PMP/VP_IP022.yml | 376 + verif/docs/VerifPlans/PMP/VP_IP023.yml | 378 + verif/docs/VerifPlans/PMP/VP_IP024.yml | 200 + verif/docs/VerifPlans/PMP/VP_IP025.yml | 290 + verif/docs/VerifPlans/PMP/VP_IP031.yml | 51 + verif/docs/VerifPlans/PMP/pmp_verif_plan.txt | 1739 ++ .../PMP/pmp_verif_plan_features.txt | 224 + verif/docs/VerifPlans/PMP/runme.sh | 34 + verif/docs/VerifPlans/source/dvplan_PMP.md | 16607 ++++++++++++++++ verif/regress/pmp_cv32a65x_tests.sh | 278 + .../pmp_cv32a65x_decreasing_entries_test.S | 98 + .../pmp_cv32a65x_defined_matches_test.S | 48 + .../pmp_cv32a65x_double_entries_test.S | 72 + .../pmp_cv32a65x_exact_csrr_test.S | 99 + .../pmp_cv32a65x_granularity_test.S | 44 + .../pmp_cv32a65x_locked_outside_napot_test.S | 45 + .../pmp_cv32a65x_locked_outside_tor_test.S | 61 + .../pmp_cv32a65x_lsu_napot_test.S | 111 + .../pmp_cv32a65x/pmp_cv32a65x_lsu_tor_test.S | 125 + .../pmp_cv32a65x_read_me_first.txt | 30 + 39 files changed, 34737 insertions(+), 1 deletion(-) create mode 100644 verif/docs/VerifPlans/PMP/VP_IP000.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP001.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP002.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP003.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP004.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP005.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP006.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP010.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP011.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP012.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP013.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP014.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP015.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP016.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP017.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP018.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP019.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP021.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP022.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP023.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP024.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP025.yml create mode 100644 verif/docs/VerifPlans/PMP/VP_IP031.yml create mode 100644 verif/docs/VerifPlans/PMP/pmp_verif_plan.txt create mode 100644 verif/docs/VerifPlans/PMP/pmp_verif_plan_features.txt create mode 100644 verif/docs/VerifPlans/PMP/runme.sh create mode 100644 verif/docs/VerifPlans/source/dvplan_PMP.md create mode 100644 verif/regress/pmp_cv32a65x_tests.sh create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_decreasing_entries_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_defined_matches_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_double_entries_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_exact_csrr_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_granularity_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_napot_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_tor_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_napot_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_tor_test.S create mode 100644 verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_read_me_first.txt diff --git a/core/cva6_rvfi.sv b/core/cva6_rvfi.sv index 4b4f863e4..a6fbf17a7 100644 --- a/core/cva6_rvfi.sv +++ b/core/cva6_rvfi.sv @@ -429,7 +429,8 @@ module cva6_rvfi genvar i; generate for (i = 0; i < 16; i++) begin - `CONNECT_RVFI_FULL(1'b1, pmpaddr[i], csr.pmpaddr_q[i][CVA6Cfg.PLEN-3:0]) + `CONNECT_RVFI_FULL(1'b1, pmpaddr[i], { + csr.pmpaddr_q[i][CVA6Cfg.PLEN-3:1], pmpcfg_q[i].addr_mode[1]}) end endgenerate ; diff --git a/verif/docs/VerifPlans/PMP/VP_IP000.yml b/verif/docs/VerifPlans/PMP/VP_IP000.yml new file mode 100644 index 000000000..8e7da47c6 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP000.yml @@ -0,0 +1,358 @@ +!Feature +next_elt_id: 15 +name: TRISTAN Restrictions +id: 0 +display_order: 0 +subfeatures: !!omap +- 000_general: !Subfeature + name: 000_general + tag: VP_PMP_F000_S000 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S000_I000 + description: "\nthe verif plan is written for 32bits architecture only" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 001_number of harts: !Subfeature + name: 001_number of harts + tag: VP_PMP_F000_S001 + next_elt_id: 2 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S001_I000 + description: "\nthere is only 1 hart in cv32a6" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 002_mxlen: !Subfeature + name: 002_mxlen + tag: VP_PMP_F000_S002 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S002_I000 + description: "\nMXLEN is always 32bits" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 003_xlen: !Subfeature + name: 003_xlen + tag: VP_PMP_F000_S003 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S003_I000 + description: "\nXLEN=MXLEN=32, so the PMP address registers are XLEN bits + long, so no zero-extension needed" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 004_granularity: !Subfeature + name: 004_granularity + tag: VP_PMP_F000_S004 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S004_I000 + description: "\nPMP granularity is 8 bytes (G=1), but the verif plan is written + to take G=0 into account (NA4)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 005_number of pmp entries: !Subfeature + name: 005_number of pmp entries + tag: VP_PMP_F000_S005 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S005_I000 + description: "\nthere are 8 HW implemented PMP entries" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 006_hardwired regions: !Subfeature + name: 006_hardwired regions + tag: VP_PMP_F000_S006 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S006_I000 + description: "\nnone of the 8 PMP entries is hardwired privileges" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 007_virtual memory: !Subfeature + name: 007_virtual memory + tag: VP_PMP_F000_S007 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S007_I000 + description: "\nno virtual memory is implemented\nas a consequence no page-based + virtual memory is implemented" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 008_physical memory regions: !Subfeature + name: 008_physical memory regions + tag: VP_PMP_F000_S008 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S008_I000 + description: "\nthe list of all physical memory regions\n - system memory + regions\n - I-$\n - D-$\n - I-scratchpad (preload mode)\n - I-scratchpad + (functional mode)\n - D-scratchpad\n - ahb_periph" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 009_pmp entry disabling: !Subfeature + name: 009_pmp entry disabling + tag: VP_PMP_F000_S009 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S009_I000 + description: "\nwe assume an already written PMP entry (i) can be disabled\n\ + \ - if L=0, by clearing pmpcfg(i)\n - if L=1, only by hart reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 010_access-faults (violations): !Subfeature + name: 010_access-faults (violations) + tag: VP_PMP_F000_S010 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S010_I000 + description: "\nThe testbench/testcases architecture ensures that:\n - any + time there is an access-fault type, we check it matches the related access-type\n + - all violations are trapped at the processor\n\n{Page 56 Volume II: RISC-V + Privileged Architectures V20211203}\nPMP violations are always trapped precisely + at the processor" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 011_testcases modularity: !Subfeature + name: 011_testcases modularity + tag: VP_PMP_F000_S011 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S011_I000 + description: "\nThe verif plan is written assuming there is a way (like SystemVerilog + interaction):\n - to factorize the testcases in code blocks (in particular + configuration code block and access code block)\n - to randomize the code + blocks data and addresses\n - to randomize the sequence of code blocks" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 012_access types: !Subfeature + name: 012_access types + tag: VP_PMP_F000_S012 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S012_I000 + description: "at the time of writing,\nthe verif plan makes no distinction + between load and load-reserved instructions. they are gathered in the same + access type, subtleties unknown\nthe verif plan makes no distinction between + store, store-conditional, and AMO instructions. they are gathered in the + same access type, subtleties unknown" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 013_multiple accesses instructions: !Subfeature + name: 013_multiple accesses instructions + tag: VP_PMP_F000_S013 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S013_I000 + description: "\nwe assume there is no added value to test multiple accesses + instructions" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 014_misaligned instructions: !Subfeature + name: 014_misaligned instructions + tag: VP_PMP_F000_S014 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S014_I000 + description: "\nwe assume that instructions are mandatorily aligned" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP001.yml b/verif/docs/VerifPlans/PMP/VP_IP001.yml new file mode 100644 index 000000000..6198f379c --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP001.yml @@ -0,0 +1,45 @@ +!Feature +next_elt_id: 1 +name: PMP granularity +id: 1 +display_order: 1 +subfeatures: !!omap +- 000_granularity_check: !Subfeature + name: 000_granularity_check + tag: VP_PMP_F001_S000 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F001_S000_I000 + description: "{Page 59 Volume II: RISC-V Privileged Architectures V20211203}\n + \nSoftware may determine the PMP granularity by writing zero to pmp0cfg, + then writing all ones to pmpaddr0, then reading back pmpaddr0.\nIf G is + the index of the least-signicant bit set, the PMP granularity is 2G+2 bytes." + reqt_doc: '' + ref_mode: page + ref_page: '59' + ref_section: '' + ref_viewer: evince + verif_goals: determine the PMP granularity 2^(G+2) bytes by writing zero to + pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). + G is the index G of the least-significant bit set + pfc: 11 + test_type: 2 + cov_method: 0 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR07-b\nSoftware may determine the PMP granularity + by writing zero to pmp0cfg, then writing all ones to pmpaddr0, then reading + back pmpaddr0.\n If G is the index of the least-signicant bit set, the + PMP granularity is 2G+2 bytes.\n\n\nTST01 (HIGH-PRIO) => FTR07-b\n[determine + the PMP granularity 2^(G+2) bytes by writing zero to pmp(0)cfg, then writing + all ones to pmpaddr(0), then reading back pmpaddr(0). G is the index G of + the least-significant bit set]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP002.yml b/verif/docs/VerifPlans/PMP/VP_IP002.yml new file mode 100644 index 000000000..82ecf96ce --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP002.yml @@ -0,0 +1,159 @@ +!Feature +next_elt_id: 4 +name: CSRs M-mode only +id: 2 +display_order: 2 +subfeatures: !!omap +- 000_configure_1_pmp_entry: !Subfeature + name: 000_configure_1_pmp_entry + tag: VP_PMP_F002_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F002_S001_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nPMP CSRs are only accessible to M-mode" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 1 PMP entry (i) (the 1st one),\n - check for each + PMP entry (i) reset value (read zero) by reading in M mode\n - check for + each PMP entry (i) that pmp(i)cfg and pmpaddr(i) are not writable/readable + in S or U modes\n - check for each PMP entry (i) that pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only\n - check for each PMP entry (i) that + pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST02(group) => FTR02-d\n [check that all 8 HW implemented + PMP entries are writable/readable in M-mode (L=0)]\n [check that no HW + implemented PMP entry are writable/readable in S or U modes (L=0)]\n \ + \ - random values may be used\n - before any configuration (after hart + reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST02-1 + (HIGH-PRIO)\n[configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first + one): with L=0,\n - if possible, the PMP entry number is a configurable + parameter\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are not writable/readable in S or U modes\n - check for PMP entry (i) where + L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only\n\ + \ - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are + not writable/readable in S or U modes]" +- 001_configure_2_pmp_entries: !Subfeature + name: 001_configure_2_pmp_entries + tag: VP_PMP_F002_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F002_S002_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nPMP CSRs are only accessible to M-mode" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 2 PMP entries (the 2 first ones in incrementing order),\n\ + \ - reuse of VP_PMP_F002_S001_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST02(group) => FTR02-d\n [check that all 8 HW implemented + PMP entries are writable/readable in M-mode (L=0)]\n [check that no HW + implemented PMP entry are writable/readable in S or U modes (L=0)]\n \ + \ - random values may be used\n - before any configuration (after hart + reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST02-2 + (LOW-PRIO) = 2 times reuse/call of TST02-1\n[configure 2 PMP entries ([FTR02-b1]: + maybe mandatorily the 2 first ones): both with L=0,\n - check for PMP entry + (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in + S or U modes\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only\n - check for PMP entry (i) where + L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes]" +- 002_configure_N_pmp_entries: !Subfeature + name: 002_configure_N_pmp_entries + tag: VP_PMP_F002_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F002_S003_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nPMP CSRs are only accessible to M-mode" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure N PMP entries (the N first ones in incrementing order),\n\ + \ - reuse of VP_PMP_F002_S001_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST02(group) => FTR02-d\n [check that all 8 HW implemented + PMP entries are writable/readable in M-mode (L=0)]\n [check that no HW + implemented PMP entry are writable/readable in S or U modes (L=0)]\n \ + \ - random values may be used\n - before any configuration (after hart + reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST02-3 + (LOW-PRIO) = N times reuse/call of TST02-1\n[configure N PMP entries ([FTR02-b1]: + maybe mandatorily the N first ones): all with L=0,\n - check for PMP entry + (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in + S or U modes\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only\n - check for PMP entry (i) where + L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes]" +- 003_configure_8_pmp_entries: !Subfeature + name: 003_configure_8_pmp_entries + tag: VP_PMP_F002_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F002_S004_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nPMP CSRs are only accessible to M-mode" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure all 8 PMP entries (in incrementing order),\n - reuse + of VP_PMP_F002_S001_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST02(group) => FTR02-d\n [check that all 8 HW implemented + PMP entries are writable/readable in M-mode (L=0)]\n [check that no HW + implemented PMP entry are writable/readable in S or U modes (L=0)]\n \ + \ - random values may be used\n - before any configuration (after hart + reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST02-4 + (HIGH-PRIO) = 8 times reuse/call of TST02-1\n[configure 8 PMP entries: all + with L=0,\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are not writable/readable in S or U modes\n - check for PMP entry (i) where + L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only\n\ + \ - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are + not writable/readable in S or U modes]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP003.yml b/verif/docs/VerifPlans/PMP/VP_IP003.yml new file mode 100644 index 000000000..dbc0945d8 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP003.yml @@ -0,0 +1,277 @@ +!Feature +next_elt_id: 5 +name: CSRs locked access +id: 3 +display_order: 3 +subfeatures: !!omap +- 000_configure_1_pmp_entry: !Subfeature + name: 000_configure_1_pmp_entry + tag: VP_PMP_F003_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S001_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 1 PMP entry (the 1st one) with L=1,\n - write PMP + entry (i) with L=1 in M-mode\n - A is random, should also be tried with + A=OFF when L=1 (to cover feature above)\n - check PMP entry (i) written + value in M-mode\n - check for PMP entry (i) where L=1 that pmp(i)cfg and + pmpaddr(i) are effectively locked (M-mode check only)\n - also check for + PMP entry (i) where L=1 and pmp(i)cfg.A=TOR that pmpaddr(i-1) is effectively + locked\n - apply hart reset\n - check for PMP entry (i) reset value (read + zero) by reading in M mode\n - write PMP entry (i) in M-mode\n - check + PMP entry (i) written value in M-mode\n\nREUSABILITY\n - if possible, the + PMP entry number (i) is a configurable parameter\n - if possible, (L) value + is a configurable parameter\n - so the same sub-functions are reused with + varying (i) and (L) parameters" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-1 + (HIGH-PRIO)\n[configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first + one): with L=1,\n - if possible, the PMP entry number is a configurable + parameter\n - if possible, L value is a configurable parameter\n - check + for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively + locked whatever the SW mode => FTR08-a\n - check for PMP entry (i) where + L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes]" +- 001_configure_2_pmp_entries_L1: !Subfeature + name: 001_configure_2_pmp_entries_L1 + tag: VP_PMP_F003_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S002_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 2 PMP entries (the 2 first ones in incrementing order) + with L=1,\n - reuse of VP_PMP_F003_S001_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-2 + (LOW-PRIO) = 2 times reuse/call of TST02-1\n[configure 2 PMP entries ([FTR02-b1]: + maybe mandatorily the 2 first ones): both with L=1,\n - check for PMP entry + (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever + the SW mode => FTR08-a\n - check for PMP entry (i) where L=1 that pmp(i)cfg + and pmpaddr(i) are not writable/readable in S or U modes]" +- 002_configure_2_pmp_entries_L0_L1: !Subfeature + name: 002_configure_2_pmp_entries_L0_L1 + tag: VP_PMP_F003_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S003_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 2 PMP entries (the 2 first ones in incrementing order) + at least one with L=1 and one with L=0,\n - write PMP entry (i) with L=0/1 + in M-mode\n - A is random, should also be tried with A=OFF when L=1 (to + cover feature above)\n - check PMP entry (i) written value in M-mode\n\ + \ - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are + writable in M mode (read back the written value in M mode)\n - check for + PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked + (M-mode check only)\n - also check for PMP entry (i) where L=1 and pmp(i)cfg.A=TOR + that pmpaddr(i-1) is effectively locked\n - apply hart reset\n - check + for PMP entry (i) reset value (read zero) by reading in M mode\n - write + PMP entry (i) in M-mode\n - check PMP entry (i) written value in M-mode\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, (L) value is a configurable parameter\n - so + the same sub-functions are reused with varying (i) and (L) parameters" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-3 + (HIGH-PRIO) = 2 times reuse/call of TST02-1\n[configure 2 PMP entries ([FTR02-b1]: + maybe mandatorily the 2 first ones): one with L=1 and one with L=0,\n - + check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively + locked whatever the SW mode => FTR08-a\n - check for PMP entry (i) where + L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes\n\ + \ - check locked PMP entry (i) has no effect on unlocked PMP entry (j)\n\ + \ - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are + writable/readable in M-mode only\n - check for PMP entry (i) where L=0 + that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes]" +- 003_configure_N_pmp_entries: !Subfeature + name: 003_configure_N_pmp_entries + tag: VP_PMP_F003_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S004_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure N PMP entries (the N first ones in incrementing order) + at least one with L=1 and one with L=0,\n - reuse of VP_PMP_F003_S003_I000 + sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-4 + (LOW-PRIO) = N times reuse/call of TST02-1\n[configure N PMP entries ([FTR02-b1]: + maybe mandatorily the N first ones): at least one with L=1 and one with + L=0,\n - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) + are effectively locked whatever the SW mode => FTR08-a\n - check for PMP + entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable + in S or U modes\n - check locked PMP entry (i) has no effect on unlocked + PMP entry (j)\n - check for PMP entry (i) where L=0 that pmp(i)cfg and + pmpaddr(i) are writable/readable in M-mode only\n - check for PMP entry + (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in + S or U modes]" +- 004_configure_8_pmp_entries: !Subfeature + name: 004_configure_8_pmp_entries + tag: VP_PMP_F003_S005 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S005_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure all 8 PMP entries (in incrementing order) at least + one with L=1 and one with L=0,\n - reuse of VP_PMP_F003_S003_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-5 + (HIGH-PRIO) = 8 times reuse/call of TST02-1\n[configure 8 PMP entries: at + least one with L=1 and one with L=0,\n - check for PMP entry (i) where + L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW + mode => FTR08-a\n - check for PMP entry (i) where L=1 that pmp(i)cfg and + pmpaddr(i) are not writable/readable in S or U modes\n - check locked PMP + entry (i) has no effect on unlocked PMP entry (j)\n - check for PMP entry + (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode + only\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are not writable/readable in S or U modes]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP004.yml b/verif/docs/VerifPlans/PMP/VP_IP004.yml new file mode 100644 index 000000000..80ed9259c --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP004.yml @@ -0,0 +1,146 @@ +!Feature +next_elt_id: 4 +name: CSRs programming order +id: 4 +display_order: 4 +subfeatures: !!omap +- 000_configure_1_pmp_entry: !Subfeature + name: 000_configure_1_pmp_entry + tag: VP_PMP_F004_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F004_S001_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nthe lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)\nAll PMP CSR fields are WARL and may be read-only + zero (QUESTION: does read-only zero mean not implemented?)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure any PMP entry (i), but the first one\n - reuse of + VP_PMP_F003_S003_I000 sequence (Feature: \"CSRs locked access\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST04 => FTR02-b1 and FTR02-b2\n [check if the lowest-numbered + PMP CSRs must be programmed first before programming higher-numbered ones]\n + \nTST04-1 (LOW-PRIO) extends TST02-1\n[configure any PMP entry, but the + first one\n - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only\n - check for not configured PMP entry + (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero]" +- 001_configure_2_pmp_entries: !Subfeature + name: 001_configure_2_pmp_entries + tag: VP_PMP_F004_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F004_S002_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nthe lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)\nAll PMP CSR fields are WARL and may be read-only + zero (QUESTION: does read-only zero mean not implemented?)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 2 non-adjacent PMP entries (highest-numbered ones + first) (avoid the first PMP entry)\n - reuse of VP_PMP_F003_S003_I000 sequence + (Feature: \"CSRs locked access\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST04 => FTR02-b1 and FTR02-b2\n [check if the lowest-numbered + PMP CSRs must be programmed first before programming higher-numbered ones]\n + \nTST04-2 (HIGH-PRIO) extends TST02-2\n[configure 2 non-adjacent PMP entries + (highest-numbered ones first) (avoid the first PMP entry)\n - check for + configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable + in M-mode only\n - check for not configured PMP entry (i), pmp(i)cfg and + pmpaddr(i) are M-mode read zero]" +- 002_configure_N_pmp_entries: !Subfeature + name: 002_configure_N_pmp_entries + tag: VP_PMP_F004_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F004_S003_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nthe lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)\nAll PMP CSR fields are WARL and may be read-only + zero (QUESTION: does read-only zero mean not implemented?)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure N PMP entries (highest-numbered ones first) (as non-adjacent + as possible, and avoid the first PMP entry)\n - reuse of VP_PMP_F003_S003_I000 + sequence (Feature: \"CSRs locked access\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST04 => FTR02-b1 and FTR02-b2\n [check if the lowest-numbered + PMP CSRs must be programmed first before programming higher-numbered ones]\n + \nTST04-3 (LOW-PRIO) extends TST02-3\n[configure N PMP entries (highest-numbered + ones first) (as non-adjacent as possible, and avoid the first PMP entry)\n\ + \ - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable + in M-mode only\n - check for not configured PMP entry (i), pmp(i)cfg and + pmpaddr(i) are M-mode read zero]" +- 003_configure_8_pmp_entries: !Subfeature + name: 003_configure_8_pmp_entries + tag: VP_PMP_F004_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F004_S004_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nthe lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)\nAll PMP CSR fields are WARL and may be read-only + zero (QUESTION: does read-only zero mean not implemented?)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure all 8 PMP entries (highest-numbered ones first)\n\ + \ - reuse of VP_PMP_F003_S003_I000 sequence (Feature: \"CSRs locked access\"\ + )" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST04 => FTR02-b1 and FTR02-b2\n [check if the lowest-numbered + PMP CSRs must be programmed first before programming higher-numbered ones]\n + \nTST04-4 (HIGH-PRIO) extends TST02-4\n[configure 8 PMP entries (highest-numbered + ones first)\n - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP005.yml b/verif/docs/VerifPlans/PMP/VP_IP005.yml new file mode 100644 index 000000000..1c2955923 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP005.yml @@ -0,0 +1,90 @@ +!Feature +next_elt_id: 2 +name: CSRs Hardwired regions +id: 5 +display_order: 5 +subfeatures: !!omap +- 000_access with L=0: !Subfeature + name: 000_access with L=0 + tag: VP_PMP_F005_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F005_S001_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + Certain regions’ privileges can be hardwired: so only ever be visible in + machine mode but in no lower-privilege layers.\n\n{Section 3.7.1 Page 57 + Volume II: RISC-V Privileged Architectures V20211203}\nImplementations may + implement zero, 16, or 64 PMP CSRs\n\n{https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html}\n + A maximum of 16 PMP entries are supported.\nAll PMP CSRs are always implemented, + but CSRs (or bitfields of CSRs) related to PMP entries with number CVA6Cfg.NrPMPEntries + and above are hardwired to zero.\n\nTRISTAN\n8 PMP entries are implemented" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure the first 8 PMP entries with L=0\n - for each PMP + entry (i), check several times that pmp(i)cfg and pmpaddr(i) can be written + and can be read back exactly the same (in M-mode)\n\nfor the last 8 PMP + entries, check that pmp(i)cfg and pmpaddr(i) always read zero after being + written (in M-mode with L=0)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST05 => FTR01-c and FTR01-c-extended\n [check all + regions are configurable in M-mode to make sure none is hardwired]\n [regions + hardwired privileges might only ever be visible in M-mode]\n\nTST05-1 (HIGH-PRIO) + extends TST02-4\n - check the written pmp(i)cfg and pmpaddr(i) values can + be read exactly the same as written" +- 001_access with L=1: !Subfeature + name: 001_access with L=1 + tag: VP_PMP_F005_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F005_S002_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + Certain regions’ privileges can be hardwired: so only ever be visible in + machine mode but in no lower-privilege layers.\n\n{Section 3.7.1 Page 57 + Volume II: RISC-V Privileged Architectures V20211203}\nImplementations may + implement zero, 16, or 64 PMP CSRs\n\n{https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html}\n + A maximum of 16 PMP entries are supported.\nAll PMP CSRs are always implemented, + but CSRs (or bitfields of CSRs) related to PMP entries with number CVA6Cfg.NrPMPEntries + and above are hardwired to zero.\n\nTRISTAN\n8 PMP entries are implemented" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure the first 8 PMP entries with L=1\n - for each PMP + entry (i), check once that pmp(i)cfg and pmpaddr(i) can be written and can + be read back exactly the same (in M-mode)\n - apply hart reset\n - for + each PMP entry (i), check once that pmp(i)cfg and pmpaddr(i) can be written + and can be read back exactly the same (in M-mode)\n\nfor the last 8 PMP + entries, check that pmp(i)cfg and pmpaddr(i) always read zero after being + written (in M-mode with L=1)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST05 => FTR01-c and FTR01-c-extended\n [check all + regions are configurable in M-mode to make sure none is hardwired]\n [regions + hardwired privileges might only ever be visible in M-mode]\n\nTST05-2 (LOW-PRIO) + extends TST03-5\n - check the written pmp(i)cfg and pmpaddr(i) values can + be read exactly the same as written (before hart reset)" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP006.yml b/verif/docs/VerifPlans/PMP/VP_IP006.yml new file mode 100644 index 000000000..f59c2d356 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP006.yml @@ -0,0 +1,82 @@ +!Feature +next_elt_id: 2 +name: CSRs reserved values +id: 6 +display_order: 6 +subfeatures: !!omap +- 000_access with L=0: !Subfeature + name: 000_access with L=0 + tag: VP_PMP_F006_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F006_S001_I000 + description: "{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + \nThe R, W, and X fields form a collective WARL field for which the combinations + with R=0 and W=1 are reserved." + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "repeat following sequence several times on some PMP entries\n\ + \ - write totally random values to pmp(i)cfg and pmpaddr(i), but with L=0\n\ + \ - check all pmp(i)cfg and pmpaddr(i) can be read back exactly the same + as written except:\n - except with the reserved combinations [R=0 and + W=1]\n - except with A=NA4 which must not be selectable as G>0" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST06 => FTR04-a\n[PMP CSR fields are WARL: PMP entry + combinations with R=0 and W=1 are reserved/can’t be read]\n[permissions + fields could be randomly written; should we try randomization ?]\n\nTST06-1 + (HIGH-PRIO) extends TST02-4\n - write totally random values to pmp(i)cfg + and pmpaddr(i)\n - check all pmp(i)cfg and pmpaddr(i) can be read exactly + the same as written except for the reserved combinations with R=0 and W=1" +- 001_access with L=1: !Subfeature + name: 001_access with L=1 + tag: VP_PMP_F006_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F006_S002_I000 + description: "{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + \nThe R, W, and X fields form a collective WARL field for which the combinations + with R=0 and W=1 are reserved." + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "repeat following sequence several times on some PMP entries\n\ + \ - write totally random values to pmp(i)cfg and pmpaddr(i), but with L=1\n\ + \ - check all pmp(i)cfg and pmpaddr(i) can be read back exactly the same + as written:\n - except with the reserved combinations [R=0 and W=1]\n\ + \ - except with A=NA4 which must not be selectable as G>0\n - apply + hart reset" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST06 => FTR04-a\n[PMP CSR fields are WARL: PMP entry + combinations with R=0 and W=1 are reserved/can’t be read]\n[permissions + fields could be randomly written; should we try randomization ?]\n\nTST06-2 + (LOW-PRIO) extends TST03-5\n - write totally random values to pmp(i)cfg + and pmpaddr(i)\n - check all pmp(i)cfg and pmpaddr(i) can be read exactly + the same as written except for the reserved combinations with R=0 and W=1 + (before hart reset)" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP010.yml b/verif/docs/VerifPlans/PMP/VP_IP010.yml new file mode 100644 index 000000000..e44684c19 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP010.yml @@ -0,0 +1,128 @@ +!Feature +next_elt_id: 4 +name: no cfg matching/defined +id: 10 +display_order: 10 +subfeatures: !!omap +- 000_no matching entry - M mode access: !Subfeature + name: 000_no matching entry - M mode access + tag: VP_PMP_F010_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F010_S001_I000 + description: "{Page 60 Section \"Priority and Matching Logic\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nIf no PMP entry matches an + M-mode access, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: check M-mode access succeeds if no PMP entry matches + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR09-e\n[If no PMP entry matches an M-mode access, + the access succeeds]\n \nTST10-1 (HIGH-PRIO) => FTR09-e\n[check M-mode access + succeeds if no PMP entry matches]" +- 001_no defined entry - M mode access: !Subfeature + name: 001_no defined entry - M mode access + tag: VP_PMP_F010_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F010_S002_I000 + description: "{Page 60 Section \"Priority and Matching Logic\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nIf no PMP entry matches an + M-mode access, the access succeeds\nQUESTION: what happens if no PMP entry + is implemented ?\nASSUMPTION: access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: check M-mode access succeeds if no PMP entry defined + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR09-e-question\n[what happens if no PMP entry is implemented + ?]\n \nTST10-2 (HIGH-PRIO) => FTR09-e-question\n[check M-mode access succeeds + if no PMP entry defined]" +- 002_no matching entry - S/U mode access: !Subfeature + name: 002_no matching entry - S/U mode access + tag: VP_PMP_F010_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F010_S003_I000 + description: "{Page 60 Section \"Priority and Matching Logic\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nIf no PMP entry matches an + S-mode or U-mode access, but at least one PMP entry is implemented, the + access fails" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: check S or U mode access fails when no PMP entry matching and + at least one PMP entry implemented + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR09-f\n[If no PMP entry matches an S-mode or U-mode + access, but at least one PMP entry is implemented, the access fails]\n\n + TST10-3 (HIGH-PRIO) => FTR09-f\n[check S or U mode access fails when no + PMP entry matching and at least one PMP entry implemented]" +- 003_no defined entry - S/U mode access: !Subfeature + name: 003_no defined entry - S/U mode access + tag: VP_PMP_F010_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F010_S004_I000 + description: "{Page 60 Section \"Priority and Matching Logic\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nIf no PMP entry matches an + S-mode or U-mode access, but at least one PMP entry is implemented, the + access fails\nQUESTION: what happens if no PMP entry is implemented ?\n + ASSUMPTION: access fails" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: check S or U mode access fails when no PMP entry implemented + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR09-f-question\n[what happens if no PMP entry is implemented + ?]\n \nTST10-4 (HIGH-PRIO) => FTR09-f-question\n[check S or U mode access + fails when no PMP entry implemented]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP011.yml b/verif/docs/VerifPlans/PMP/VP_IP011.yml new file mode 100644 index 000000000..07e7d1115 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP011.yml @@ -0,0 +1,2069 @@ +!Feature +next_elt_id: 30 +name: cfg NA4 access S/U (G=0) +id: 11 +display_order: 11 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F011_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S011_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch inside defined NA4 + address range with execute permissions and with L=0\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-11 (HIGH-PRIO)\n [with L=0 => FTR08-e2-2 (refers to + FTR09-d2-2),\n - configure the PMP entry with execute permissions for the + PMP region\n - fetch an instruction from that region (with exact address-matching)\n\ + \ - check no access-fault exception]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F011_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S012_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to fetch an instruction from a PMP region that does not have + execute permissions raises an instruction access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch inside defined NA4 + address range without execute permissions and with L=0\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=0, L=0, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-b\n + [Attempting to fetch an instruction from a PMP region that does not have + execute permissions raises an instruction access-fault exception]\n \nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-12 (MEDIUM-PRIO)\n[with L=0 => FTR08-e2-2 (refers + to FTR09-d2-2),\n - configure the PMP entry without execute permissions + for the PMP region\n - fetch an instruction from that region (with exact + address-matching)\n - check instruction fetch access-fault exception raised + => FTR04-b]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F011_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S013_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch from outside defined + NA4 address range with execute permissions and with L=0\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from outside all PMP defined regions\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-13 (MEDIUM-PRIO)\n [with L=0 => FTR08-e2-2 (refers + to FTR09-d2-2),\n - configure the PMP entry with execute permissions for + the PMP region\n - fetch an instruction from outside all PMP defined regions\n\ + \ - check instruction fetch access-fault exception raised]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F011_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S014_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch inside defined NA4 + address range with execute permissions and with L=1\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-14 (LOW-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry with execute permissions + for the PMP region\n - fetch an instruction from that region (with exact + address-matching)\n - check no access-fault exception]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F011_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S015_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to fetch an instruction + from a PMP region that does not have execute permissions raises an instruction + access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch inside defined NA4 + address range without execute permissions and with L=1\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=0, L=1, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-b\n + [Attempting to fetch an instruction from a PMP region that does not have + execute permissions raises an instruction access-fault exception]\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-15 (LOW-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry without execute permissions + for the PMP region\n - fetch an instruction from that region (with exact + address-matching)\n - check instruction fetch access-fault exception raised + => FTR04-b]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F011_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S016_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch from outside defined + NA4 address range with execute permissions and with L=1\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from outside all PMP defined regions\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-16 (LOW-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry with execute permissions + for the PMP region\n - fetch an instruction from outside all PMP defined + regions\n - check instruction fetch access-fault exception raised]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F011_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S021_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range with read permissions and with L=0\n \ + \ - choose a readable pmp region and address range\n - choose only one + PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n\nCHECK\n - check no access-fault exception\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-2x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP + entries with A=2 (NA4) and with/without matching permissions\n - check + only NA4 defined addresses are matching]\nTST11-21 (HIGH-PRIO)\n[with L=0 + => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry with + read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check no + access-fault exception]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F011_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S022_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range without read permissions and with L=0\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n\nCHECK\n - check load access-fault exception + raised\n\nREUSABILITY\n - if possible, the PMP entry number (i) is a + configurable parameter\n - if possible, the PMP entry lock (L) is a configurable + parameter\n - if possible, the PMP entry permissions (R,W,X) are configurable + parameters\n - if possible, the PMP entry adress-matching mode (A) is + a configurable parameter\n - if possible, the PMP entry address range + (pmpaddr) is a configurable parameter\n - if possible, the PMP entry + associated access address is a configurable parameter\n - so a single + CONFIGURATION function and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-c\n + [Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception]\n\nTST11-2x(group) => FTR01-d\n [PMP check + on load or load-reserved instruction where effective privilege mode is S + or U:\n - choose a data readable pmp region and address range\n - + choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n\ + \ - if possible, the PMP entry number is a configurable parameter\n \ + \ - choose pmpcfg(i).A=NA4\n - single access data load in S and U mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST11-22 (MEDIUM-PRIO)\n[with L=0 => FTR08-e2-2 + (refers to FTR09-d2-2),\n - configure the PMP entry without read permissions + for the PMP region\n - execute a load or load-reserved instruction from + that region (with exact address-matching)\n - check load access-fault exception + raised => FTR04-c]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F011_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S023_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + from outside defined NA4 address range with read permissions and with L=0\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n\nCHECK\n - check load access-fault exception raised\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-2x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP + entries with A=2 (NA4) and with/without matching permissions\n - check + only NA4 defined addresses are matching]\nTST11-23 (MEDIUM-PRIO)\n[with + L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry with + read permissions for the PMP region\n - execute a load or load-reserved + instruction from outside all PMP defined regions\n - check load access-fault + exception raised]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F011_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S024_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range with read permissions and with L=1\n \ + \ - choose a readable pmp region and address range\n - choose only one + PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n\nCHECK\n - check no access-fault exception\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-2x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP + entries with A=2 (NA4) and with/without matching permissions\n - check + only NA4 defined addresses are matching]\nTST11-24 (LOW-PRIO)\n[with L=1 + => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure the + PMP entry with read permissions for the PMP region\n - execute a load or + load-reserved instruction from that region (with exact address-matching)\n\ + \ - check no access-fault exception]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F011_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S025_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to execute a + load or load-reserved instruction which accesses a physical address within + a PMP region without read permissions raises a load access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range without read permissions and with L=1\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n\nCHECK\n - check load access-fault exception + raised\n\nREUSABILITY\n - if possible, the PMP entry number (i) is a + configurable parameter\n - if possible, the PMP entry lock (L) is a configurable + parameter\n - if possible, the PMP entry permissions (R,W,X) are configurable + parameters\n - if possible, the PMP entry adress-matching mode (A) is + a configurable parameter\n - if possible, the PMP entry address range + (pmpaddr) is a configurable parameter\n - if possible, the PMP entry + associated access address is a configurable parameter\n - so a single + CONFIGURATION function and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-c\n + [Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception]\n \nTST11-2x(group) => FTR01-d\n [PMP check + on load or load-reserved instruction where effective privilege mode is S + or U:\n - choose a data readable pmp region and address range\n - + choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n\ + \ - if possible, the PMP entry number is a configurable parameter\n \ + \ - choose pmpcfg(i).A=NA4\n - single access data load in S and U mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST11-25 (LOW-PRIO)\n [with L=1 => FTR08-e1 (refers + to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry without + read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check load + access-fault exception raised => FTR04-c]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F011_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S026_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + from outside defined NA4 address range with read permissions and with L=1\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n\nCHECK\n - check load access-fault exception raised\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-2x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP + entries with A=2 (NA4) and with/without matching permissions\n - check + only NA4 defined addresses are matching]\nTST11-26 (LOW-PRIO)\n[with L=1 + => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure the + PMP entry with read permissions for the PMP region\n - execute a load or + load-reserved instruction from outside all PMP defined regions\n - check + load access-fault exception raised]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F011_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S031_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=0\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-3x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in S and U mode when the bit mstatus.MPRV=0]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-31 (HIGH-PRIO)\n + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry + with write permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + no access-fault exception]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F011_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S032_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-d\n + [Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nTST11-3x(group) => FTR01-d\n \ + \ [PMP check on store, store-conditional, or AMO instruction where effective + privilege mode is S or U:\n - choose a data writable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data store + in S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST11-32 (MEDIUM-PRIO)\n + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry + without write permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + store access-fault exception raised => FTR04-d]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F011_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S033_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-3x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in S and U mode when the bit mstatus.MPRV=0]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-33 (MEDIUM-PRIO)\n + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry + with write permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n - check store access-fault + exception raised]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F011_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S034_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=1\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-3x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in S and U mode when the bit mstatus.MPRV=0]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-34 (LOW-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry with write permissions for the PMP region\n - execute a store, + store-conditional, or AMO instruction to that region (with exact address-matching)\n\ + \ - check no access-fault exception]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F011_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S035_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to execute a + store, store-conditional, or AMO instruction which accesses a physical address + within a PMP region without write permissions raises a store access-fault + exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-d\n + [Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nTST11-3x(group) => FTR01-d\n \ + \ [PMP check on store, store-conditional, or AMO instruction where effective + privilege mode is S or U:\n - choose a data writable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data store + in S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST11-35 (LOW-PRIO)\n[with + L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry without write permissions for the PMP region\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n - check store access-fault exception raised => FTR04-d]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F011_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S036_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-3x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in S and U mode when the bit mstatus.MPRV=0]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-36 (LOW-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry with write permissions for the PMP region\n - execute a store, + store-conditional, or AMO instruction to outside all PMP defined regions\n\ + \ - check store access-fault exception raised]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F011_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S041_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range with read permissions and with L=0\n \ + \ - choose a readable pmp region and address range\n - choose only one + PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from that region (with exact address-matching)\n\nCHECK\n - check no + access-fault exception\n\nREUSABILITY\n - if possible, the PMP entry + number (i) is a configurable parameter\n - if possible, the PMP entry + lock (L) is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-4x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST11-41 + (LOWEST-PRIO)\n [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure + the PMP entry with read permissions for the PMP region\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \ - check no access-fault exception]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F011_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S042_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range without read permissions and with L=0\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from that region (with exact address-matching)\n\nCHECK\n - check load + access-fault exception raised\n\nREUSABILITY\n - if possible, the PMP + entry number (i) is a configurable parameter\n - if possible, the PMP + entry lock (L) is a configurable parameter\n - if possible, the PMP entry + permissions (R,W,X) are configurable parameters\n - if possible, the + PMP entry adress-matching mode (A) is a configurable parameter\n - if + possible, the PMP entry address range (pmpaddr) is a configurable parameter\n\ + \ - if possible, the PMP entry associated access address is a configurable + parameter\n - so a single CONFIGURATION function and a single ACCESS + function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-c\n + [Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception]\n\nTST11-4x(group) => FTR01-d\n [PMP check + on load or load-reserved instruction where effective privilege mode is S + or U:\n - choose a data readable pmp region and address range\n - + choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n\ + \ - if possible, the PMP entry number is a configurable parameter\n \ + \ - choose pmpcfg(i).A=NA4\n - single access data load in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-42 (LOWEST-PRIO)\n + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry + without read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check load + access-fault exception raised => FTR04-c]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F011_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S043_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + from outside defined NA4 address range with read permissions and with L=0\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from outside all PMP defined regions\n\nCHECK\n - check load access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-4x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST11-43 + (LOWEST-PRIO)\n [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure + the PMP entry with read permissions for the PMP region\n - execute a load + or load-reserved instruction from outside all PMP defined regions\n - check + load access-fault exception raised]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F011_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S044_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range with read permissions and with L=1\n \ + \ - choose a readable pmp region and address range\n - choose only one + PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from that region (with exact address-matching)\n\nCHECK\n - check no + access-fault exception\n\nREUSABILITY\n - if possible, the PMP entry + number (i) is a configurable parameter\n - if possible, the PMP entry + lock (L) is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-4x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST11-44 + (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n\ + \ - configure the PMP entry with read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n - check no access-fault exception]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F011_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S045_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to execute a + load or load-reserved instruction which accesses a physical address within + a PMP region without read permissions raises a load access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range without read permissions and with L=1\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from that region (with exact address-matching)\n\nCHECK\n - check load + access-fault exception raised\n\nREUSABILITY\n - if possible, the PMP + entry number (i) is a configurable parameter\n - if possible, the PMP + entry lock (L) is a configurable parameter\n - if possible, the PMP entry + permissions (R,W,X) are configurable parameters\n - if possible, the + PMP entry adress-matching mode (A) is a configurable parameter\n - if + possible, the PMP entry address range (pmpaddr) is a configurable parameter\n\ + \ - if possible, the PMP entry associated access address is a configurable + parameter\n - so a single CONFIGURATION function and a single ACCESS + function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-c\n + [Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception]\n \nTST11-4x(group) => FTR01-d\n [PMP check + on load or load-reserved instruction where effective privilege mode is S + or U:\n - choose a data readable pmp region and address range\n - + choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n\ + \ - if possible, the PMP entry number is a configurable parameter\n \ + \ - choose pmpcfg(i).A=NA4\n - single access data load in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-45 (LOWEST-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry without read permissions for the PMP region\n - execute a + load or load-reserved instruction from that region (with exact address-matching)\n\ + \ - check load access-fault exception raised => FTR04-c]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F011_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S046_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + from outside defined NA4 address range with read permissions and with L=1\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from outside all PMP defined regions\n\nCHECK\n - check load access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-4x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST11-46 + (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n\ + \ - configure the PMP entry with read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n - check load access-fault exception raised]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F011_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S051_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=0\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n\nCHECK\n\ + \ - check no access-fault exception\n\nREUSABILITY\n - if possible, + the PMP entry number (i) is a configurable parameter\n - if possible, + the PMP entry lock (L) is a configurable parameter\n - if possible, the + PMP entry permissions (R,W,X) are configurable parameters\n - if possible, + the PMP entry adress-matching mode (A) is a configurable parameter\n \ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-5x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP + contains S or U]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-51 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-2 (refers + to FTR09-d2-2),\n - configure the PMP entry with write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to that region (with exact address-matching)\n - check no access-fault + exception]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F011_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S052_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n\nCHECK\n\ + \ - check store access-fault exception raised\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-d\n + [Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nTST11-5x(group) => FTR01-d\n \ + \ [PMP check on store, store-conditional, or AMO instruction where effective + privilege mode is S or U:\n - choose a data writable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data store + in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or + U]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST11-52 (LOWEST-PRIO)\n [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n\ + \ - configure the PMP entry without write permissions for the PMP region\n\ + \ - execute a store, store-conditional, or AMO instruction to that region + (with exact address-matching)\n - check store access-fault exception raised + => FTR04-d]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F011_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S053_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n\nCHECK\n - check + store access-fault exception raised\n\nREUSABILITY\n - if possible, the + PMP entry number (i) is a configurable parameter\n - if possible, the + PMP entry lock (L) is a configurable parameter\n - if possible, the PMP + entry permissions (R,W,X) are configurable parameters\n - if possible, + the PMP entry adress-matching mode (A) is a configurable parameter\n \ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-5x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP + contains S or U]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-53 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-2 (refers + to FTR09-d2-2),\n - configure the PMP entry with write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to outside all PMP defined regions\n - check store access-fault exception + raised]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F011_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S054_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=1\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n\nCHECK\n\ + \ - check no access-fault exception\n\nREUSABILITY\n - if possible, + the PMP entry number (i) is a configurable parameter\n - if possible, + the PMP entry lock (L) is a configurable parameter\n - if possible, the + PMP entry permissions (R,W,X) are configurable parameters\n - if possible, + the PMP entry adress-matching mode (A) is a configurable parameter\n \ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-5x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP + contains S or U]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-54 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + no access-fault exception]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F011_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S055_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to execute a + store, store-conditional, or AMO instruction which accesses a physical address + within a PMP region without write permissions raises a store access-fault + exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n\nCHECK\n\ + \ - check store access-fault exception raised\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-d\n + [Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nTST11-5x(group) => FTR01-d\n \ + \ [PMP check on store, store-conditional, or AMO instruction where effective + privilege mode is S or U:\n - choose a data writable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data store + in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or + U]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST11-55 (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers + to FTR09-d2-1),\n - configure the PMP entry without write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to that region (with exact address-matching)\n - check store access-fault + exception raised => FTR04-d]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F011_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S056_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n\nCHECK\n - check + store access-fault exception raised\n\nREUSABILITY\n - if possible, the + PMP entry number (i) is a configurable parameter\n - if possible, the + PMP entry lock (L) is a configurable parameter\n - if possible, the PMP + entry permissions (R,W,X) are configurable parameters\n - if possible, + the PMP entry adress-matching mode (A) is a configurable parameter\n \ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-5x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP + contains S or U]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-56 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n - check store access-fault + exception raised]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP012.yml b/verif/docs/VerifPlans/PMP/VP_IP012.yml new file mode 100644 index 000000000..5c4b0bee5 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP012.yml @@ -0,0 +1,2052 @@ +!Feature +next_elt_id: 30 +name: cfg NA4 access M (G=0) +id: 12 +display_order: 12 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F012_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S011_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch inside defined NA4 address + range with execute permissions and with L=0\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-11 (LOW-PRIO)\n [with + L=0 => FTR08-e2-1 (refers to FTR09-d1),\n - configure the PMP entry with + execute permissions for the PMP region\n - fetch an instruction from that + region (with exact address-matching)\n - check no access-fault exception]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F012_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S012_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch inside defined NA4 address + range without execute permissions and with L=0\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=0, L=0, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-12 (LOW-PRIO)\n [with + L=0 => FTR08-e2-1 (refers to FTR09-d1),\n - configure the PMP entry without + execute permissions for the PMP region\n - fetch an instruction from that + region (with exact address-matching)\n - check no access-fault exception]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F012_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S013_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch from outside defined + NA4 address range with execute permissions and with L=0\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from outside all PMP defined regions\n\ + \nCHECK\n - check no access-fault exception (Feature: \"no cfg matching\"\ + )\n\nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-13 (LOW-PRIO)\n [with + L=0 => FTR08-e2-1 (refers to FTR09-d1),\n - configure the PMP entry with + execute permissions for the PMP region\n - fetch an instruction from outside + all PMP defined regions\n - check no access-fault exception] //TODO: CHECK + IF M-MODE ALLOWED" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F012_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S014_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch inside defined NA4 address + range with execute permissions and with L=1\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-14 (HIGH-PRIO)\n [with + L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry with execute permissions for the PMP region\n - fetch an + instruction from that region (with exact address-matching)\n - check no + access-fault exception]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F012_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S015_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + fetch an instruction from a PMP region that does not have execute permissions + raises an instruction access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch inside defined NA4 address + range without execute permissions and with L=1\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=0, L=1, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-b\n[Attempting to fetch an instruction from a PMP region that does + not have execute permissions raises an instruction access-fault exception]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n \nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-15 (MEDIUM-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry without execute permissions for the PMP region\n - fetch + an instruction from that region (with exact address-matching)\n - check + instruction fetch access-fault exception raised => FTR04-b]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F012_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S016_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch from outside defined + NA4 address range with execute permissions and with L=1\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from outside all PMP defined regions\n\ + \nCHECK\n - check no access-fault exception (Feature: \"no cfg matching\"\ + )\n\nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-16 (HIGH-PRIO)\n [with + L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry with execute permissions for the PMP region\n - fetch an + instruction from outside all PMP defined regions\n - check no access-fault + exception] //TODO: CHECK IF M-MODE ALLOWED" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F012_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S021_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range with read permissions and with L=0\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n - + execute a load or load-reserved instruction from that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-21 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers to \ + \ FTR09-d1)\n - configure the PMP entry with read permissions for the PMP + region\n - execute a load or load-reserved instruction from that region + (with exact address-matching)\n - check no access-fault exception]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F012_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S022_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range without read permissions and with L=0\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=0, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n - + execute a load or load-reserved instruction from that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-22 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers to \ + \ FTR09-d1)\n - configure the PMP entry without read permissions for the + PMP region\n - execute a load or load-reserved instruction from that region + (with exact address-matching)\n - check no access-fault exception]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F012_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S023_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction from + outside defined NA4 address range with read permissions and with L=0\n \ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n\nCHECK\n - check no access-fault exception (Feature: \"no cfg + matching\")\n\nREUSABILITY\n - if possible, the PMP entry number (i) + is a configurable parameter\n - if possible, the PMP entry lock (L) is + a configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-23 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers to \ + \ FTR09-d1)\n - configure the PMP entry with read permissions for the PMP + region\n - execute a load or load-reserved instruction from outside all + PMP defined regions\n - check no access-fault exception] //TODO: CHECK + IF M-MODE ALLOWED" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F012_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S024_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range with read permissions and with L=1\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n - + execute a load or load-reserved instruction from that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-24 (HIGH-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry with read permissions + for the PMP region\n - execute a load or load-reserved instruction from + that region (with exact address-matching)\n - check no access-fault exception]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F012_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S025_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + execute a load or load-reserved instruction which accesses a physical address + within a PMP region without read permissions raises a load access-fault + exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range without read permissions and with L=1\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=1, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n - + execute a load or load-reserved instruction from that region (with exact + address-matching)\n\nCHECK\n - check load access-fault exception raised\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-c\n[Attempting to execute a load or load-reserved instruction which + accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\nFTR02-b1\n[the lowest-numbered + PMP CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nTST12-2x(group) => FTR01-f\n [PMP check on load or load-reserved instruction + where effective privilege mode is M:\n - choose a data readable pmp region + and address range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe + mandatorily the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + M mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST12-25 (MEDIUM-PRIO)\n[with L=1 => FTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry + without read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check load + access-fault exception raised => FTR04-c]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F012_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S026_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction from + outside defined NA4 address range with read permissions and with L=1\n \ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n\nCHECK\n - check no access-fault exception (Feature: \"no cfg + matching\")\n\nREUSABILITY\n - if possible, the PMP entry number (i) + is a configurable parameter\n - if possible, the PMP entry lock (L) is + a configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-26 (HIGH-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry with read permissions + for the PMP region\n - execute a load or load-reserved instruction from + outside all PMP defined regions\n - check no access-fault exception] //TODO: + CHECK IF M-MODE ALLOWED" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F012_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S031_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=0\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-31 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers + to FTR09-d1)\n - configure the PMP entry with write permissions for the + PMP region\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n - check no access-fault exception]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F012_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S032_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-32 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers + to FTR09-d1)\n - configure the PMP entry without write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to that region (with exact address-matching)\n - check no access-fault + exception]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F012_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S033_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n\nCHECK\n - check no access-fault exception + (Feature: \"no cfg matching\")\n\nREUSABILITY\n - if possible, the PMP + entry number (i) is a configurable parameter\n - if possible, the PMP + entry lock (L) is a configurable parameter\n - if possible, the PMP entry + permissions (R,W,X) are configurable parameters\n - if possible, the + PMP entry adress-matching mode (A) is a configurable parameter\n - if + possible, the PMP entry address range (pmpaddr) is a configurable parameter\n\ + \ - if possible, the PMP entry associated access address is a configurable + parameter\n - so a single CONFIGURATION function and a single ACCESS + function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-33 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers + to FTR09-d1)\n - configure the PMP entry with write permissions for the + PMP region\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n - check no access-fault exception] //TODO: + CHECK IF M-MODE ALLOWED" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F012_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S034_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=1\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-34 (HIGH-PRIO)\n[with L=1 => FTR08-e1 (refers + to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + no access-fault exception]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F012_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S035_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + execute a store, store-conditional, or AMO instruction which accesses a + physical address within a PMP region without write permissions raises a + store access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-d\n[Attempting to execute a store, store-conditional, or AMO instruction + which accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nFTR02-b1\n[the lowest-numbered + PMP CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \n TST12-3x(group) => FTR01-f\n [PMP check on store, store-conditional, + or AMO instruction where effective privilege mode is M:\n - choose a + data writable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access data store in M mode when the bit mstatus.MPRV=0]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST12-35 + (MEDIUM-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n\ + \ - configure the PMP entry without write permissions for the PMP region\n\ + \ - execute a store, store-conditional, or AMO instruction to that region + (with exact address-matching)\n - check store access-fault exception raised + => FTR04-d]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F012_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S036_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n\nCHECK\n - check no access-fault exception + (Feature: \"no cfg matching\")\n\nREUSABILITY\n - if possible, the PMP + entry number (i) is a configurable parameter\n - if possible, the PMP + entry lock (L) is a configurable parameter\n - if possible, the PMP entry + permissions (R,W,X) are configurable parameters\n - if possible, the + PMP entry adress-matching mode (A) is a configurable parameter\n - if + possible, the PMP entry address range (pmpaddr) is a configurable parameter\n\ + \ - if possible, the PMP entry associated access address is a configurable + parameter\n - so a single CONFIGURATION function and a single ACCESS + function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-36 (HIGH-PRIO)\n[with L=1 => FTR08-e1 (refers + to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n - check no access-fault + exception] //TODO: CHECK IF M-MODE ALLOWED" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F012_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S041_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range with read permissions and with L=0\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-41 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to FTR09-d1)\n\ + \ - configure the PMP entry with read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n - check no access-fault exception]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F012_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S042_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range without read permissions and with L=0\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=0, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-42 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to FTR09-d1)\n\ + \ - configure the PMP entry without read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n - check no access-fault exception]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F012_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S043_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction from + outside defined NA4 address range with read permissions and with L=0\n \ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from outside all PMP defined regions\n\nCHECK\n\ + \ - check no access-fault exception (Feature: \"no cfg matching\")\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-43 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to FTR09-d1)\n\ + \ - configure the PMP entry with read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F012_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S044_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range with read permissions and with L=1\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-44 (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers + to FTR09-d2-1),\n - configure the PMP entry with read permissions for the + PMP region\n - execute a load or load-reserved instruction from that region + (with exact address-matching)\n - check no access-fault exception]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F012_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S045_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + execute a load or load-reserved instruction which accesses a physical address + within a PMP region without read permissions raises a load access-fault + exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range without read permissions and with L=1\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=1, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check load access-fault exception raised\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-c\n[Attempting to execute a load or load-reserved instruction which + accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\nFTR02-b1\n[the lowest-numbered + PMP CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nTST12-4x(group) => FTR01-f\n [PMP check on load or load-reserved instruction + where effective privilege mode is M:\n - choose a data readable pmp region + and address range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe + mandatorily the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: + CHECK IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 + (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-45 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers + to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry without + read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check load + access-fault exception raised => FTR04-c]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F012_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S046_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction from + outside defined NA4 address range with read permissions and with L=1\n \ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from outside all PMP defined regions\n\nCHECK\n\ + \ - check no access-fault exception (Feature: \"no cfg matching\")\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-46 (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers + to FTR09-d2-1),\n - configure the PMP entry with read permissions for the + PMP region\n - execute a load or load-reserved instruction from outside + all PMP defined regions\n - check no access-fault exception] //TODO: CHECK + IF M-MODE ALLOWED" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F012_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S051_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=0\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-51 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to\ + \ FTR09-d1)\n - configure the PMP entry with write permissions for the + PMP region\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n - check no access-fault exception]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F012_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S052_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-52 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to\ + \ FTR09-d1)\n - configure the PMP entry without write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to that region (with exact address-matching)\n - check no access-fault + exception]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F012_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S053_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to outside all PMP defined + regions\n\nCHECK\n - check no access-fault exception (Feature: \"no cfg + matching\")\n\nREUSABILITY\n - if possible, the PMP entry number (i) + is a configurable parameter\n - if possible, the PMP entry lock (L) is + a configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-53 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to\ + \ FTR09-d1)\n - configure the PMP entry with write permissions for the + PMP region\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n - check no access-fault exception] //TODO: + CHECK IF M-MODE ALLOWED" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F012_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S054_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=1\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST12-54 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + no access-fault exception]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F012_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S055_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + execute a store, store-conditional, or AMO instruction which accesses a + physical address within a PMP region without write permissions raises a + store access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n\nCHECK\n - check store access-fault exception raised\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-d\n[Attempting to execute a store, store-conditional, or AMO instruction + which accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nFTR02-b1\n[the lowest-numbered + PMP CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \n TST12-5x(group) => FTR01-f\n [PMP check on store, store-conditional, + or AMO instruction where effective privilege mode is M:\n - choose a + data writable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access data store in any mode when the bit mstatus.MPRV=1 + and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\n TST12-55 (LOWEST-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry without write permissions for the PMP region\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n - check store access-fault exception raised => FTR04-d]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F012_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S056_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to outside all PMP defined + regions\n\nCHECK\n - check no access-fault exception (Feature: \"no cfg + matching\")\n\nREUSABILITY\n - if possible, the PMP entry number (i) + is a configurable parameter\n - if possible, the PMP entry lock (L) is + a configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST12-56 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n - check no access-fault + exception] //TODO: CHECK IF M-MODE ALLOWED" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP013.yml b/verif/docs/VerifPlans/PMP/VP_IP013.yml new file mode 100644 index 000000000..a0a659155 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP013.yml @@ -0,0 +1,1133 @@ +!Feature +next_elt_id: 30 +name: cfg NAPOT access S/U +id: 13 +display_order: 13 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F013_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S011_I000 + description: 'reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-11 (HIGH-PRIO)\n [same as TST11-11(group), but with pmpcfg(i).A=NAPOT]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F013_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S012_I000 + description: 'reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n [Attempting to fetch an instruction from a PMP region + that does not have execute permissions raises an instruction access-fault + exception]\n \n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-12 (MEDIUM-PRIO)\n [same as TST11-12(group), but with pmpcfg(i).A=NAPOT]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F013_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S013_I000 + description: 'reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-13 (MEDIUM-PRIO)\n [same as TST11-13(group), but with pmpcfg(i).A=NAPOT]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F013_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S014_I000 + description: 'reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-14 (LOW-PRIO)\n [same as TST11-14(group), but with pmpcfg(i).A=NAPOT]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F013_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S015_I000 + description: 'reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n[Attempting to fetch an instruction from a PMP region that + does not have execute permissions raises an instruction access-fault exception]\n\ + \n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-15 (LOW-PRIO)\n [same as TST11-15(group), but with pmpcfg(i).A=NAPOT]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F013_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S016_I000 + description: 'reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-16 (LOW-PRIO)\n [same as TST11-16(group), but with pmpcfg(i).A=NAPOT]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F013_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S021_I000 + description: 'reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-21 (HIGH-PRIO)\n [same as TST11-21(group), but with pmpcfg(i).A=NAPOT]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F013_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S022_I000 + description: 'reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=NAPOT]\nTST13-22 (MEDIUM-PRIO)\n [same as TST11-22(group), + but with pmpcfg(i).A=NAPOT]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F013_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S023_I000 + description: 'reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-23 (MEDIUM-PRIO)\n [same as TST11-23(group), but with pmpcfg(i).A=NAPOT]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F013_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S024_I000 + description: 'reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-24 (LOW-PRIO)\n [same as TST11-24(group), but with pmpcfg(i).A=NAPOT]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F013_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S025_I000 + description: 'reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=NAPOT]\n TST13-25 (LOW-PRIO)\n [same as TST11-25(group), + but with pmpcfg(i).A=NAPOT]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F013_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S026_I000 + description: 'reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-26 (LOW-PRIO)\n [same as TST11-26(group), but with pmpcfg(i).A=NAPOT]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F013_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S031_I000 + description: 'reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-31 (HIGH-PRIO)\n [same as TST11-31(group), but with pmpcfg(i).A=NAPOT]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F013_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S032_I000 + description: 'reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST13-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\nTST13-32 (MEDIUM-PRIO)\n\ + \ [same as TST11-32(group), but with pmpcfg(i).A=NAPOT]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F013_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S033_I000 + description: 'reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-33 (MEDIUM-PRIO)\n [same as TST11-33(group), but with pmpcfg(i).A=NAPOT]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F013_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S034_I000 + description: 'reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-34 (LOW-PRIO)\n [same as TST11-34(group), but with pmpcfg(i).A=NAPOT]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F013_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S035_I000 + description: 'reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST13-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\nTST13-35 (LOW-PRIO)\n\ + \ [same as TST11-35(group), but with pmpcfg(i).A=NAPOT]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F013_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S036_I000 + description: 'reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-36 (LOW-PRIO)\n [same as TST11-36(group), but with pmpcfg(i).A=NAPOT]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F013_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S041_I000 + description: 'reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-41 (LOWEST-PRIO)\n [same as TST11-41(group), but with pmpcfg(i).A=NAPOT]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F013_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S042_I000 + description: 'reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=NAPOT]\nTST13-42 (LOWEST-PRIO)\n [same as TST11-42(group), + but with pmpcfg(i).A=NAPOT]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F013_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S043_I000 + description: 'reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-43 (LOWEST-PRIO)\n [same as TST11-43(group), but with pmpcfg(i).A=NAPOT]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F013_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S044_I000 + description: 'reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-44 (LOWEST-PRIO)\n [same as TST11-44(group), but with pmpcfg(i).A=NAPOT]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F013_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S045_I000 + description: 'reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=NAPOT]\n TST13-45 (LOWEST-PRIO)\n [same as TST11-45(group), + but with pmpcfg(i).A=NAPOT]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F013_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S046_I000 + description: 'reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-46 (LOWEST-PRIO)\n [same as TST11-46(group), but with pmpcfg(i).A=NAPOT]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F013_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S051_I000 + description: 'reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-51 (LOWEST-PRIO)\n [same as TST11-51(group), but with pmpcfg(i).A=NAPOT]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F013_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S052_I000 + description: 'reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST13-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\nTST13-52 (LOWEST-PRIO)\n\ + \ [same as TST11-52(group), but with pmpcfg(i).A=NAPOT]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F013_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S053_I000 + description: 'reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-53 (LOWEST-PRIO)\n [same as TST11-53(group), but with pmpcfg(i).A=NAPOT]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F013_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S054_I000 + description: 'reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-54 (LOWEST-PRIO)\n [same as TST11-54(group), but with pmpcfg(i).A=NAPOT]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F013_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S055_I000 + description: 'reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST13-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\nTST13-55 (LOWEST-PRIO)\n\ + \ [same as TST11-55(group), but with pmpcfg(i).A=NAPOT]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F013_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S056_I000 + description: 'reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-56 (LOWEST-PRIO)\n [same as TST11-56(group), but with pmpcfg(i).A=NAPOT]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP014.yml b/verif/docs/VerifPlans/PMP/VP_IP014.yml new file mode 100644 index 000000000..6d5b1e0ba --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP014.yml @@ -0,0 +1,1119 @@ +!Feature +next_elt_id: 30 +name: cfg NAPOT access M +id: 14 +display_order: 14 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F014_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S011_I000 + description: 'reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-11 (LOW-PRIO)\n\ + \ [same as TST12-11(group), but with pmpcfg(i).A=NAPOT]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F014_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S012_I000 + description: 'reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-12 (LOW-PRIO)\n\ + \ [same as TST12-12(group), but with pmpcfg(i).A=NAPOT]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F014_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S013_I000 + description: 'reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-13 (LOW-PRIO)\n\ + \ [same as TST12-13(group), but with pmpcfg(i).A=NAPOT]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F014_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S014_I000 + description: 'reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-14 (HIGH-PRIO)\n\ + \ [same as TST12-14(group), but with pmpcfg(i).A=NAPOT]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F014_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S015_I000 + description: 'reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-b\n[Attempting to fetch an instruction from + a PMP region that does not have execute permissions raises an instruction + access-fault exception]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-15 (MEDIUM-PRIO)\n\ + \ [same as TST12-15(group), but with pmpcfg(i).A=NAPOT]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F014_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S016_I000 + description: 'reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-16 (HIGH-PRIO)\n\ + \ [same as TST12-16(group), but with pmpcfg(i).A=NAPOT]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F014_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S021_I000 + description: 'reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-21 (LOW-PRIO)\n\ + \ [same as TST12-21(group), but with pmpcfg(i).A=NAPOT]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F014_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S022_I000 + description: 'reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-22 (LOW-PRIO)\n\ + \ [same as TST12-22(group), but with pmpcfg(i).A=NAPOT]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F014_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S023_I000 + description: 'reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-23 (LOW-PRIO)\n\ + \ [same as TST12-23(group), but with pmpcfg(i).A=NAPOT]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F014_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S024_I000 + description: 'reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-24 (HIGH-PRIO)\n\ + \ [same as TST12-24(group), but with pmpcfg(i).A=NAPOT]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F014_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S025_I000 + description: 'reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST14-2x(group)\n [same as TST12-2x(group), but + with pmpcfg(i).A=NAPOT]\n TST14-25 (MEDIUM-PRIO)\n [same as TST12-25(group), + but with pmpcfg(i).A=NAPOT]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F014_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S026_I000 + description: 'reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-26 (HIGH-PRIO)\n\ + \ [same as TST12-26(group), but with pmpcfg(i).A=NAPOT]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F014_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S031_I000 + description: 'reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-31 (LOW-PRIO)\n\ + \ [same as TST12-31(group), but with pmpcfg(i).A=NAPOT]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F014_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S032_I000 + description: 'reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-32 (LOW-PRIO)\n\ + \ [same as TST12-32(group), but with pmpcfg(i).A=NAPOT]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F014_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S033_I000 + description: 'reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-33 (LOW-PRIO)\n\ + \ [same as TST12-33(group), but with pmpcfg(i).A=NAPOT]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F014_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S034_I000 + description: 'reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-34 (HIGH-PRIO)\n\ + \ [same as TST12-34(group), but with pmpcfg(i).A=NAPOT]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F014_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S035_I000 + description: 'reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST14-3x(group)\n [same as TST12-3x(group), + but with pmpcfg(i).A=NAPOT]\nTST14-35 (MEDIUM-PRIO)\n [same as TST12-35(group), + but with pmpcfg(i).A=NAPOT]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F014_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S036_I000 + description: 'reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-36 (HIGH-PRIO)\n\ + \ [same as TST12-36(group), but with pmpcfg(i).A=NAPOT]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F014_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S041_I000 + description: 'reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-41 (LOWEST-PRIO)\n\ + \ [same as TST12-41(group), but with pmpcfg(i).A=NAPOT]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F014_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S042_I000 + description: 'reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-42 (LOWEST-PRIO)\n\ + \ [same as TST12-42(group), but with pmpcfg(i).A=NAPOT]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F014_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S043_I000 + description: 'reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-43 (LOWEST-PRIO)\n\ + \ [same as TST12-43(group), but with pmpcfg(i).A=NAPOT]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F014_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S044_I000 + description: 'reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-44 (LOWEST-PRIO)\n\ + \ [same as TST12-44(group), but with pmpcfg(i).A=NAPOT]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F014_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S045_I000 + description: 'reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST14-4x(group)\n [same as TST12-4x(group), but + with pmpcfg(i).A=NAPOT]\n TST14-45 (LOWEST-PRIO)\n [same as TST12-45(group), + but with pmpcfg(i).A=NAPOT]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F014_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S046_I000 + description: 'reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-46 (LOWEST-PRIO)\n\ + \ [same as TST12-46(group), but with pmpcfg(i).A=NAPOT]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F014_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S051_I000 + description: 'reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-51 (LOWEST-PRIO)\n\ + \ [same as TST12-51(group), but with pmpcfg(i).A=NAPOT]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F014_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S052_I000 + description: 'reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-52 (LOWEST-PRIO)\n\ + \ [same as TST12-52(group), but with pmpcfg(i).A=NAPOT]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F014_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S053_I000 + description: 'reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-53 (LOWEST-PRIO)\n\ + \ [same as TST12-53(group), but with pmpcfg(i).A=NAPOT]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F014_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S054_I000 + description: 'reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-54 (LOWEST-PRIO)\n\ + \ [same as TST12-54(group), but with pmpcfg(i).A=NAPOT]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F014_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S055_I000 + description: 'reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST14-5x(group)\n [same as TST12-5x(group), + but with pmpcfg(i).A=NAPOT]\nTST14-55 (LOWEST-PRIO)\n [same as TST12-55(group), + but with pmpcfg(i).A=NAPOT]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F014_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S056_I000 + description: 'reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-56 (LOWEST-PRIO)\n\ + \ [same as TST12-56(group), but with pmpcfg(i).A=NAPOT]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP015.yml b/verif/docs/VerifPlans/PMP/VP_IP015.yml new file mode 100644 index 000000000..a84fd152c --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP015.yml @@ -0,0 +1,1502 @@ +!Feature +next_elt_id: 36 +name: cfg TOR access S/U +id: 15 +display_order: 15 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F015_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S011_I000 + description: 'reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-11 (HIGH-PRIO)\n [same as TST11-11(group), but with pmpcfg(i).A=TOR]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F015_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S012_I000 + description: 'reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n [Attempting to fetch an instruction from a PMP region + that does not have execute permissions raises an instruction access-fault + exception]\n \n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-12 (MEDIUM-PRIO)\n [same as TST11-12(group), but with pmpcfg(i).A=TOR]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F015_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S013_I000 + description: 'reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-13 (MEDIUM-PRIO)\n [same as TST11-13(group), but with pmpcfg(i).A=TOR]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F015_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S014_I000 + description: 'reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-14 (LOW-PRIO)\n [same as TST11-14(group), but with pmpcfg(i).A=TOR]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F015_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S015_I000 + description: 'reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n[Attempting to fetch an instruction from a PMP region that + does not have execute permissions raises an instruction access-fault exception]\n\ + \n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-15 (LOW-PRIO)\n [same as TST11-15(group), but with pmpcfg(i).A=TOR]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F015_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S016_I000 + description: 'reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-16 (LOW-PRIO)\n [same as TST11-16(group), but with pmpcfg(i).A=TOR]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F015_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S021_I000 + description: 'reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-21 (HIGH-PRIO)\n [same as TST11-21(group), but with pmpcfg(i).A=TOR]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F015_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S022_I000 + description: 'reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=TOR]\nTST15-22 (MEDIUM-PRIO)\n [same as TST11-22(group), + but with pmpcfg(i).A=TOR]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F015_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S023_I000 + description: 'reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-23 (MEDIUM-PRIO)\n [same as TST11-23(group), but with pmpcfg(i).A=TOR]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F015_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S024_I000 + description: 'reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-24 (LOW-PRIO)\n [same as TST11-24(group), but with pmpcfg(i).A=TOR]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F015_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S025_I000 + description: 'reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=TOR]\n TST15-25 (LOW-PRIO)\n [same as TST11-25(group), + but with pmpcfg(i).A=TOR]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F015_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S026_I000 + description: 'reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-26 (LOW-PRIO)\n [same as TST11-26(group), but with pmpcfg(i).A=TOR]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F015_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S031_I000 + description: 'reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-31 (HIGH-PRIO)\n [same as TST11-31(group), but with pmpcfg(i).A=TOR]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F015_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S032_I000 + description: 'reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST15-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\nTST15-32 (MEDIUM-PRIO)\n\ + \ [same as TST11-32(group), but with pmpcfg(i).A=TOR]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F015_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S033_I000 + description: 'reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-33 (MEDIUM-PRIO)\n [same as TST11-33(group), but with pmpcfg(i).A=TOR]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F015_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S034_I000 + description: 'reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-34 (LOW-PRIO)\n [same as TST11-34(group), but with pmpcfg(i).A=TOR]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F015_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S035_I000 + description: 'reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST15-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\nTST15-35 (LOW-PRIO)\n\ + \ [same as TST11-35(group), but with pmpcfg(i).A=TOR]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F015_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S036_I000 + description: 'reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-36 (LOW-PRIO)\n [same as TST11-36(group), but with pmpcfg(i).A=TOR]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F015_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S041_I000 + description: 'reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=TOR]\n + TST15-41 (LOWEST-PRIO)\n [same as TST11-41(group), but with pmpcfg(i).A=TOR]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F015_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S042_I000 + description: 'reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=TOR]\nTST15-42 (LOWEST-PRIO)\n [same as TST11-42(group), + but with pmpcfg(i).A=TOR]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F015_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S043_I000 + description: 'reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=TOR]\n + TST15-43 (LOWEST-PRIO)\n [same as TST11-43(group), but with pmpcfg(i).A=TOR]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F015_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S044_I000 + description: 'reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=TOR]\n + TST15-44 (LOWEST-PRIO)\n [same as TST11-44(group), but with pmpcfg(i).A=TOR]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F015_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S045_I000 + description: 'reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=TOR]\n TST15-45 (LOWEST-PRIO)\n [same as TST11-45(group), + but with pmpcfg(i).A=TOR]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F015_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S046_I000 + description: 'reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=TOR]\n + TST15-46 (LOWEST-PRIO)\n [same as TST11-46(group), but with pmpcfg(i).A=TOR]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F015_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S051_I000 + description: 'reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\n + TST15-51 (LOWEST-PRIO)\n [same as TST11-51(group), but with pmpcfg(i).A=TOR]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F015_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S052_I000 + description: 'reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST15-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\nTST15-52 (LOWEST-PRIO)\n\ + \ [same as TST11-52(group), but with pmpcfg(i).A=TOR]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F015_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S053_I000 + description: 'reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\n + TST15-53 (LOWEST-PRIO)\n [same as TST11-53(group), but with pmpcfg(i).A=TOR]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F015_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S054_I000 + description: 'reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\n + TST15-54 (LOWEST-PRIO)\n [same as TST11-54(group), but with pmpcfg(i).A=TOR]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F015_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S055_I000 + description: 'reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST15-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\nTST15-55 (LOWEST-PRIO)\n\ + \ [same as TST11-55(group), but with pmpcfg(i).A=TOR]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F015_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S056_I000 + description: 'reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\n + TST15-56 (LOWEST-PRIO)\n [same as TST11-56(group), but with pmpcfg(i).A=TOR]" +- 030_fetch_L0_X1_addr_forbidden: !Subfeature + name: 030_fetch_L0_X1_addr_forbidden + tag: VP_PMP_F015_S061 + next_elt_id: 1 + display_order: 30 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S061_I000 + description: "reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check instruction fetch access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-11 (LOW-PRIO)\n [same as TST11-11(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 031_fetch_L1_X1_addr_forbidden: !Subfeature + name: 031_fetch_L1_X1_addr_forbidden + tag: VP_PMP_F015_S062 + next_elt_id: 1 + display_order: 31 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S062_I000 + description: "reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check instruction fetch access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-14 (LOW-PRIO)\n [same as TST11-14(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 032_load_L0_R1_addr_forbidden: !Subfeature + name: 032_load_L0_R1_addr_forbidden + tag: VP_PMP_F015_S063 + next_elt_id: 1 + display_order: 32 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S063_I000 + description: "reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check load access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-21 (HIGH-PRIO)\n [same as TST11-21(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 033_load_L1_R1_addr_forbidden: !Subfeature + name: 033_load_L1_R1_addr_forbidden + tag: VP_PMP_F015_S064 + next_elt_id: 1 + display_order: 33 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S064_I000 + description: "reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check load access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-24 (LOW-PRIO)\n [same as TST11-24(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 034_store_L0_W1_addr_forbidden: !Subfeature + name: 034_store_L0_W1_addr_forbidden + tag: VP_PMP_F015_S065 + next_elt_id: 1 + display_order: 34 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S065_I000 + description: "reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check store access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-31 (HIGH-PRIO)\n [same as TST11-31(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 035_store_L1_W1_addr_forbidden: !Subfeature + name: 035_store_L1_W1_addr_forbidden + tag: VP_PMP_F015_S066 + next_elt_id: 1 + display_order: 35 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S066_I000 + description: "reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check store access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-34 (LOW-PRIO)\n [same as TST11-34(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP016.yml b/verif/docs/VerifPlans/PMP/VP_IP016.yml new file mode 100644 index 000000000..e19027450 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP016.yml @@ -0,0 +1,1482 @@ +!Feature +next_elt_id: 36 +name: cfg TOR access M +id: 16 +display_order: 16 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F016_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S011_I000 + description: 'reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-11 (LOW-PRIO)\n\ + \ [same as TST12-11(group), but with pmpcfg(i).A=TOR]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F016_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S012_I000 + description: 'reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-12 (LOW-PRIO)\n\ + \ [same as TST12-12(group), but with pmpcfg(i).A=TOR]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F016_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S013_I000 + description: 'reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-13 (LOW-PRIO)\n\ + \ [same as TST12-13(group), but with pmpcfg(i).A=TOR]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F016_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S014_I000 + description: 'reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-14 (HIGH-PRIO)\n\ + \ [same as TST12-14(group), but with pmpcfg(i).A=TOR]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F016_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S015_I000 + description: 'reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-b\n[Attempting to fetch an instruction from + a PMP region that does not have execute permissions raises an instruction + access-fault exception]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-15 (MEDIUM-PRIO)\n\ + \ [same as TST12-15(group), but with pmpcfg(i).A=TOR]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F016_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S016_I000 + description: 'reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-16 (HIGH-PRIO)\n\ + \ [same as TST12-16(group), but with pmpcfg(i).A=TOR]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F016_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S021_I000 + description: 'reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-21 (LOW-PRIO)\n\ + \ [same as TST12-21(group), but with pmpcfg(i).A=TOR]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F016_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S022_I000 + description: 'reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-22 (LOW-PRIO)\n\ + \ [same as TST12-22(group), but with pmpcfg(i).A=TOR]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F016_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S023_I000 + description: 'reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-23 (LOW-PRIO)\n\ + \ [same as TST12-23(group), but with pmpcfg(i).A=TOR]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F016_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S024_I000 + description: 'reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-24 (HIGH-PRIO)\n\ + \ [same as TST12-24(group), but with pmpcfg(i).A=TOR]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F016_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S025_I000 + description: 'reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST16-2x(group)\n [same as TST12-2x(group), but + with pmpcfg(i).A=TOR]\n TST16-25 (MEDIUM-PRIO)\n [same as TST12-25(group), + but with pmpcfg(i).A=TOR]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F016_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S026_I000 + description: 'reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-26 (HIGH-PRIO)\n\ + \ [same as TST12-26(group), but with pmpcfg(i).A=TOR]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F016_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S031_I000 + description: 'reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-31 (LOW-PRIO)\n\ + \ [same as TST12-31(group), but with pmpcfg(i).A=TOR]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F016_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S032_I000 + description: 'reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-32 (LOW-PRIO)\n\ + \ [same as TST12-32(group), but with pmpcfg(i).A=TOR]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F016_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S033_I000 + description: 'reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-33 (LOW-PRIO)\n\ + \ [same as TST12-33(group), but with pmpcfg(i).A=TOR]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F016_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S034_I000 + description: 'reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-34 (HIGH-PRIO)\n\ + \ [same as TST12-34(group), but with pmpcfg(i).A=TOR]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F016_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S035_I000 + description: 'reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST16-3x(group)\n [same as TST12-3x(group), + but with pmpcfg(i).A=TOR]\nTST16-35 (MEDIUM-PRIO)\n [same as TST12-35(group), + but with pmpcfg(i).A=TOR]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F016_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S036_I000 + description: 'reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-36 (HIGH-PRIO)\n\ + \ [same as TST12-36(group), but with pmpcfg(i).A=TOR]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F016_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S041_I000 + description: 'reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-41 (LOWEST-PRIO)\n\ + \ [same as TST12-41(group), but with pmpcfg(i).A=TOR]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F016_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S042_I000 + description: 'reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-42 (LOWEST-PRIO)\n\ + \ [same as TST12-42(group), but with pmpcfg(i).A=TOR]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F016_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S043_I000 + description: 'reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-43 (LOWEST-PRIO)\n\ + \ [same as TST12-43(group), but with pmpcfg(i).A=TOR]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F016_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S044_I000 + description: 'reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-44 (LOWEST-PRIO)\n\ + \ [same as TST12-44(group), but with pmpcfg(i).A=TOR]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F016_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S045_I000 + description: 'reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST16-4x(group)\n [same as TST12-4x(group), but + with pmpcfg(i).A=TOR]\n TST16-45 (LOWEST-PRIO)\n [same as TST12-45(group), + but with pmpcfg(i).A=TOR]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F016_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S046_I000 + description: 'reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-46 (LOWEST-PRIO)\n\ + \ [same as TST12-46(group), but with pmpcfg(i).A=TOR]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F016_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S051_I000 + description: 'reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-51 (LOWEST-PRIO)\n\ + \ [same as TST12-51(group), but with pmpcfg(i).A=TOR]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F016_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S052_I000 + description: 'reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-52 (LOWEST-PRIO)\n\ + \ [same as TST12-52(group), but with pmpcfg(i).A=TOR]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F016_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S053_I000 + description: 'reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-53 (LOWEST-PRIO)\n\ + \ [same as TST12-53(group), but with pmpcfg(i).A=TOR]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F016_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S054_I000 + description: 'reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-54 (LOWEST-PRIO)\n\ + \ [same as TST12-54(group), but with pmpcfg(i).A=TOR]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F016_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S055_I000 + description: 'reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST16-5x(group)\n [same as TST12-5x(group), + but with pmpcfg(i).A=TOR]\nTST16-55 (LOWEST-PRIO)\n [same as TST12-55(group), + but with pmpcfg(i).A=TOR]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F016_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S056_I000 + description: 'reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-56 (LOWEST-PRIO)\n\ + \ [same as TST12-56(group), but with pmpcfg(i).A=TOR]" +- 030_fetch_L0_X1_addr_forbidden: !Subfeature + name: 030_fetch_L0_X1_addr_forbidden + tag: VP_PMP_F016_S061 + next_elt_id: 1 + display_order: 30 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S061_I000 + description: "reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\n TST16-11 (LOW-PRIO)\n\ + \ [same as TST12-11(group), but with pmpcfg(i).A=TOR]\n \n\n//TO COMPLETE + => FTR06-b\nTST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 031_fetch_L1_X1_addr_forbidden: !Subfeature + name: 031_fetch_L1_X1_addr_forbidden + tag: VP_PMP_F016_S062 + next_elt_id: 1 + display_order: 31 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S062_I000 + description: "reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-14 (LOW-PRIO)\n\ + \ [same as TST12-14(group), but with pmpcfg(i).A=TOR]\n\n\n//TO COMPLETE + => FTR06-b\n TST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 032_load_L0_R1_addr_forbidden: !Subfeature + name: 032_load_L0_R1_addr_forbidden + tag: VP_PMP_F016_S063 + next_elt_id: 1 + display_order: 32 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S063_I000 + description: "reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\n TST16-21 (HIGH-PRIO)\n\ + \ [same as TST12-21(group), but with pmpcfg(i).A=TOR]\n \n\n//TO COMPLETE + => FTR06-b\nTST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 033_load_L1_R1_addr_forbidden: !Subfeature + name: 033_load_L1_R1_addr_forbidden + tag: VP_PMP_F016_S064 + next_elt_id: 1 + display_order: 33 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S064_I000 + description: "reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-24 (LOW-PRIO)\n\ + \ [same as TST12-24(group), but with pmpcfg(i).A=TOR]\n\n\n//TO COMPLETE + => FTR06-b\n TST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 034_store_L0_W1_addr_forbidden: !Subfeature + name: 034_store_L0_W1_addr_forbidden + tag: VP_PMP_F016_S065 + next_elt_id: 1 + display_order: 34 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S065_I000 + description: "reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\n TST16-31 (HIGH-PRIO)\n\ + \ [same as TST12-31(group), but with pmpcfg(i).A=TOR]\n \n\n//TO COMPLETE + => FTR06-b\nTST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 035_store_L1_W1_addr_forbidden: !Subfeature + name: 035_store_L1_W1_addr_forbidden + tag: VP_PMP_F016_S066 + next_elt_id: 1 + display_order: 35 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S066_I000 + description: "reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-34 (LOW-PRIO)\n\ + \ [same as TST12-34(group), but with pmpcfg(i).A=TOR]\n\n\n//TO COMPLETE + => FTR06-b\n TST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP017.yml b/verif/docs/VerifPlans/PMP/VP_IP017.yml new file mode 100644 index 000000000..3a3989a73 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP017.yml @@ -0,0 +1,1153 @@ +!Feature +next_elt_id: 30 +name: cfg OFF access S/U +id: 17 +display_order: 17 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F017_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S011_I000 + description: 'reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check instruction fetch + access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-11 (HIGH-PRIO)\n [same as TST11-11(group), but with pmpcfg(i).A=OFF\n\ + \ - check instruction fetch access-fault exception raised]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F017_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S012_I000 + description: 'reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n [Attempting to fetch an instruction from a PMP region + that does not have execute permissions raises an instruction access-fault + exception]\n \n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-12 (MEDIUM-PRIO)\n [same as TST11-12(group), but with pmpcfg(i).A=OFF]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F017_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S013_I000 + description: 'reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-13 (MEDIUM-PRIO)\n [same as TST11-13(group), but with pmpcfg(i).A=OFF]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F017_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S014_I000 + description: 'reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check instruction fetch + access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-14 (LOW-PRIO)\n [same as TST11-14(group), but with pmpcfg(i).A=OFF\n\ + \ - check instruction fetch access-fault exception raised]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F017_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S015_I000 + description: 'reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n[Attempting to fetch an instruction from a PMP region that + does not have execute permissions raises an instruction access-fault exception]\n\ + \n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-15 (LOW-PRIO)\n [same as TST11-15(group), but with pmpcfg(i).A=OFF]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F017_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S016_I000 + description: 'reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-16 (LOW-PRIO)\n [same as TST11-16(group), but with pmpcfg(i).A=OFF]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F017_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S021_I000 + description: 'reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check load access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=OFF]\n + TST17-21 (HIGH-PRIO)\n [same as TST11-21(group), but with pmpcfg(i).A=OFF\n\ + \ - check load access-fault exception raised]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F017_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S022_I000 + description: 'reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=OFF]\nTST17-22 (MEDIUM-PRIO)\n [same as TST11-22(group), + but with pmpcfg(i).A=OFF]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F017_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S023_I000 + description: 'reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=OFF]\n + TST17-23 (MEDIUM-PRIO)\n [same as TST11-23(group), but with pmpcfg(i).A=OFF]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F017_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S024_I000 + description: 'reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check load access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=OFF]\n + TST17-24 (LOW-PRIO)\n [same as TST11-24(group), but with pmpcfg(i).A=OFF\n\ + \ - check load access-fault exception raised]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F017_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S025_I000 + description: 'reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=OFF]\n TST17-25 (LOW-PRIO)\n [same as TST11-25(group), + but with pmpcfg(i).A=OFF]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F017_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S026_I000 + description: 'reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=OFF]\n + TST17-26 (LOW-PRIO)\n [same as TST11-26(group), but with pmpcfg(i).A=OFF]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F017_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S031_I000 + description: 'reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check store access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\n + TST17-31 (HIGH-PRIO)\n [same as TST11-31(group), but with pmpcfg(i).A=OFF\n\ + \ - check store access-fault exception raised]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F017_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S032_I000 + description: 'reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST17-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\nTST17-32 (MEDIUM-PRIO)\n\ + \ [same as TST11-32(group), but with pmpcfg(i).A=OFF]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F017_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S033_I000 + description: 'reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\n + TST17-33 (MEDIUM-PRIO)\n [same as TST11-33(group), but with pmpcfg(i).A=OFF]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F017_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S034_I000 + description: 'reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check store access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\n + TST17-34 (LOW-PRIO)\n [same as TST11-34(group), but with pmpcfg(i).A=OFF\n\ + \ - check store access-fault exception raised]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F017_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S035_I000 + description: 'reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST17-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\nTST17-35 (LOW-PRIO)\n\ + \ [same as TST11-35(group), but with pmpcfg(i).A=OFF]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F017_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S036_I000 + description: 'reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\n + TST17-36 (LOW-PRIO)\n [same as TST11-36(group), but with pmpcfg(i).A=OFF]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F017_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S041_I000 + description: 'reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check load access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=OFF]\n + TST17-41 (LOWEST-PRIO)\n [same as TST11-41(group), but with pmpcfg(i).A=OFF\n\ + \ - check load access-fault exception raised]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F017_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S042_I000 + description: 'reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=OFF]\nTST17-42 (LOWEST-PRIO)\n [same as TST11-42(group), + but with pmpcfg(i).A=OFF]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F017_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S043_I000 + description: 'reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=OFF]\n + TST17-43 (LOWEST-PRIO)\n [same as TST11-43(group), but with pmpcfg(i).A=OFF]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F017_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S044_I000 + description: 'reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check load access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=OFF]\n + TST17-44 (LOWEST-PRIO)\n [same as TST11-44(group), but with pmpcfg(i).A=OFF\n\ + \ - check load access-fault exception raised]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F017_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S045_I000 + description: 'reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=OFF]\n TST17-45 (LOWEST-PRIO)\n [same as TST11-45(group), + but with pmpcfg(i).A=OFF]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F017_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S046_I000 + description: 'reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=OFF]\n + TST17-46 (LOWEST-PRIO)\n [same as TST11-46(group), but with pmpcfg(i).A=OFF]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F017_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S051_I000 + description: 'reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check store access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\n + TST17-51 (LOWEST-PRIO)\n [same as TST11-51(group), but with pmpcfg(i).A=OFF\n\ + \ - check store access-fault exception raised]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F017_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S052_I000 + description: 'reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST17-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\nTST17-52 (LOWEST-PRIO)\n\ + \ [same as TST11-52(group), but with pmpcfg(i).A=OFF]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F017_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S053_I000 + description: 'reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\n + TST17-53 (LOWEST-PRIO)\n [same as TST11-53(group), but with pmpcfg(i).A=OFF]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F017_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S054_I000 + description: 'reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check store access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\n + TST17-54 (LOWEST-PRIO)\n [same as TST11-54(group), but with pmpcfg(i).A=OFF\n\ + \ - check store access-fault exception raised]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F017_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S055_I000 + description: 'reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST17-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\nTST17-55 (LOWEST-PRIO)\n\ + \ [same as TST11-55(group), but with pmpcfg(i).A=OFF]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F017_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S056_I000 + description: 'reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\n + TST17-56 (LOWEST-PRIO)\n [same as TST11-56(group), but with pmpcfg(i).A=OFF]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP018.yml b/verif/docs/VerifPlans/PMP/VP_IP018.yml new file mode 100644 index 000000000..f0183d418 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP018.yml @@ -0,0 +1,1129 @@ +!Feature +next_elt_id: 30 +name: cfg OFF access M +id: 18 +display_order: 18 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F018_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S011_I000 + description: 'reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-11 (LOW-PRIO)\n\ + \ [same as TST12-11(group), but with pmpcfg(i).A=OFF]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F018_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S012_I000 + description: 'reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-12 (LOW-PRIO)\n\ + \ [same as TST12-12(group), but with pmpcfg(i).A=OFF]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F018_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S013_I000 + description: 'reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-13 (LOW-PRIO)\n\ + \ [same as TST12-13(group), but with pmpcfg(i).A=OFF]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F018_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S014_I000 + description: 'reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-14 (HIGH-PRIO)\n\ + \ [same as TST12-14(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F018_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S015_I000 + description: 'reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-b\n[Attempting to fetch an instruction from + a PMP region that does not have execute permissions raises an instruction + access-fault exception]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-15 (MEDIUM-PRIO)\n\ + \ [same as TST12-15(group), but with pmpcfg(i).A=OFF]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F018_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S016_I000 + description: 'reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-16 (HIGH-PRIO)\n\ + \ [same as TST12-16(group), but with pmpcfg(i).A=OFF]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F018_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S021_I000 + description: 'reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-21 (LOW-PRIO)\n\ + \ [same as TST12-21(group), but with pmpcfg(i).A=OFF]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F018_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S022_I000 + description: 'reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-22 (LOW-PRIO)\n\ + \ [same as TST12-22(group), but with pmpcfg(i).A=OFF]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F018_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S023_I000 + description: 'reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-23 (LOW-PRIO)\n\ + \ [same as TST12-23(group), but with pmpcfg(i).A=OFF]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F018_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S024_I000 + description: 'reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-24 (HIGH-PRIO)\n\ + \ [same as TST12-24(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F018_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S025_I000 + description: 'reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST18-2x(group)\n [same as TST12-2x(group), but + with pmpcfg(i).A=OFF]\n TST18-25 (MEDIUM-PRIO)\n [same as TST12-25(group), + but with pmpcfg(i).A=OFF]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F018_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S026_I000 + description: 'reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-26 (HIGH-PRIO)\n\ + \ [same as TST12-26(group), but with pmpcfg(i).A=OFF]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F018_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S031_I000 + description: 'reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-31 (LOW-PRIO)\n\ + \ [same as TST12-31(group), but with pmpcfg(i).A=OFF]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F018_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S032_I000 + description: 'reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-32 (LOW-PRIO)\n\ + \ [same as TST12-32(group), but with pmpcfg(i).A=OFF]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F018_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S033_I000 + description: 'reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-33 (LOW-PRIO)\n\ + \ [same as TST12-33(group), but with pmpcfg(i).A=OFF]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F018_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S034_I000 + description: 'reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-34 (HIGH-PRIO)\n\ + \ [same as TST12-34(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F018_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S035_I000 + description: 'reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST18-3x(group)\n [same as TST12-3x(group), + but with pmpcfg(i).A=OFF]\nTST18-35 (MEDIUM-PRIO)\n [same as TST12-35(group), + but with pmpcfg(i).A=OFF]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F018_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S036_I000 + description: 'reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-36 (HIGH-PRIO)\n\ + \ [same as TST12-36(group), but with pmpcfg(i).A=OFF]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F018_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S041_I000 + description: 'reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-41 (LOWEST-PRIO)\n\ + \ [same as TST12-41(group), but with pmpcfg(i).A=OFF]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F018_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S042_I000 + description: 'reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-42 (LOWEST-PRIO)\n\ + \ [same as TST12-42(group), but with pmpcfg(i).A=OFF]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F018_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S043_I000 + description: 'reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-43 (LOWEST-PRIO)\n\ + \ [same as TST12-43(group), but with pmpcfg(i).A=OFF]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F018_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S044_I000 + description: 'reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-44 (LOWEST-PRIO)\n\ + \ [same as TST12-44(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F018_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S045_I000 + description: 'reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST18-4x(group)\n [same as TST12-4x(group), but + with pmpcfg(i).A=OFF]\n TST18-45 (LOWEST-PRIO)\n [same as TST12-45(group), + but with pmpcfg(i).A=OFF]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F018_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S046_I000 + description: 'reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-46 (LOWEST-PRIO)\n\ + \ [same as TST12-46(group), but with pmpcfg(i).A=OFF]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F018_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S051_I000 + description: 'reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-51 (LOWEST-PRIO)\n\ + \ [same as TST12-51(group), but with pmpcfg(i).A=OFF]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F018_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S052_I000 + description: 'reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-52 (LOWEST-PRIO)\n\ + \ [same as TST12-52(group), but with pmpcfg(i).A=OFF]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F018_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S053_I000 + description: 'reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-53 (LOWEST-PRIO)\n\ + \ [same as TST12-53(group), but with pmpcfg(i).A=OFF]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F018_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S054_I000 + description: 'reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-54 (LOWEST-PRIO)\n\ + \ [same as TST12-54(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F018_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S055_I000 + description: 'reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST18-5x(group)\n [same as TST12-5x(group), + but with pmpcfg(i).A=OFF]\nTST18-55 (LOWEST-PRIO)\n [same as TST12-55(group), + but with pmpcfg(i).A=OFF]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F018_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S056_I000 + description: 'reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-56 (LOWEST-PRIO)\n\ + \ [same as TST12-56(group), but with pmpcfg(i).A=OFF]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP019.yml b/verif/docs/VerifPlans/PMP/VP_IP019.yml new file mode 100644 index 000000000..76d9a7ad6 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP019.yml @@ -0,0 +1,525 @@ +!Feature +next_elt_id: 20 +name: cfg NA4 not selectable +id: 19 +display_order: 19 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F019_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S011_I000 + description: 'reuse of VP_PMP_F019_S011_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check instruction fetch access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 001_fetch_L1_X1_addr_hit: !Subfeature + name: 001_fetch_L1_X1_addr_hit + tag: VP_PMP_F019_S014 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S014_I000 + description: 'reuse of VP_PMP_F019_S014_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check instruction fetch access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 002_load_L0_R1_addr_hit: !Subfeature + name: 002_load_L0_R1_addr_hit + tag: VP_PMP_F019_S021 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S021_I000 + description: 'reuse of VP_PMP_F019_S021_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check load access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 003_load_L1_R1_addr_hit: !Subfeature + name: 003_load_L1_R1_addr_hit + tag: VP_PMP_F019_S024 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S024_I000 + description: 'reuse of VP_PMP_F019_S024_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check load access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 004_store_L0_W1_addr_hit: !Subfeature + name: 004_store_L0_W1_addr_hit + tag: VP_PMP_F019_S031 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S031_I000 + description: 'reuse of VP_PMP_F019_S031_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 005_store_L1_W1_addr_hit: !Subfeature + name: 005_store_L1_W1_addr_hit + tag: VP_PMP_F019_S034 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S034_I000 + description: 'reuse of VP_PMP_F019_S034_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 006_load_MPP_L0_R1_addr_hit: !Subfeature + name: 006_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F019_S041 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S041_I000 + description: 'reuse of VP_PMP_F019_S041_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check load access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 007_load_MPP_L1_R1_addr_hit: !Subfeature + name: 007_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F019_S044 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S044_I000 + description: 'reuse of VP_PMP_F019_S044_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check load access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 008_store_MPP_L0_W1_addr_hit: !Subfeature + name: 008_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F019_S051 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S051_I000 + description: 'reuse of VP_PMP_F019_S051_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 009_store_MPP_L1_W1_addr_hit: !Subfeature + name: 009_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F019_S054 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S054_I000 + description: 'reuse of VP_PMP_F019_S054_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 010_fetch_L0_X1_addr_hit: !Subfeature + name: 010_fetch_L0_X1_addr_hit + tag: VP_PMP_F019_S011 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S011_I000 + description: 'reuse of VP_PMP_F019_S011_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 011_fetch_L1_X1_addr_hit: !Subfeature + name: 011_fetch_L1_X1_addr_hit + tag: VP_PMP_F019_S014 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S014_I000 + description: 'reuse of VP_PMP_F019_S014_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 012_load_L0_R1_addr_hit: !Subfeature + name: 012_load_L0_R1_addr_hit + tag: VP_PMP_F019_S021 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S021_I000 + description: 'reuse of VP_PMP_F019_S021_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 013_load_L1_R1_addr_hit: !Subfeature + name: 013_load_L1_R1_addr_hit + tag: VP_PMP_F019_S024 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S024_I000 + description: 'reuse of VP_PMP_F019_S024_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 014_store_L0_W1_addr_hit: !Subfeature + name: 014_store_L0_W1_addr_hit + tag: VP_PMP_F019_S031 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S031_I000 + description: 'reuse of VP_PMP_F019_S031_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F019_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S034_I000 + description: 'reuse of VP_PMP_F019_S034_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 016_load_MPP_L0_R1_addr_hit: !Subfeature + name: 016_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F019_S041 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S041_I000 + description: 'reuse of VP_PMP_F019_S041_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 017_load_MPP_L1_R1_addr_hit: !Subfeature + name: 017_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F019_S044 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S044_I000 + description: 'reuse of VP_PMP_F019_S044_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 018_store_MPP_L0_W1_addr_hit: !Subfeature + name: 018_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F019_S051 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S051_I000 + description: 'reuse of VP_PMP_F019_S051_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 019_store_MPP_L1_W1_addr_hit: !Subfeature + name: 019_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F019_S054 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S054_I000 + description: 'reuse of VP_PMP_F019_S054_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP021.yml b/verif/docs/VerifPlans/PMP/VP_IP021.yml new file mode 100644 index 000000000..673688102 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP021.yml @@ -0,0 +1,376 @@ +!Feature +next_elt_id: 6 +name: multi entries NA4 +id: 21 +display_order: 21 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F021_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg NA4 access S/U/M\")\n - make sure the pmp entries address ranges + are not overlapping/intersecting\n - NB: obviously, pmp entry configurations + with different mstatus.MPRV/MPP values cannot be mixed in same test\n\n\ + CHECK\n - for each pmp entry, we should obtain the expected CHECK result\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST21(group)\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST21-1 = extension of (TST11-11, TST11-21, + TST11-31, TST11-41, TST11-51,\n TST11-12, TST11-22, + TST11-32, TST11-42, TST11-52,\n TST11-13, TST11-23, + TST11-33, TST11-43, TST11-53,\n TST11-14, TST11-24, + TST11-34, TST11-44, TST11-54,\n TST11-15, TST11-25, + TST11-35, TST11-45, TST11-55,\n TST11-16, TST11-26, + TST11-36, TST11-46, TST11-56,\n TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n TST12-13, TST12-23, + TST12-33, TST12-43, TST12-53,\n TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n TST12-15, TST12-25, + TST12-35, TST12-45, TST12-55,\n TST12-16, TST12-26, + TST12-36, TST12-46, TST12-56)\n[configure only one (any, but the first one) + PMP entry\n - use A=NA4 for the PMP entry configuration\n - execute the + chosen kind of access\n - should be same result]" +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F021_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F021_S001_I000 feature + description (Cf. Feature: \"multi entries NA4\")" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST21(group)\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST21-2 = extension of compatible pair + of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51,\n \ + \ \t\t\t\t\t\t\t\t\t TST11-12, TST11-22, TST11-32, TST11-42, TST11-52,\n\ + \ \t\t\t\t\t\t\t\t\t TST11-13, TST11-23, TST11-33, + TST11-43, TST11-53,\n \t\t\t\t\t\t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n \ + \ \t\t\t\t \t\t\t\t\t TST11-16, TST11-26, TST11-36, TST11-46, + TST11-56,\n \t\t\t\t\t\t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52,\n \ + \ \t\t\t\t\t\t\t\t\t TST12-13, TST12-23, TST12-33, TST12-43, TST12-53,\n\ + \ \t\t\t\t\t\t\t\t\t TST12-14, TST12-24, TST12-34, + TST12-44, TST12-54,\n \t\t\t\t\t\t\t\t\t TST12-15, + TST12-25, TST12-35, TST12-45, TST12-55,\n \t\t\t\t + \t\t\t\t\t TST12-16, TST12-26, TST12-36, TST12-46, TST12-56)\n[configure + 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first + PMP entry)\n - use A=NA4 for each PMP entry configuration\n - execute + the 2 kinds of accesses (if possible to chain due to potential access-fault + exception)\n - should be same 2 results]" +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F021_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST21(group)\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST21-3 = extension of compatible group(N) + of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST11-12, TST11-22, TST11-32, TST11-42, + TST11-52,\n \t\t\t\t\t\t\t\t\t\t\t TST11-13, TST11-23, + TST11-33, TST11-43, TST11-53,\n \t\t\t\t\t\t\t\t\t + \t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, + TST11-55,\n \t\t\t\t\t\t\t\t\t\t\t TST11-16, TST11-26, + TST11-36, TST11-46, TST11-56,\n \t\t\t\t\t\t\t\t\t + \t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST12-12, TST12-22, TST12-32, TST12-42, + TST12-52,\n \t\t\t\t\t\t\t\t\t\t\t TST12-13, TST12-23, + TST12-33, TST12-43, TST12-53,\n \t\t\t\t\t\t\t\t\t + \t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, + TST12-55,\n \t\t\t\t\t\t\t\t\t\t\t TST12-16, TST12-26, + TST12-36, TST12-46, TST12-56)\n[configure N PMP entries (highest-numbered + ones first) (as non-adjacent as possible, and avoid the first PMP entry)\n\ + \ - use A=NA4 for each PMP entry configuration\n - execute the N kinds + of accesses (if possible to chain due to potential access-fault exception)\n\ + \ - should be same N results]" +- 003_8_isolated_entries: !Subfeature + name: 003_8_isolated_entries + tag: VP_PMP_F021_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S004_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose all 8 PMP entries\n\nreuse of VP_PMP_F021_S001_I000 feature + description (Cf. Feature: \"multi entries NA4\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST21(group)\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST21-4 = extension of compatible group(8) + of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST11-12, TST11-22, TST11-32, TST11-42, + TST11-52,\n \t\t\t\t\t\t\t\t\t\t\t TST11-13, TST11-23, + TST11-33, TST11-43, TST11-53,\n \t\t\t\t\t\t\t\t\t + \t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, + TST11-55,\n \t\t\t\t\t\t\t\t\t\t\t TST11-16, TST11-26, + TST11-36, TST11-46, TST11-56,\n \t\t\t\t\t\t\t\t\t + \t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST12-12, TST12-22, TST12-32, TST12-42, + TST12-52,\n \t\t\t\t\t\t\t\t\t\t\t TST12-13, TST12-23, + TST12-33, TST12-43, TST12-53,\n \t\t\t\t\t\t\t\t\t + \t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, + TST12-55,\n \t\t\t\t\t\t\t\t\t\t\t TST12-16, TST12-26, + TST12-36, TST12-46, TST12-56)\n[configure 8 PMP entries (highest-numbered + ones first)\n - use A=NA4 for each PMP entry configuration\n - execute + the 8 kinds of accesses (if possible to chain due to potential access-fault + exception)\n - should be same 8 results]" +- 004_2_intersecting_entries_fail: !Subfeature + name: 004_2_intersecting_entries_fail + tag: VP_PMP_F021_S005 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S005_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NA4 access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario with access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault\n\ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should generate the access-type related access-fault\n\nREUSABILITY\n \ + \ - if possible, the number of PMP entries (N) is a configurable parameter\n\ + \ - so a single test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-1\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, TST14-25, + TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, + TST16-55,\n TST17-12, + TST17-22, TST17-32, TST17-42, TST17-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, TST17-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, TST18-22, + TST18-32, TST18-42, TST18-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n - configure + the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, + TST11-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST13-14, TST13-24, TST13-34, + TST13-44, TST13-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + \tTST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST14-14, TST14-24, TST14-34, TST14-44, + TST14-54,\n TST15-11, + TST15-21, TST15-31, TST15-41, TST15-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-11, TST16-21, + TST16-31, TST16-41, TST16-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54)\n - execute + the associated access\n - check associated access-fault exception raised]" +- 005_2_intersecting_entries_succeed: !Subfeature + name: 005_2_intersecting_entries_succeed + tag: VP_PMP_F021_S006 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S006_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NA4 access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario without access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault\n \ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should not generate any access-fault\n\nREUSABILITY\n - if possible, + the number of PMP entries (N) is a configurable parameter\n - so a single + test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-2\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-11, + TST11-21, TST11-31, TST11-41, TST11-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, + TST13-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \ + \ TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, + TST15-44, TST15-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, + TST16-54)\n - configure the highest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t\ + \ TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, + TST14-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, + TST15-35, TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \ + \ TST17-12, TST17-22, TST17-32, TST17-42, TST17-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, + TST17-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, + TST18-22, TST18-32, TST18-42, TST18-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n\ + \ - execute the associated access\n - check no access-fault exception]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP022.yml b/verif/docs/VerifPlans/PMP/VP_IP022.yml new file mode 100644 index 000000000..7412bcc7b --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP022.yml @@ -0,0 +1,376 @@ +!Feature +next_elt_id: 6 +name: multi entries NAPOT +id: 22 +display_order: 22 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F022_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg NAPOT access S/U/M\")\n - make sure the pmp entries address ranges + are not overlapping/intersecting\n - NB: obviously, pmp entry configurations + with different mstatus.MPRV/MPP values cannot be mixed in same test\n\n\ + CHECK\n - for each pmp entry, we should obtain the expected CHECK result\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST22(group)\n [create scenarios where PMP entries + with A=3 (NAPOT) and with/without matching permissions\n - check only + NAPOT defined addresses are matching]\nTST22-1 = extension of (TST13-11, + TST13-21, TST13-31, TST13-41, TST13-51,\n TST13-12, + TST13-22, TST13-32, TST13-42, TST13-52,\n TST13-13, + TST13-23, TST13-33, TST13-43, TST13-53,\n TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n TST13-16, + TST13-26, TST13-36, TST13-46, TST13-56,\n TST14-11, + TST14-21, TST14-31, TST14-41, TST14-51,\n TST14-12, + TST14-22, TST14-32, TST14-42, TST14-52,\n TST14-13, + TST14-23, TST14-33, TST14-43, TST14-53,\n TST14-14, + TST14-24, TST14-34, TST14-44, TST14-54,\n TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n TST14-16, + TST14-26, TST14-36, TST14-46, TST14-56)\n[configure only one (any, but the + first one) PMP entry\n - use A=NAPOT for the PMP entry configuration\n\ + \ - execute the chosen kind of access\n - should be same result]" +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F022_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F022_S001_I000 feature + description (Cf. Feature: \"multi entries NAPOT\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST22(group)\n [create scenarios where PMP entries + with A=3 (NAPOT) and with/without matching permissions\n - check only + NAPOT defined addresses are matching]\nTST22-2 = extension of compatible + pair of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t TST13-13, TST13-23, + TST13-33, TST13-43, TST13-53,\n \t\t\t\t\t\t\t\t\t + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54,\n \ + \ \t\t\t\t\t\t\t\t\t TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n\ + \ \t\t\t\t \t\t\t\t\t TST13-16, TST13-26, TST13-36, + TST13-46, TST13-56,\n \t\t\t\t\t\t\t\t\t TST14-11, + TST14-21, TST14-31, TST14-41, TST14-51,\n \t\t\t\t + \t\t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n \ + \ \t\t\t\t\t\t\t\t\t TST14-13, TST14-23, TST14-33, TST14-43, + TST14-53,\n \t\t\t\t\t\t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \t\t\t\t\t\t\t\t\t + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ \t\t\t\t\t\t\t\t\t TST14-16, TST14-26, TST14-36, TST14-46, TST14-56)\n + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid + the first PMP entry)\n - use A=NAPOT for each PMP entry configuration\n\ + \ - execute the 2 kinds of accesses (if possible to chain due to potential + access-fault exception)\n - should be same 2 results]" +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F022_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST22(group)\n [create scenarios where PMP entries + with A=3 (NAPOT) and with/without matching permissions\n - check only + NAPOT defined addresses are matching]\nTST22-3 = extension of compatible + group(N) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t\t\t TST13-13, + TST13-23, TST13-33, TST13-43, TST13-53,\n \t\t\t\t + \t\t\t\t\t\t\t TST13-14, TST13-24, TST13-34, TST13-44, TST13-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST13-15, TST13-25, TST13-35, + TST13-45, TST13-55,\n \t\t\t\t\t\t\t\t\t\t\t TST13-16, + TST13-26, TST13-36, TST13-46, TST13-56,\n \t\t\t\t + \t\t\t\t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST14-12, TST14-22, TST14-32, + TST14-42, TST14-52,\n \t\t\t\t\t\t\t\t\t\t\t TST14-13, + TST14-23, TST14-33, TST14-43, TST14-53,\n \t\t\t\t + \t\t\t\t\t\t\t TST14-14, TST14-24, TST14-34, TST14-44, TST14-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST14-15, TST14-25, TST14-35, + TST14-45, TST14-55,\n \t\t\t\t\t\t\t\t\t\t\t TST14-16, + TST14-26, TST14-36, TST14-46, TST14-56)\n[configure N PMP entries (highest-numbered + ones first) (as non-adjacent as possible, and avoid the first PMP entry)\n\ + \ - use A=NAPOT for each PMP entry configuration\n - execute the N kinds + of accesses (if possible to chain due to potential access-fault exception)\n\ + \ - should be same N results]" +- 003_8_isolated_entries: !Subfeature + name: 003_8_isolated_entries + tag: VP_PMP_F022_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S004_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose all 8 PMP entries\n\nreuse of VP_PMP_F022_S001_I000 feature + description (Cf. Feature: \"multi entries NAPOT\")" + pfc: 3 + test_type: 3 + cov_method: 0 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST22(group)\n [create scenarios where PMP entries + with A=3 (NAPOT) and with/without matching permissions\n - check only + NAPOT defined addresses are matching]\nTST22-4 = extension of compatible + group(8) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t\t\t TST13-13, + TST13-23, TST13-33, TST13-43, TST13-53,\n \t\t\t\t + \t\t\t\t\t\t\t TST13-14, TST13-24, TST13-34, TST13-44, TST13-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST13-15, TST13-25, TST13-35, + TST13-45, TST13-55,\n \t\t\t\t\t\t\t\t\t\t\t TST13-16, + TST13-26, TST13-36, TST13-46, TST13-56,\n \t\t\t\t + \t\t\t\t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST14-12, TST14-22, TST14-32, + TST14-42, TST14-52,\n \t\t\t\t\t\t\t\t\t\t\t TST14-13, + TST14-23, TST14-33, TST14-43, TST14-53,\n \t\t\t\t + \t\t\t\t\t\t\t TST14-14, TST14-24, TST14-34, TST14-44, TST14-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST14-15, TST14-25, TST14-35, + TST14-45, TST14-55,\n \t\t\t\t\t\t\t\t\t\t\t TST14-16, + TST14-26, TST14-36, TST14-46, TST14-56)\n[configure 8 PMP entries (highest-numbered + ones first)\n - use A=NAPOT for each PMP entry configuration\n - execute + the 8 kinds of accesses (if possible to chain due to potential access-fault + exception)\n - should be same 8 results]" +- 004_2_intersecting_entries_fail: !Subfeature + name: 004_2_intersecting_entries_fail + tag: VP_PMP_F022_S005 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S005_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NAPOT access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario with access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault\n\ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should generate the access-type related access-fault\n\nREUSABILITY\n \ + \ - if possible, the number of PMP entries (N) is a configurable parameter\n\ + \ - so a single test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-1\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, TST14-25, + TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, + TST16-55,\n TST17-12, + TST17-22, TST17-32, TST17-42, TST17-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, TST17-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, TST18-22, + TST18-32, TST18-42, TST18-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n - configure + the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, + TST11-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST13-14, TST13-24, TST13-34, + TST13-44, TST13-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + \tTST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST14-14, TST14-24, TST14-34, TST14-44, + TST14-54,\n TST15-11, + TST15-21, TST15-31, TST15-41, TST15-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-11, TST16-21, + TST16-31, TST16-41, TST16-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54)\n - execute + the associated access\n - check associated access-fault exception raised]" +- 005_2_intersecting_entries_succeed: !Subfeature + name: 005_2_intersecting_entries_succeed + tag: VP_PMP_F022_S006 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S006_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NAPOT access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario without access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault\n \ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should not generate any access-fault\n\nREUSABILITY\n - if possible, + the number of PMP entries (N) is a configurable parameter\n - so a single + test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-2\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-11, + TST11-21, TST11-31, TST11-41, TST11-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, + TST13-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \ + \ TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, + TST15-44, TST15-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, + TST16-54)\n - configure the highest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t\ + \ TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, + TST14-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, + TST15-35, TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \ + \ TST17-12, TST17-22, TST17-32, TST17-42, TST17-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, + TST17-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, + TST18-22, TST18-32, TST18-42, TST18-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n\ + \ - execute the associated access\n - check no access-fault exception]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP023.yml b/verif/docs/VerifPlans/PMP/VP_IP023.yml new file mode 100644 index 000000000..b09fcd938 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP023.yml @@ -0,0 +1,378 @@ +!Feature +next_elt_id: 6 +name: multi entries TOR +id: 23 +display_order: 23 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F023_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg TOR access S/U/M\")\n - make sure the pmp entries address ranges + are not overlapping/intersecting\n - NB: obviously, pmp entry configurations + with different mstatus.MPRV/MPP values cannot be mixed in same test\n\n\ + CHECK\n - for each pmp entry, we should obtain the expected CHECK result\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST23(group) => \n [create scenarios where PMP entries + with A=1 (TOR) and with/without matching permissions\n - pmpaddr(i−1) + < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions\n\ + \ - check only TOR defined addresses are matching]\nTST23-1 = extension + of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ TST15-13, TST15-23, TST15-33, TST15-43, TST15-53,\n \ + \ TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n \ + \ TST15-15, TST15-25, TST15-35, TST15-45, TST15-55,\n\ + \ TST15-16, TST15-26, TST15-36, TST15-46, TST15-56,\n\ + \ TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n\ + \ TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n\ + \ TST16-13, TST16-23, TST16-33, TST16-43, TST16-53,\n\ + \ TST16-14, TST16-24, TST16-34, TST16-44, TST16-54,\n\ + \ TST16-15, TST16-25, TST16-35, TST16-45, TST16-55,\n\ + \ TST16-16, TST16-26, TST16-36, TST16-46, TST16-56)\n + [configure only one (any, but the first one) PMP entry\n - execute the + chosen kind of access\n - should be same result]" +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F023_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F023_S001_I000 feature + description (Cf. Feature: \"multi entries TOR\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST23(group) => \n [create scenarios where PMP entries + with A=1 (TOR) and with/without matching permissions\n - pmpaddr(i−1) + < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions\n\ + \ - check only TOR defined addresses are matching]\nTST23-2 = extension + of compatible pair of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n\ + \ \t\t\t\t\t\t\t\t\t TST15-12, TST15-22, TST15-32, + TST15-42, TST15-52,\n \t\t\t\t\t\t\t\t\t TST15-13, + TST15-23, TST15-33, TST15-43, TST15-53,\n \t\t\t\t + \t\t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n \ + \ \t\t\t\t\t\t\t\t\t TST15-15, TST15-25, TST15-35, TST15-45, + TST15-55,\n \t\t\t\t\t\t\t\t\t TST15-16, TST15-26, + TST15-36, TST15-46, TST15-56,\n \t\t\t\t\t\t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t \t\t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n\ + \ \t\t\t\t\t\t\t\t\t TST16-13, TST16-23, TST16-33, + TST16-43, TST16-53,\n \t\t\t\t\t\t\t\t\t TST16-14, + TST16-24, TST16-34, TST16-44, TST16-54,\n \t\t\t\t + \t\t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, TST16-55,\n \ + \ \t\t\t\t\t\t\t\t\t TST16-16, TST16-26, TST16-36, TST16-46, + TST16-56)\n [configure 2 non-adjacent PMP entries (highest-numbered ones + first) (avoid the first PMP entry)\n - execute the 2 kinds of accesses + (if possible to chain due to potential access-fault exception)\n - should + be same 2 results]" +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F023_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST23(group) => \n [create scenarios where PMP entries + with A=1 (TOR) and with/without matching permissions\n - pmpaddr(i−1) + < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions\n\ + \ - check only TOR defined addresses are matching]\nTST23-3 = extension + of compatible group(N) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n\ + \ \t\t\t\t\t\t\t\t\t\t\t TST15-12, TST15-22, TST15-32, + TST15-42, TST15-52,\n \t\t\t\t\t\t\t\t\t\t\t TST15-13, + TST15-23, TST15-33, TST15-43, TST15-53,\n \t\t\t\t + \t\t\t\t\t \t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t\t\t TST15-16, + TST15-26, TST15-36, TST15-46, TST15-56,\n \t\t\t\t + \t\t\t\t\t \t\t TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST16-12, TST16-22, TST16-32, + TST16-42, TST16-52,\n \t\t\t\t\t\t\t\t\t\t\t TST16-13, + TST16-23, TST16-33, TST16-43, TST16-53,\n \t\t\t\t + \t\t\t\t\t \t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \t\t\t\t\t\t\t\t\t\t\t TST16-16, + TST16-26, TST16-36, TST16-46, TST16-56)\n[configure N PMP entries (highest-numbered + ones first) (as non-adjacent as possible, and avoid the first PMP entry)\n\ + \ - execute the N kinds of accesses (if possible to chain due to potential + access-fault exception)\n - should be same N results]" +- 003_8_isolated_entries: !Subfeature + name: 003_8_isolated_entries + tag: VP_PMP_F023_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S004_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose all 8 PMP entries\n\nreuse of VP_PMP_F023_S001_I000 feature + description (Cf. Feature: \"multi entries TOR\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST23(group) => \n [create scenarios where PMP entries + with A=1 (TOR) and with/without matching permissions\n - pmpaddr(i−1) + < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions\n\ + \ - check only TOR defined addresses are matching]\nTST23-4 = extension + of compatible group(8) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n\ + \ \t\t\t\t\t\t\t\t\t\t\t TST15-12, TST15-22, TST15-32, + TST15-42, TST15-52,\n \t\t\t\t\t\t\t\t\t\t\t TST15-13, + TST15-23, TST15-33, TST15-43, TST15-53,\n \t\t\t\t + \t\t\t\t\t \t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t\t\t TST15-16, + TST15-26, TST15-36, TST15-46, TST15-56,\n \t\t\t\t + \t\t\t\t\t \t\t TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST16-12, TST16-22, TST16-32, + TST16-42, TST16-52,\n \t\t\t\t\t\t\t\t\t\t\t TST16-13, + TST16-23, TST16-33, TST16-43, TST16-53,\n \t\t\t\t + \t\t\t\t\t \t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \t\t\t\t\t\t\t\t\t\t\t TST16-16, + TST16-26, TST16-36, TST16-46, TST16-56)\n[configure 8 PMP entries (highest-numbered + ones first)\n - execute the 8 kinds of accesses (if possible to chain due + to potential access-fault exception)\n - should be same 8 results]" +- 004_2_intersecting_entries_fail: !Subfeature + name: 004_2_intersecting_entries_fail + tag: VP_PMP_F023_S005 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S005_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg TOR access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario with access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault\n\ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should generate the access-type related access-fault\n\nREUSABILITY\n \ + \ - if possible, the number of PMP entries (N) is a configurable parameter\n\ + \ - so a single test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-1\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, TST14-25, + TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, + TST16-55,\n TST17-12, + TST17-22, TST17-32, TST17-42, TST17-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, TST17-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, TST18-22, + TST18-32, TST18-42, TST18-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n - configure + the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, + TST11-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST13-14, TST13-24, TST13-34, + TST13-44, TST13-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + \tTST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST14-14, TST14-24, TST14-34, TST14-44, + TST14-54,\n TST15-11, + TST15-21, TST15-31, TST15-41, TST15-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-11, TST16-21, + TST16-31, TST16-41, TST16-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54)\n - execute + the associated access\n - check associated access-fault exception raised]" +- 005_2_intersecting_entries_succeed: !Subfeature + name: 005_2_intersecting_entries_succeed + tag: VP_PMP_F023_S006 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S006_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg TOR access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario without access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault\n \ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should not generate any access-fault\n\nREUSABILITY\n - if possible, + the number of PMP entries (N) is a configurable parameter\n - so a single + test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-2\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-11, + TST11-21, TST11-31, TST11-41, TST11-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, + TST13-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \ + \ TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, + TST15-44, TST15-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, + TST16-54)\n - configure the highest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t\ + \ TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, + TST14-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, + TST15-35, TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \ + \ TST17-12, TST17-22, TST17-32, TST17-42, TST17-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, + TST17-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, + TST18-22, TST18-32, TST18-42, TST18-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n\ + \ - execute the associated access\n - check no access-fault exception]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP024.yml b/verif/docs/VerifPlans/PMP/VP_IP024.yml new file mode 100644 index 000000000..824f2ef61 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP024.yml @@ -0,0 +1,200 @@ +!Feature +next_elt_id: 4 +name: multi entries OFF +id: 24 +display_order: 24 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F024_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F024_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg OFF access S/U/M\")\n - make sure the pmp entries address ranges + are not overlapping/intersecting\n - NB: obviously, pmp entry configurations + with different mstatus.MPRV/MPP values cannot be mixed in same test\n\n\ + CHECK\n - for each pmp entry, we should obtain the expected CHECK result\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST24(group) => FTR09-g\n [create scenarios where PMP + entries with A=0 (OFF) and with matching permissions\n - check no address + matching for those PMP entries]\n [create scenarios where all PMP entries + with A=0 (OFF) and with matching permissions\n - check no address matching + for all PMP entries]\n [check S or U mode access fails when all A=OFF with + at least one PMP entry implemented] => FTR09-g\nTST24-1 = extension of (TST17-11, + TST17-21, TST17-31, TST17-41, TST17-51,\n TST17-13, + TST17-23, TST17-33, TST17-43, TST17-53,\n TST17-14, + TST17-24, TST17-34, TST17-44, TST17-54,\n TST17-16, + TST17-26, TST17-36, TST17-46, TST17-56,\n TST18-14, + TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an + exception\n TST18-16, TST18-26, TST18-36, TST18-46, + TST18-56) //TODO: M-mode may not raise an exception\n \ + \ //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51,\n\ + \ TST18-13, TST18-23, TST18-33, + TST18-43, TST18-53) ?\n[configure only one (any, but the first one) PMP + entry\n - execute the chosen kind of access\n - check appropriate access-fault + exception raised]" +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F024_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F024_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F024_S001_I000 feature + description (Cf. Feature: \"multi entries OFF\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST24(group) => FTR09-g\n [create scenarios where PMP + entries with A=0 (OFF) and with matching permissions\n - check no address + matching for those PMP entries]\n [create scenarios where all PMP entries + with A=0 (OFF) and with matching permissions\n - check no address matching + for all PMP entries]\n [check S or U mode access fails when all A=OFF with + at least one PMP entry implemented] => FTR09-g\nTST24-2 = extension of compatible + pair of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51,\n \ + \ \t\t\t\t\t\t\t\t\t TST17-13, TST17-23, TST17-33, TST17-43, + TST17-53,\n \t\t\t\t\t\t\t\t\t TST17-14, TST17-24, + TST17-34, TST17-44, TST17-54,\n \t\t\t\t\t\t\t\t + \t TST17-16, TST17-26, TST17-36, TST17-46, TST17-56,\n \ + \ \t\t\t\t\t\t\t\t\t TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, + //TODO: M-mode may not raise an exception\n \t\t + \t\t\t\t\t\t\t TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: + M-mode may not raise an exception\n //TODO: SHOULD + WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51,\n \ + \ TST18-13, TST18-23, TST18-33, TST18-43, + TST18-53) ?\n[configure 2 non-adjacent PMP entries (highest-numbered ones + first) (avoid the first PMP entry)\n - execute the 2 kinds of accesses + (if possible to chain due to access-fault)\n - check 2 appropriate access-fault + exceptions raised]" +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F024_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F024_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST24(group) => FTR09-g\n [create scenarios where PMP + entries with A=0 (OFF) and with matching permissions\n - check no address + matching for those PMP entries]\n [create scenarios where all PMP entries + with A=0 (OFF) and with matching permissions\n - check no address matching + for all PMP entries]\n [check S or U mode access fails when all A=OFF with + at least one PMP entry implemented] => FTR09-g\nTST24-3 = extension of compatible + group(N) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51,\n \ + \ \t\t\t\t\t\t\t\t\t\t TST17-13, TST17-23, TST17-33, TST17-43, + TST17-53,\n \t\t\t\t\t\t\t\t\t\t TST17-14, TST17-24, + TST17-34, TST17-44, TST17-54,\n \t\t\t\t\t\t\t\t + \t\t TST17-16, TST17-26, TST17-36, TST17-46, TST17-56,\n \ + \ \t\t\t\t\t\t\t\t\t\t TST18-14, TST18-24, TST18-34, TST18-44, + TST18-54, //TODO: M-mode may not raise an exception\n \ + \ \t\t\t\t\t\t\t\t\t\t TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) + //TODO: M-mode may not raise an exception\n //TODO: + SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51,\n \ + \ TST18-13, TST18-23, TST18-33, + TST18-43, TST18-53) ?\n[configure N PMP entries (highest-numbered ones first) + (as non-adjacent as possible, and avoid the first PMP entry)\n - execute + the N kinds of accesses (if possible to chain due to access-fault)\n - + check N appropriate access-fault exceptions raised]" +- 003_8_isolated_entries: !Subfeature + name: 003_8_isolated_entries + tag: VP_PMP_F024_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F024_S004_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose all 8 PMP entries\n\nreuse of VP_PMP_F024_S001_I000 feature + description (Cf. Feature: \"multi entries OFF\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST24(group) => FTR09-g\n [create scenarios where PMP + entries with A=0 (OFF) and with matching permissions\n - check no address + matching for those PMP entries]\n [create scenarios where all PMP entries + with A=0 (OFF) and with matching permissions\n - check no address matching + for all PMP entries]\n [check S or U mode access fails when all A=OFF with + at least one PMP entry implemented] => FTR09-g\nTST24-4 = extension of compatible + group(8) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST17-13, TST17-23, TST17-33, TST17-43, + TST17-53,\n \t\t\t\t\t\t\t\t\t\t\t TST17-14, TST17-24, + TST17-34, TST17-44, TST17-54,\n \t\t\t\t\t\t\t\t\t + \t\t TST17-16, TST17-26, TST17-36, TST17-46, TST17-56,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST18-14, TST18-24, TST18-34, TST18-44, + TST18-54, //TODO: M-mode may not raise an exception\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) + //TODO: M-mode may not raise an exception\n //TODO: + SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51,\n \ + \ TST18-13, TST18-23, TST18-33, + TST18-43, TST18-53) ?\n[configure 8 PMP entries (highest-numbered ones first)\n\ + \ - execute the 8 kinds of accesses (if possible to chain due to access-fault)\n\ + \ - check 8 appropriate access-fault exceptions raised]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP025.yml b/verif/docs/VerifPlans/PMP/VP_IP025.yml new file mode 100644 index 000000000..db3587a8b --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP025.yml @@ -0,0 +1,290 @@ +!Feature +next_elt_id: 6 +name: multi entries ALL +id: 25 +display_order: 25 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F025_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F025_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg NA4/NAPOT/TOR/OFF access S/U/M\")\n - make sure the pmp entries + address ranges are not overlapping/intersecting\n - NB: obviously, pmp + entry configurations with different mstatus.MPRV/MPP values cannot be mixed + in same test\n\nCHECK\n - for each pmp entry, we should obtain the expected + CHECK result\n\nREUSABILITY\n - if possible, the number of PMP entries + (N) is a configurable parameter\n - so a single test function can be + reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F025_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F025_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F025_S001_I000 feature + description (Cf. Feature: \"multi entries ALL\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F025_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F025_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-1\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, TST14-25, + TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, + TST16-55,\n TST17-12, + TST17-22, TST17-32, TST17-42, TST17-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, TST17-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, TST18-22, + TST18-32, TST18-42, TST18-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n - configure + the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, + TST11-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST13-14, TST13-24, TST13-34, + TST13-44, TST13-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + \tTST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST14-14, TST14-24, TST14-34, TST14-44, + TST14-54,\n TST15-11, + TST15-21, TST15-31, TST15-41, TST15-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-11, TST16-21, + TST16-31, TST16-41, TST16-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54)\n - execute + the associated access\n - check associated access-fault exception raised]" +- 005_2_intersecting_entries_succeed: !Subfeature + name: 005_2_intersecting_entries_succeed + tag: VP_PMP_F025_S006 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F025_S006_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NA4/NAPOT/TOR/OFF access S/U/M\")\n - for the least-numbered pmp + entry, apply any CONFIGURATION+ACCESS scenario without access-fault\n \ + \ - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS + scenario with access-fault\n - make sure the pmp entries address ranges + are overlapping/intersecting (at least at 4 consecutive bytes)\n - for + each pmp entry, execute one access in its associated pmp address region + but outside the overlapping/intersecting address range\n - execute one + additional access inside the overlapping/intersecting address range\n \ + \ - NB: obviously, pmp entry configurations with different access-modes + (S/U vs. M) cannot be easily mixed in same test\n - NB: obviously, pmp + entry configurations with different mstatus.MPRV/MPP values cannot be mixed + in same test\n\nCHECK\n - for each pmp entry, access outside the overlapping/intersecting + address range should give the expected CHECK result\n - access inside + the overlapping/intersecting address range should not generate any access-fault\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-2\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-11, + TST11-21, TST11-31, TST11-41, TST11-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, + TST13-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \ + \ TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, + TST15-44, TST15-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, + TST16-54)\n - configure the highest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t\ + \ TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, + TST14-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, + TST15-35, TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \ + \ TST17-12, TST17-22, TST17-32, TST17-42, TST17-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, + TST17-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, + TST18-22, TST18-32, TST18-42, TST18-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n\ + \ - execute the associated access\n - check no access-fault exception]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP031.yml b/verif/docs/VerifPlans/PMP/VP_IP031.yml new file mode 100644 index 000000000..45ff1790a --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP031.yml @@ -0,0 +1,51 @@ +!Feature +next_elt_id: 1 +name: entry reconfiguration +id: 31 +display_order: 31 +subfeatures: !!omap +- 000_reconfigure_N_pmp_entries: !Subfeature + name: 000_reconfigure_N_pmp_entries + tag: VP_PMP_F031_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F031_S001_I000 + description: "reuse of feature descriptions (Cf. Feature: \"cfg NA4/NAPOT/TOR/OFF + access S/U/M\")\nreuse of feature descriptions (Cf. Feature: \"CSRs M-mode + only\")\nreuse of feature descriptions (Cf. Feature: \"CSRs locked access\"\ + )\nreuse of feature descriptions (Cf. Feature: \"multi entries NA4/NAPOT/TOR/OFF\"\ + )" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure any N PMP entries, possibly some with L=1\n\nCONFIGURATION + and ACCESS\n - for each pmp entry, apply any CONFIGURATION+ACCESS scenario + above (Cf. Feature: \"cfg NA4/NAPOT/TOR/OFF access S/U/M\")\n - make + sure the pmp entries address ranges are not overlapping/intersecting\n \ + \ - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP + values cannot be mixed in same test\n\nRECONFIGURATION and ACCESS\n - + for each pmp entry with L=0, apply any other CONFIGURATION+ACCESS scenario + above (Cf. Feature: \"cfg NA4/NAPOT/TOR/OFF access S/U/M\")\n - make + sure the pmp entries address ranges are not overlapping/intersecting\n \ + \ - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP + values cannot be mixed in same test\n\nRESET\n - if there is any pmp + entry with L=1, apply hart reset (or only PMP reset if possible)\n - + and restart with CONFIGURATION and RESET\n\nCHECK\n - for each pmp entry, + we should obtain the expected CHECK result\n\nREUSABILITY\n - if possible, + the number of PMP entries (N) is a configurable parameter\n - so a single + test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/pmp_verif_plan.txt b/verif/docs/VerifPlans/PMP/pmp_verif_plan.txt new file mode 100644 index 000000000..7569eadb5 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/pmp_verif_plan.txt @@ -0,0 +1,1739 @@ +/////////////////////////////////////////////////////////////////////////////////// +INITIAL VERIF PLAN (cv32a6_embedded_copro): list of memory regions +/////////////////////////////////////////////////////////////////////////////////// + + + +Check no LSU Fault/Exception and correct access propagation +- LOAD+STORE allowed ahb_periph regions +- LOAD allowed D-scratchpad +- LOAD+STORE allowed I-scratchpad (preload mode) +- LOAD+STORE allowed D-$ +- LOAD+STORE system memory + +Check no FETCH Fault/Exception and correct access propagation +- FETCH allowed I-$ +- FETCH allowed I-scratchpad (functional mode) +- FETCH system memory + +Check LSU Fault/Exception and NO access propagation +- LOAD+STORE disabled ahb_periph (if enabling/disabling still specified) +- LOAD+STORE forbidden ahb_periph regions (if definable) +- LOAD+STORE disabled D-scratchpad (if enabling/disabling still specified) +- LOAD forbidden D-scratchpad (if definable) +- STORE D-scratchpad (maybe not PMP related, but structurally forbidden) +- LOAD+STORE disabled I-scratchpad (if enabling/disabling still specified) +- LOAD+STORE I-scratchpad (functional mode) (maybe not PMP related, but structurally forbidden) +- LOAD+STORE forbidden I-scratchpad (if definable) +- LOAD+STORE forbidden D-$ (if definable) +- LOAD+STORE I-$ (inexistent path) +- LOAD+STORE unallocated System Memory (inexistent path) + +Check FETCH Fault/Exception and NO access propagation +- FETCH forbidden I-$ (if definable) +- FETCH disabled I-scratchpad (if enabling/disabling still specified) +- FETCH I-scratchpad (preload mode) +- FETCH forbidden I-scratchpad (if definable) +- FETCH D-scratchpad (inexistent path) (not PMP related) +- FETCH ahb_periph (inexistent path) (not PMP related) +- FETCH unallocated System Memory (inexistent path) (not PMP related) + + + +/////////////////////////////////////////////////////////////////////////////////// +ADDITONAL VERIF PLAN +/////////////////////////////////////////////////////////////////////////////////// + +[we assume there is only 1 hart in cv32a6] + +[we assume MXLEN is always 32bits] + +[we assume XLEN=MXLEN=32, so the PMP address registers are XLEN bits long, so no zero-extension needed] + +[we assume there is no region with hardwired privileges in PMP] + +[we assume the PMP granularity is 4 bytes (G=0)] + +[we assume there are 8 HW implemented PMP entries] + +[we assume no virtual memory is implemented] +[we assume page-based virtual memory is not implemented] + +[we assume the list of all physical memory regions] + - system memory regions + - I-$ + - D-$ + - I-scratchpad (preload mode) + - I-scratchpad (functional mode) + - D-scratchpad + - ahb_periph + +[check the role/definitions of mstatus.MPRV and mstatus.MPP later] //TODO + +[we assume an already written PMP entry (i) can be disabled + - if L=0, by clearing pmpcfg(i) + - if L=1, only by hart reset] + +//////////////////////////// + +TB01 => FTR01-h +[check that all violations are trapped at the processor] +[any time there is an access-fault type, check it matches the access-type] + +//TODO: TB02 +Determine how to use SV to factorize the similar tests + +//////////////////////////// + +TST01 (HIGH-PRIO) => FTR07-b +[determine the PMP granularity 2^(G+2) bytes by writing zero to pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). G is the index G of the least-significant bit set] + +TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero +TST02-1 (HIGH-PRIO) +[configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first one): with L=0, + - if possible, the PMP entry number is a configurable parameter + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST02-2 (LOW-PRIO) = 2 times reuse/call of TST02-1 +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST02-3 (LOW-PRIO) = N times reuse/call of TST02-1 +[configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): all with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST02-4 (HIGH-PRIO) = 8 times reuse/call of TST02-1 +[configure 8 PMP entries: all with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] + +TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero +TST03-1 (HIGH-PRIO) +[configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first one): with L=1, + - if possible, the PMP entry number is a configurable parameter + - if possible, L value is a configurable parameter + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST03-2 (LOW-PRIO) = 2 times reuse/call of TST02-1 +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=1, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST03-3 (HIGH-PRIO) = 2 times reuse/call of TST02-1 +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST03-4 (LOW-PRIO) = N times reuse/call of TST02-1 +[configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST03-5 (HIGH-PRIO) = 8 times reuse/call of TST02-1 +[configure 8 PMP entries: at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] + +TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] +TST04-1 (LOW-PRIO) extends TST02-1 +[configure any PMP entry, but the first one + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +TST04-2 (HIGH-PRIO) extends TST02-2 +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +TST04-3 (LOW-PRIO) extends TST02-3 +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +TST04-4 (HIGH-PRIO) extends TST02-4 +[configure 8 PMP entries (highest-numbered ones first) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] + +TST05 => FTR01-c and FTR01-c-extended + [check all regions are configurable in M-mode to make sure none is hardwired] + [regions hardwired privileges might only ever be visible in M-mode] +TST05-1 (HIGH-PRIO) extends TST02-4 + - check the written pmp(i)cfg and pmpaddr(i) values can be read exactly the same as written +TST05-2 (LOW-PRIO) extends TST03-5 + - check the written pmp(i)cfg and pmpaddr(i) values can be read exactly the same as written (before hart reset) + +TST06 => FTR04-a +[PMP CSR fields are WARL: PMP entry combinations with R=0 and W=1 are reserved/can’t be read] +[permissions fields could be randomly written; should we try randomization ?] +TST06-1 (HIGH-PRIO) extends TST02-4 + - write totally random values to pmp(i)cfg and pmpaddr(i) + - check all pmp(i)cfg and pmpaddr(i) can be read exactly the same as written except for the reserved combinations with R=0 and W=1 +TST06-2 (LOW-PRIO) extends TST03-5 + - write totally random values to pmp(i)cfg and pmpaddr(i) + - check all pmp(i)cfg and pmpaddr(i) can be read exactly the same as written except for the reserved combinations with R=0 and W=1 (before hart reset) + +//////////////////////////// + +TST10-1 (HIGH-PRIO) => FTR09-e +[check M-mode access succeeds if no PMP entry matches] +TST10-2 (HIGH-PRIO) => FTR09-e-question +[check M-mode access succeeds if no PMP entry defined] + +TST10-3 (HIGH-PRIO) => FTR09-f +[check S or U mode access fails when no PMP entry matching and at least one PMP entry implemented] +TST10-4 (HIGH-PRIO) => FTR09-f-question +[check S or U mode access fails when no PMP entry implemented] + +//////////////////////////// + +TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-11 (HIGH-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-12 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +TST11-13 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check instruction fetch access-fault exception raised] +TST11-14 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-15 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +TST11-16 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check instruction fetch access-fault exception raised] + +--------------------------- + +TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-21 (HIGH-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-22 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST11-23 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +TST11-24 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-25 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST11-26 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] + +--------------------------- + +TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-31 (HIGH-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST11-32 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST11-33 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +TST11-34 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST11-35 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST11-36 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] + +--------------------------- + +TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-41 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-42 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST11-43 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +TST11-44 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-45 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST11-46 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] + +--------------------------- + +TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-51 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST11-52 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST11-53 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +TST11-54 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST11-55 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST11-56 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] + +//////////////////////////// + +TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-11 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-12 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-13 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-14 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-15 (MEDIUM-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +TST12-16 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +--------------------------- + +TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-21 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-22 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-23 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-24 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-25 (MEDIUM-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST12-26 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +--------------------------- + +TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-31 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-32 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-33 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-34 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-35 (MEDIUM-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST12-36 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +--------------------------- + +TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-41 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-42 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-43 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-44 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-45 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST12-46 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +--------------------------- + +TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-51 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-52 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-53 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-54 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-55 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST12-56 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +//////////////////////////// +//TODO: complete specificities for A=NAPOT + +TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] +TST13-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=NAPOT] +TST13-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=NAPOT] +TST13-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=NAPOT] +TST13-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=NAPOT] +TST13-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=NAPOT] +TST13-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] +TST13-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=NAPOT] +TST13-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=NAPOT] +TST13-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=NAPOT] +TST13-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=NAPOT] +TST13-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=NAPOT] +TST13-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] +TST13-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=NAPOT] +TST13-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=NAPOT] +TST13-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=NAPOT] +TST13-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=NAPOT] +TST13-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=NAPOT] +TST13-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] +TST13-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=NAPOT] +TST13-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=NAPOT] +TST13-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=NAPOT] +TST13-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=NAPOT] +TST13-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=NAPOT] +TST13-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] +TST13-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=NAPOT] +TST13-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=NAPOT] +TST13-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=NAPOT] +TST13-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=NAPOT] +TST13-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=NAPOT] +TST13-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=NAPOT] + +//////////////////////////// + +TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] +TST14-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=NAPOT] +TST14-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=NAPOT] +TST14-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=NAPOT] +TST14-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=NAPOT] +TST14-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=NAPOT] +TST14-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] +TST14-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=NAPOT] +TST14-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=NAPOT] +TST14-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=NAPOT] +TST14-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=NAPOT] +TST14-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=NAPOT] +TST14-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] +TST14-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=NAPOT] +TST14-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=NAPOT] +TST14-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=NAPOT] +TST14-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=NAPOT] +TST14-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=NAPOT] +TST14-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] +TST14-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=NAPOT] +TST14-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=NAPOT] +TST14-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=NAPOT] +TST14-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=NAPOT] +TST14-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=NAPOT] +TST14-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] +TST14-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=NAPOT] +TST14-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=NAPOT] +TST14-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=NAPOT] +TST14-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=NAPOT] +TST14-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=NAPOT] +TST14-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=NAPOT] + +//////////////////////////// +//TODO: complete specificities for A=TOR + +TST15-1x(group) => FTR06-a + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] +TST15-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=TOR] +TST15-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=TOR] +TST15-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=TOR] +TST15-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=TOR] +TST15-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=TOR] +TST15-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST15-2x(group) => FTR06-a + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] +TST15-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=TOR] +TST15-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=TOR] +TST15-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=TOR] +TST15-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=TOR] +TST15-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=TOR] +TST15-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST15-3x(group) => FTR06-a + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] +TST15-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=TOR] +TST15-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=TOR] +TST15-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=TOR] +TST15-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=TOR] +TST15-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=TOR] +TST15-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST15-4x(group) => FTR06-a + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] +TST15-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=TOR] +TST15-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=TOR] +TST15-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=TOR] +TST15-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=TOR] +TST15-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=TOR] +TST15-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST15-5x(group) => FTR06-a + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] +TST15-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=TOR] +TST15-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=TOR] +TST15-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=TOR] +TST15-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=TOR] +TST15-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=TOR] +TST15-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=TOR] + +//////////////////////////// + +TST16-1x(group) => FTR06-a + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] +TST16-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=TOR] +TST16-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=TOR] +TST16-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=TOR] +TST16-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=TOR] +TST16-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=TOR] +TST16-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST16-2x(group) => FTR06-a + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] +TST16-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=TOR] +TST16-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=TOR] +TST16-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=TOR] +TST16-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=TOR] +TST16-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=TOR] +TST16-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST16-3x(group) => FTR06-a + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] +TST16-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=TOR] +TST16-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=TOR] +TST16-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=TOR] +TST16-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=TOR] +TST16-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=TOR] +TST16-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST16-4x(group) => FTR06-a + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] +TST16-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=TOR] +TST16-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=TOR] +TST16-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=TOR] +TST16-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=TOR] +TST16-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=TOR] +TST16-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST16-5x(group) => FTR06-a + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] +TST16-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=TOR] +TST16-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=TOR] +TST16-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=TOR] +TST16-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=TOR] +TST16-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=TOR] +TST16-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=TOR] + +//////////////////////////// +//TODO: complete specificities for A=OFF + +TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] +TST17-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST17-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=OFF] +TST17-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=OFF] +TST17-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST17-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=OFF] +TST17-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] +TST17-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +TST17-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=OFF] +TST17-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=OFF] +TST17-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +TST17-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=OFF] +TST17-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] +TST17-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +TST17-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=OFF] +TST17-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=OFF] +TST17-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +TST17-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=OFF] +TST17-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] +TST17-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +TST17-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=OFF] +TST17-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=OFF] +TST17-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +TST17-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=OFF] +TST17-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] +TST17-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +TST17-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=OFF] +TST17-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=OFF] +TST17-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +TST17-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=OFF] +TST17-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=OFF] + +//////////////////////////// + +TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] +TST18-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=OFF] +TST18-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=OFF] +TST18-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=OFF] +TST18-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=OFF] +TST18-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] +TST18-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=OFF] +TST18-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=OFF] +TST18-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=OFF] +TST18-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=OFF] +TST18-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] +TST18-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=OFF] +TST18-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=OFF] +TST18-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=OFF] +TST18-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=OFF] +TST18-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] +TST18-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=OFF] +TST18-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=OFF] +TST18-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=OFF] +TST18-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=OFF] +TST18-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] +TST18-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=OFF] +TST18-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=OFF] +TST18-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=OFF] +TST18-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=OFF] +TST18-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=OFF] + +//////////////////////////// + +TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST21-1 = extension of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) +[configure only one (any, but the first one) PMP entry + - use A=NA4 for the PMP entry configuration + - execute the chosen kind of access + - should be same result] +TST21-2 = extension of compatible pair of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - use A=NA4 for each PMP entry configuration + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +TST21-3 = extension of compatible group(N) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - use A=NA4 for each PMP entry configuration + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +TST21-4 = extension of compatible group(8) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) +[configure 8 PMP entries (highest-numbered ones first) + - use A=NA4 for each PMP entry configuration + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] + +--------------------------- + +TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] +TST22-1 = extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) +[configure only one (any, but the first one) PMP entry + - use A=NAPOT for the PMP entry configuration + - execute the chosen kind of access + - should be same result] +TST22-2 = extension of compatible pair of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - use A=NAPOT for each PMP entry configuration + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +TST22-3 = extension of compatible group(N) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - use A=NAPOT for each PMP entry configuration + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +TST22-4 = extension of compatible group(8) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) +[configure 8 PMP entries (highest-numbered ones first) + - use A=NAPOT for each PMP entry configuration + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] + +--------------------------- + +TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] +TST23-1 = extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) +[configure only one (any, but the first one) PMP entry + - execute the chosen kind of access + - should be same result] +TST23-2 = extension of compatible pair of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +TST23-3 = extension of compatible group(N) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +TST23-4 = extension of compatible group(8) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) +[configure 8 PMP entries (highest-numbered ones first) + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] + +--------------------------- + +TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g +TST24-1 = extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? +[configure only one (any, but the first one) PMP entry + - execute the chosen kind of access + - check appropriate access-fault exception raised] +TST24-2 = extension of compatible pair of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses (if possible to chain due to access-fault) + - check 2 appropriate access-fault exceptions raised] +TST24-3 = extension of compatible group(N) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute the N kinds of accesses (if possible to chain due to access-fault) + - check N appropriate access-fault exceptions raised] +TST24-4 = extension of compatible group(8) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? +[configure 8 PMP entries (highest-numbered ones first) + - execute the 8 kinds of accesses (if possible to chain due to access-fault) + - check 8 appropriate access-fault exceptions raised] + +--------------------------- + +//TO COMPLETE => FTR06-b +TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 +TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + +//TO COMPLETE => FTR06-c +TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] + +//////////////////////////// + +TST31(group) => FTR08-a and FTR08-b + [create scenario where L=0 for PMP entry (i) + - check pmp(i)cfg and pmpaddr(i) are writable in M-mode only] + [create scenario where L=1 for PMP entry (i) + - check pmp(i)cfg and pmpaddr(i) are effectively locked whatever the mode] + [create scenario where PMP entries are locked L=1 + - check only the hart reset unlocks all PMP entries + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero] +TST31-1 = extension of (TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure only one ([FTR02-b1]: maybe mandatorily the 1st) PMP entry: with L=1 + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a] +TST31-2 = extension of compatible pair of (TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=1 + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a] +TST31-3 = extension of compatible pair of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): one with L=1 and the other with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] +TST31-4 = extension of compatible group(N) of (TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): all with L=1 + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a] +TST31-5 = extension of compatible group(N) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] +TST31-6 = extension of compatible group(8) of (TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure 8 PMP entries: all with L=1 + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a] +TST31-7 = extension of compatible group(8) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure 8 PMP entries: at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] + +--------------------------- + +TST32(group) => FTR08-a and FTR08-b + [create scenario where pmp(i)cfg.L=1 and pmp(i)cfg.A=NAPOT for PMP entry (i)] +TST32-1 = same as TST31-1 but with extension of (TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-2 = same as TST31-2 but with extension of (TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-3 = same as TST31-3 but with extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-4 = same as TST31-4 but with extension of (TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-5 = same as TST31-5 but with extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-6 = same as TST31-6 but with extension of (TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-7 = same as TST31-7 but with extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) + +--------------------------- + +TST33(group) => FTR08-a and FTR08-b + [create scenario where pmp(i)cfg.L=1 and pmp(i)cfg.A=TOR for PMP entry (i) + - additionally, check writes to pmpaddr(i-1) are ignored] +TST33-1 = same as TST31-1 but with extension of (TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-2 = same as TST31-2 but with extension of (TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-3 = same as TST31-3 but with extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-4 = same as TST31-4 but with extension of (TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-5 = same as TST31-5 but with extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-6 = same as TST31-6 but with extension of (TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-7 = same as TST31-7 but with extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + +--------------------------- + +TST34(group) => FTR08-a and FTR08-b + [create scenario where pmp(i)cfg.A=OFF, then pmp(i)cfg.L=1 for PMP entry (i) + - check writes to pmp(i)cfg are ignored] +TST34-1 = same as TST31-1 but with extension of (TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-2 = same as TST31-2 but with extension of (TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-3 = same as TST31-3 but with extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-4 = same as TST31-4 but with extension of (TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-5 = same as TST31-5 but with extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-6 = same as TST31-6 but with extension of (TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-7 = same as TST31-7 but with extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) + +--------------------------- + +TST39(group) => FTR08-a and FTR08-b + [create scenario where pmp(i)cfg.L=1 and pmp(i)cfg.A=NA4/NAPOT/TOR/OFF for PMP entry (i)] +TST39-1 = same as TST31-1 but with extension of (TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-2 = same as TST31-2 but with extension of (TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-3 = same as TST31-3 but with extension of (TST1*-11, TST1*-21, TST1*-31, TST1*-41, TST1*-51, + TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-4 = same as TST31-4 but with extension of (TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-5 = same as TST31-5 but with extension of (TST1*-11, TST1*-21, TST1*-31, TST1*-41, TST1*-51, + TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-6 = same as TST31-6 but with extension of (TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-7 = same as TST31-7 but with extension of (TST1*-11, TST1*-21, TST1*-31, TST1*-41, TST1*-51, + TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) + +//////////////////////////// + +TST42(group) => FTR02-b1 + [check if the lowest-numbered PMP CSRs must be programmed for higher-numbered ones to be taken into account in PMP checks] +TST42-1 = extension of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +[configure only one (any, but the first one) PMP entry + - execute the chosen kind of access several times + - check no access-fault exception] +TST42-2 = extension of compatible pair of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses several times + - check no access-fault exception] +TST42-3 = extension of compatible group(N) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute all the kinds of accesses several times + - check no access-fault exception] + +//////////////////////////// + +TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] +TST51-1 +[configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +TST51-2 +[configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] + +// //IMPOSSIBLE TO IMPLEMENT (4-BYTE GRANUARITY) => FTR09-a +// [implement checks for priority: +// for each access length (1byte, 2bytes, 3bytes or 4bytes) +// for each byte position on the 32bits bus +// for each kind of permissions/mode access settings +// - set a low-numbered any-single-byte-address-matching PMP entry with non-matching permissions/mode settings +// - set a higher-numbered all-bytes-address-matching PMP entry with matching permissions/mode settings +// - set intermediate-numbered not-all-bytes-address-matching PMP entries with matching permissions/mode settings +// - NB: can be randomized +// - check the accesses fail (so reaching the low-numbered any-single-byte-address-matching PMP entry) +// for each access length (1byte, 2bytes, 3bytes or 4bytes) +// for each byte position on the 32bits bus +// for each kind of permissions/mode access settings +// - set a low-numbered all-bytes-address-matching PMP entry with matching permissions/mode settings +// - set a higher-numbered any-single-byte-address-matching PMP entry with non-matching permissions/mode settings +// - set intermediate-numbered not-all-bytes-address-matching PMP entries with non-matching permissions/mode settings +// - NB: can be randomized +// - check the accesses pass (so reaching the low-numbered all-bytes-address-matching PMP entry)] + +// //IMPOSSIBLE TO IMPLEMENT (4-BYTE GRANUARITY) => FTR09-b and FTR09-c +// [check access fails if only part of the access bytes are matching the PMP entry whatever the permissions and the mode] +// for each access length (1byte, 2bytes, 3bytes or 4bytes) +// for each byte position on the 32bits bus +// for each kind of permissions/mode access settings +// - set a low-numbered all-bytes-address-matching PMP entry with non-matching permissions/mode settings +// - set a higher-numbered any-single-byte-address-matching PMP entry with matching permissions/mode settings +// - set intermediate-numbered not-all-bytes-address-matching PMP entries with matching permissions/mode settings +// - NB: can be randomized +// - check the accesses fail] + +//////////////////////////// + +TST61 => FTR10-a +[check multiple-accesses instructions not generating any access-fault exceptions] + +TST62 +[check multiple-accesses instructions generating access-fault exceptions with only one non-matching access] + +TST63 +[check multiple-accesses instructions generating access-fault exceptions with multiple non-matching accesses] + +TST64 +[create scenario where instruction-associated multiple accesses are not mutually atomic] //TODO: UNDERSTAND THE MEANING + +//TST65 => FTR10-c +[create scenario with misaligned loads, stores, and instruction fetches generating multiple accesses for which: + - access-fault exception occurs at 1st, 2nd, … last access + - other accesses succeed] +[if floating-point is enabled, create scenario for floating-point store wider than XLEN bits (e.g. FSD instruction) + + + diff --git a/verif/docs/VerifPlans/PMP/pmp_verif_plan_features.txt b/verif/docs/VerifPlans/PMP/pmp_verif_plan_features.txt new file mode 100644 index 000000000..520e0d999 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/pmp_verif_plan_features.txt @@ -0,0 +1,224 @@ + + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +-19-FTR01 + +FTR01-a +[PMP allows physical memory access privileges (read, write, execute) to be specified for each physical memory region] + +FTR01-b +[the standard PMP encoding supports regions as small as four bytes.] + +FTR01-c +[Certain regions’ privileges can be hardwired: so only ever be visible in machine mode but in no lower-privilege layers.] +FTR01-c-extended +[PMP regions hardwired privileges can only be observed in M-mode] + +FTR01-d +[PMP checks are applied to all accesses whose effective privilege mode is S or U] + +FTR01-e +[PMP checks are also applied to page-table accesses for virtual-address translation, for which the effective privilege mode is S] + +FTR01-f (refers to FTR08-e1) +[PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + +FTR01-g1 +[by default (PMP entry not yet configured), S and U modes have no PMP permissions] +FTR01-g2 +[by default (PMP entry not yet configured), M-mode has full permissions.] + +FTR01-h +[PMP violations are always trapped precisely at the processor] + +//////////////////////////// +-21-FTR02 + +FTR02-a +[Up to 64 PMP entries are supported] + +FTR02-b1 +[the lowest-numbered PMP CSRs must be implemented first (does it mean programmed first)] +FTR02-b2 +[All PMP CSR fields are WARL and may be read-only zero (does read-only zero mean not implemented?)] + +FTR02-d +[PMP CSRs are only accessible to M-mode] + +FTR02-e +[2 CSRs, pmpcfg0–pmpcfg1, hold the configurations pmp0cfg–pmp7cfg for the 8 PMP entries] + + +//////////////////////////// +-23-FTR03 + +FTR03-a +[Each PMP address register encodes bits 33–2 of a 34-bit physical address] + +FTR03-b (NOT TOTALLY UNDERSTOOD!!!) +[Not all physical address bits may be implemented, and so the pmpaddr registers are WARL] + +//////////////////////////// +-25-FTR04 + +FTR04-a +[The R, W, and X fields form a collective WARL field for which the combinations with R=0 and W=1 are reserved.] + +FTR04-b +[Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + +FTR04-c +[Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + +FTR04-d +[Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + +FTR04-e +[if MXLEN is changed, the contents of the pmp(x)cfg fields are preserved, but appear in the pmpcfg(y) CSR prescribed by the new setting of MXLEN] +FTR04-e-assumption +[we assume MXLEN is always 32bits] + +//////////////////////////// +-27-FTR05 + +FTR05-a +[The A field in a PMP entry’s configuration register encodes the address-matching mode of the associated PMP address register] +[When A=OFF, this PMP entry is disabled and matches no addresses] +[When A=TOR, top boundary of an arbitrary range] +[When A=NA4, naturally aligned four-byte regions] +[When A=NAPOT, naturally aligned power-of-2 regions] +[These modes support four-bytes granularity] + +//////////////////////////// +-28-FTR06 + +FTR06-a +[If PMP entry i’s A field is set to TOR, the entry matches any address y such that pmpaddr(i−1) ≤ y < pmpaddr(i) (irrespective of the value of pmpcfg(i−1))] + +FTR06-b +[If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0)] + +FTR06-c +[If pmpaddr(i−1) ≥ pmpaddr(i) and pmpcfg(i).A=TOR, then PMP entry i matches no addresses] + +//////////////////////////// +-30-FTR07 + +FTR07-a +[Although the PMP mechanism supports regions as small as 4 bytes, platforms may specify coarser PMP regions] +[the PMP grain is 2^(G+2) bytes and must be the same across all PMP regions] + +FTR07-b +[Software may determine the PMP granularity by writing zero to pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). If G is the index of the least-significant bit set, the PMP granularity is 2^(G+2) bytes] + +FTR07-c +[If the current XLEN is greater than MXLEN, the PMP address registers are zero-extended from MXLEN to XLEN bits for the purposes of address matching] +FTR07-c-assumption +[we assume XLEN=MXLEN=32 bits] + +//////////////////////////// +-32-FTR08 + +FTR08-a +[The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored] +[If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored] + +FTR08-b +[Locked PMP entries remain locked until the hart is reset] + +FTR08-c +[if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored] + +FTR08-d +[Setting the L bit locks the PMP entry even when the A field is set to OFF] + +FTR08-e +[L bit indicates whether the R/W/X permissions are enforced on M-mode accesses] +FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) +[When the L bit is set, these permissions are enforced for all privilege modes] +FTR08-e2-1 (refers to FTR09-d1) +[When the L bit is clear, any M-mode access matching the PMP entry will succeed] +FTR08-e2-2 (refers to FTR09-d2-2) +[When the L bit is clear, the R/W/X permissions apply only to S and U modes] + +//////////////////////////// +-34-FTR09 + +FTR09-a +[PMP entries are statically prioritized] +[The lowest-numbered PMP entry that matches any byte of an access determines whether that access succeeds or fails] + +FTR09-b +[The matching PMP entry must match all bytes of an access, or the access fails, irrespective of the L, R, W, and X bits] + +FTR09-c +[If a PMP entry matches all bytes of an access, then the L, R, W, and X bits determine whether the access succeeds or fails] + +FTR09-d1 (refers to FTR08-e2-1) +[If the L bit is clear and the privilege mode of the access is M, the access succeeds] +FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) +[if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] +FTR09-d2-2 (L=0 refers to FTR08-e2-2) +[if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + +FTR09-e +[If no PMP entry matches an M-mode access, the access succeeds] +FTR09-e-question +[what happens if no PMP entry is implemented ?] + +FTR09-f +[If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails] +FTR09-f-question +[what happens if no PMP entry is implemented ?] + +FTR09-g +[If at least one PMP entry is implemented, but all PMP entries’ A fields are set to OFF, then all S-mode and U-mode memory accesses will fail] +FTR09-g-question (same as FTR09-f-question if 'memory access' is no different matter) +[what happens if no PMP entry is implemented ?] + +question are the pmpaddr(i) aligned to 4bytes ? + - NA4: naturally aligned four-byte regions + - NAPOT: naturally aligned power-of-2 regions + - TOR: + These modes support four-byte granularity + Each PMP address register encodes bits 33–2 of a 34-bit physical address for RV32 + +//////////////////////////// +-36-FTR10 + +FTR10-a +[An access-fault exception is generated if at least one access generated by an instruction fails, though other accesses generated by that instruction may succeed with visible side effects] + +FTR10-b +[instructions that reference virtual memory are decomposed into multiple accesses] +FTR10-b-assumption +[we assume no virtual memory is implemented] +[we assume page-based virtual memory is not implemented] + +FTR10-c +[misaligned loads, stores, and instruction fetches may also be decomposed into multiple accesses, some of which may succeed before an access-fault exception occurs] + +//////////////////////////// +-38-FTR11 +FTR11-assumption +[we assume no virtual memory is implemented] +[we assume page-based virtual memory is not implemented] + +FTR11-a +[instructions that access virtual memory may result in multiple physical-memory accesses, including implicit references to the page tables. The PMP checks apply to all of these accesses] + +FTR11-b +[The effective privilege mode for implicit page-table accesses is S] + +FTR11-c +[The PMP settings for the resulting physical address may be checked (and possibly cached) at any point between the address +translation and the explicit memory access] + +FTR11-d +[when the PMP settings are modified, M-mode software must synchronize the PMP settings with the virtual memory system and any PMP or address-translation caches] + +FTR11-e +[If page-based virtual memory is not implemented, memory accesses check the PMP settings synchronously, so no SFENCE.VMA is needed] + + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// diff --git a/verif/docs/VerifPlans/PMP/runme.sh b/verif/docs/VerifPlans/PMP/runme.sh new file mode 100644 index 000000000..08508cfb8 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/runme.sh @@ -0,0 +1,34 @@ +############################################################################# +# Copyright (C) 2022 Thales DIS France SAS +# +# SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0. +# +# Original Author: Zbigniew Chamski (zbigniew.chamski@thalesgroup.com) +############################################################################# +#!/bin/sh + +# Location of project-specific directories +ROOTDIR=`readlink -f $(dirname "${BASH_SOURCE[0]}")` + +# Set up platform location. It can be anywhere but should contain +# a valid `vp_config.py` file in `vptool` directory. +# Here we use the verification tree from the example directory. +export PLATFORM_TOP_DIR="$ROOTDIR" + +# Set the printable name for the project that will be used +# in the human-readable documentation. +export PROJECT_NAME="PMP" + +# Set the alphanumerical identifier of the project that +# will be used to construct file names etc. +export PROJECT_IDENT="PMP" + +# Set the destination directory of Markdown files for this project. +# Since it will be used by VPTOOL, it shall NOT be a relative path. +export MARKDOWN_OUTPUT_DIR=`readlink -f "$ROOTDIR/../source"` + +# Run VPTOOL overriding the default theme from Yaml config with 'winxpblue'. +# FIXME: Introduce a suitably named shell variable that points to the root +# directory of the tool set (TOOL_TOP etc.) +# FORNOW use a hardcoded relative path. +sh $ROOTDIR/../../../core-v-verif/tools/vptool/vptool.sh $* diff --git a/verif/docs/VerifPlans/source/dvplan_PMP.md b/verif/docs/VerifPlans/source/dvplan_PMP.md new file mode 100644 index 000000000..4a91a19d0 --- /dev/null +++ b/verif/docs/VerifPlans/source/dvplan_PMP.md @@ -0,0 +1,16607 @@ +# Module: PMP + +## Feature: TRISTAN Restrictions + +### Sub-feature: 000_general + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + the verif plan is written for 32bits architecture only +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S000_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_number of harts + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + there is only 1 hart in cv32a6 +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_mxlen + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + MXLEN is always 32bits +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 003_xlen + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + XLEN=MXLEN=32, so the PMP address registers are XLEN bits long, so no zero-extension needed +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S003_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 004_granularity + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + PMP granularity is 8 bytes (G=1), but the verif plan is written to take G=0 into account (NA4) +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S004_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 005_number of pmp entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + there are 8 HW implemented PMP entries +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S005_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 006_hardwired regions + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + none of the 8 PMP entries is hardwired privileges +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S006_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 007_virtual memory + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + no virtual memory is implemented + as a consequence no page-based virtual memory is implemented +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S007_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 008_physical memory regions + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + the list of all physical memory regions + - system memory regions + - I-$ + - D-$ + - I-scratchpad (preload mode) + - I-scratchpad (functional mode) + - D-scratchpad + - ahb_periph +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S008_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 009_pmp entry disabling + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + we assume an already written PMP entry (i) can be disabled + - if L=0, by clearing pmpcfg(i) + - if L=1, only by hart reset +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S009_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 010_access-faults (violations) + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + The testbench/testcases architecture ensures that: + - any time there is an access-fault type, we check it matches the related access-type + - all violations are trapped at the processor + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP violations are always trapped precisely at the processor +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S010_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 011_testcases modularity + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + The verif plan is written assuming there is a way (like SystemVerilog interaction): + - to factorize the testcases in code blocks (in particular configuration code block and access code block) + - to randomize the code blocks data and addresses + - to randomize the sequence of code blocks +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S011_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 012_access types + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + at the time of writing, + the verif plan makes no distinction between load and load-reserved instructions. they are gathered in the same access type, subtleties unknown + the verif plan makes no distinction between store, store-conditional, and AMO instructions. they are gathered in the same access type, subtleties unknown +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S012_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 013_multiple accesses instructions + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + we assume there is no added value to test multiple accesses instructions +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S013_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 014_misaligned instructions + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + we assume that instructions are mandatorily aligned +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S014_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +## Feature: PMP granularity + +### Sub-feature: 000_granularity_check + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + + Software may determine the PMP granularity by writing zero to pmp0cfg, then writing all ones to pmpaddr0, then reading back pmpaddr0. + If G is the index of the least-signicant bit set, the PMP granularity is 2G+2 bytes. +* **Verification Goals** + + determine the PMP granularity 2^(G+2) bytes by writing zero to pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). G is the index G of the least-significant bit set +* **Pass/Fail Criteria:** Other +* **Test Type:** Directed Non-SelfChk +* **Coverage Method:** Testcase +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F001_S000_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR07-b + Software may determine the PMP granularity by writing zero to pmp0cfg, then writing all ones to pmpaddr0, then reading back pmpaddr0. + If G is the index of the least-signicant bit set, the PMP granularity is 2G+2 bytes. + + + TST01 (HIGH-PRIO) => FTR07-b + [determine the PMP granularity 2^(G+2) bytes by writing zero to pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). G is the index G of the least-significant bit set] +## Feature: CSRs M-mode only + +### Sub-feature: 000_configure_1_pmp_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + PMP CSRs are only accessible to M-mode +* **Verification Goals** + + configure 1 PMP entry (i) (the 1st one), + - check for each PMP entry (i) reset value (read zero) by reading in M mode + - check for each PMP entry (i) that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for each PMP entry (i) that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for each PMP entry (i) that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F002_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST02-1 (HIGH-PRIO) + [configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first one): with L=0, + - if possible, the PMP entry number is a configurable parameter + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 001_configure_2_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + PMP CSRs are only accessible to M-mode +* **Verification Goals** + + configure 2 PMP entries (the 2 first ones in incrementing order), + - reuse of VP_PMP_F002_S001_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F002_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST02-2 (LOW-PRIO) = 2 times reuse/call of TST02-1 + [configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 002_configure_N_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + PMP CSRs are only accessible to M-mode +* **Verification Goals** + + configure N PMP entries (the N first ones in incrementing order), + - reuse of VP_PMP_F002_S001_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F002_S003_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST02-3 (LOW-PRIO) = N times reuse/call of TST02-1 + [configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): all with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 003_configure_8_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + PMP CSRs are only accessible to M-mode +* **Verification Goals** + + configure all 8 PMP entries (in incrementing order), + - reuse of VP_PMP_F002_S001_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F002_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST02-4 (HIGH-PRIO) = 8 times reuse/call of TST02-1 + [configure 8 PMP entries: all with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +## Feature: CSRs locked access + +### Sub-feature: 000_configure_1_pmp_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure 1 PMP entry (the 1st one) with L=1, + - write PMP entry (i) with L=1 in M-mode + - A is random, should also be tried with A=OFF when L=1 (to cover feature above) + - check PMP entry (i) written value in M-mode + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked (M-mode check only) + - also check for PMP entry (i) where L=1 and pmp(i)cfg.A=TOR that pmpaddr(i-1) is effectively locked + - apply hart reset + - check for PMP entry (i) reset value (read zero) by reading in M mode + - write PMP entry (i) in M-mode + - check PMP entry (i) written value in M-mode + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, (L) value is a configurable parameter + - so the same sub-functions are reused with varying (i) and (L) parameters +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-1 (HIGH-PRIO) + [configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first one): with L=1, + - if possible, the PMP entry number is a configurable parameter + - if possible, L value is a configurable parameter + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 001_configure_2_pmp_entries_L1 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure 2 PMP entries (the 2 first ones in incrementing order) with L=1, + - reuse of VP_PMP_F003_S001_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-2 (LOW-PRIO) = 2 times reuse/call of TST02-1 + [configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=1, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 002_configure_2_pmp_entries_L0_L1 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure 2 PMP entries (the 2 first ones in incrementing order) at least one with L=1 and one with L=0, + - write PMP entry (i) with L=0/1 in M-mode + - A is random, should also be tried with A=OFF when L=1 (to cover feature above) + - check PMP entry (i) written value in M-mode + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable in M mode (read back the written value in M mode) + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked (M-mode check only) + - also check for PMP entry (i) where L=1 and pmp(i)cfg.A=TOR that pmpaddr(i-1) is effectively locked + - apply hart reset + - check for PMP entry (i) reset value (read zero) by reading in M mode + - write PMP entry (i) in M-mode + - check PMP entry (i) written value in M-mode + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, (L) value is a configurable parameter + - so the same sub-functions are reused with varying (i) and (L) parameters +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S003_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-3 (HIGH-PRIO) = 2 times reuse/call of TST02-1 + [configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 003_configure_N_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure N PMP entries (the N first ones in incrementing order) at least one with L=1 and one with L=0, + - reuse of VP_PMP_F003_S003_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-4 (LOW-PRIO) = N times reuse/call of TST02-1 + [configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 004_configure_8_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure all 8 PMP entries (in incrementing order) at least one with L=1 and one with L=0, + - reuse of VP_PMP_F003_S003_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S005_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-5 (HIGH-PRIO) = 8 times reuse/call of TST02-1 + [configure 8 PMP entries: at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +## Feature: CSRs programming order + +### Sub-feature: 000_configure_1_pmp_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first) + All PMP CSR fields are WARL and may be read-only zero (QUESTION: does read-only zero mean not implemented?) +* **Verification Goals** + + configure any PMP entry (i), but the first one + - reuse of VP_PMP_F003_S003_I000 sequence (Feature: "CSRs locked access") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F004_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] + + TST04-1 (LOW-PRIO) extends TST02-1 + [configure any PMP entry, but the first one + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +### Sub-feature: 001_configure_2_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first) + All PMP CSR fields are WARL and may be read-only zero (QUESTION: does read-only zero mean not implemented?) +* **Verification Goals** + + configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - reuse of VP_PMP_F003_S003_I000 sequence (Feature: "CSRs locked access") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F004_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] + + TST04-2 (HIGH-PRIO) extends TST02-2 + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +### Sub-feature: 002_configure_N_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first) + All PMP CSR fields are WARL and may be read-only zero (QUESTION: does read-only zero mean not implemented?) +* **Verification Goals** + + configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - reuse of VP_PMP_F003_S003_I000 sequence (Feature: "CSRs locked access") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F004_S003_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] + + TST04-3 (LOW-PRIO) extends TST02-3 + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +### Sub-feature: 003_configure_8_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first) + All PMP CSR fields are WARL and may be read-only zero (QUESTION: does read-only zero mean not implemented?) +* **Verification Goals** + + configure all 8 PMP entries (highest-numbered ones first) + - reuse of VP_PMP_F003_S003_I000 sequence (Feature: "CSRs locked access") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F004_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] + + TST04-4 (HIGH-PRIO) extends TST02-4 + [configure 8 PMP entries (highest-numbered ones first) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] +## Feature: CSRs Hardwired regions + +### Sub-feature: 000_access with L=0 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + Certain regions’ privileges can be hardwired: so only ever be visible in machine mode but in no lower-privilege layers. + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + Implementations may implement zero, 16, or 64 PMP CSRs + + {https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html} + A maximum of 16 PMP entries are supported. + All PMP CSRs are always implemented, but CSRs (or bitfields of CSRs) related to PMP entries with number CVA6Cfg.NrPMPEntries and above are hardwired to zero. + + TRISTAN + 8 PMP entries are implemented +* **Verification Goals** + + configure the first 8 PMP entries with L=0 + - for each PMP entry (i), check several times that pmp(i)cfg and pmpaddr(i) can be written and can be read back exactly the same (in M-mode) + + for the last 8 PMP entries, check that pmp(i)cfg and pmpaddr(i) always read zero after being written (in M-mode with L=0) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F005_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST05 => FTR01-c and FTR01-c-extended + [check all regions are configurable in M-mode to make sure none is hardwired] + [regions hardwired privileges might only ever be visible in M-mode] + + TST05-1 (HIGH-PRIO) extends TST02-4 + - check the written pmp(i)cfg and pmpaddr(i) values can be read exactly the same as written +### Sub-feature: 001_access with L=1 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + Certain regions’ privileges can be hardwired: so only ever be visible in machine mode but in no lower-privilege layers. + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + Implementations may implement zero, 16, or 64 PMP CSRs + + {https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html} + A maximum of 16 PMP entries are supported. + All PMP CSRs are always implemented, but CSRs (or bitfields of CSRs) related to PMP entries with number CVA6Cfg.NrPMPEntries and above are hardwired to zero. + + TRISTAN + 8 PMP entries are implemented +* **Verification Goals** + + configure the first 8 PMP entries with L=1 + - for each PMP entry (i), check once that pmp(i)cfg and pmpaddr(i) can be written and can be read back exactly the same (in M-mode) + - apply hart reset + - for each PMP entry (i), check once that pmp(i)cfg and pmpaddr(i) can be written and can be read back exactly the same (in M-mode) + + for the last 8 PMP entries, check that pmp(i)cfg and pmpaddr(i) always read zero after being written (in M-mode with L=1) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F005_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST05 => FTR01-c and FTR01-c-extended + [check all regions are configurable in M-mode to make sure none is hardwired] + [regions hardwired privileges might only ever be visible in M-mode] + + TST05-2 (LOW-PRIO) extends TST03-5 + - check the written pmp(i)cfg and pmpaddr(i) values can be read exactly the same as written (before hart reset) +## Feature: CSRs reserved values + +### Sub-feature: 000_access with L=0 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + + The R, W, and X fields form a collective WARL field for which the combinations with R=0 and W=1 are reserved. +* **Verification Goals** + + repeat following sequence several times on some PMP entries + - write totally random values to pmp(i)cfg and pmpaddr(i), but with L=0 + - check all pmp(i)cfg and pmpaddr(i) can be read back exactly the same as written except: + - except with the reserved combinations [R=0 and W=1] + - except with A=NA4 which must not be selectable as G>0 +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F006_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST06 => FTR04-a + [PMP CSR fields are WARL: PMP entry combinations with R=0 and W=1 are reserved/can’t be read] + [permissions fields could be randomly written; should we try randomization ?] + + TST06-1 (HIGH-PRIO) extends TST02-4 + - write totally random values to pmp(i)cfg and pmpaddr(i) + - check all pmp(i)cfg and pmpaddr(i) can be read exactly the same as written except for the reserved combinations with R=0 and W=1 +### Sub-feature: 001_access with L=1 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + + The R, W, and X fields form a collective WARL field for which the combinations with R=0 and W=1 are reserved. +* **Verification Goals** + + repeat following sequence several times on some PMP entries + - write totally random values to pmp(i)cfg and pmpaddr(i), but with L=1 + - check all pmp(i)cfg and pmpaddr(i) can be read back exactly the same as written: + - except with the reserved combinations [R=0 and W=1] + - except with A=NA4 which must not be selectable as G>0 + - apply hart reset +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F006_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST06 => FTR04-a + [PMP CSR fields are WARL: PMP entry combinations with R=0 and W=1 are reserved/can’t be read] + [permissions fields could be randomly written; should we try randomization ?] + + TST06-2 (LOW-PRIO) extends TST03-5 + - write totally random values to pmp(i)cfg and pmpaddr(i) + - check all pmp(i)cfg and pmpaddr(i) can be read exactly the same as written except for the reserved combinations with R=0 and W=1 (before hart reset) +## Feature: no cfg matching/defined + +### Sub-feature: 000_no matching entry - M mode access + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + + If no PMP entry matches an M-mode access, the access succeeds +* **Verification Goals** + + check M-mode access succeeds if no PMP entry matches +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F010_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR09-e + [If no PMP entry matches an M-mode access, the access succeeds] + + TST10-1 (HIGH-PRIO) => FTR09-e + [check M-mode access succeeds if no PMP entry matches] +### Sub-feature: 001_no defined entry - M mode access + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + + If no PMP entry matches an M-mode access, the access succeeds + QUESTION: what happens if no PMP entry is implemented ? + ASSUMPTION: access succeeds +* **Verification Goals** + + check M-mode access succeeds if no PMP entry defined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F010_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR09-e-question + [what happens if no PMP entry is implemented ?] + + TST10-2 (HIGH-PRIO) => FTR09-e-question + [check M-mode access succeeds if no PMP entry defined] +### Sub-feature: 002_no matching entry - S/U mode access + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + + If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails +* **Verification Goals** + + check S or U mode access fails when no PMP entry matching and at least one PMP entry implemented +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F010_S003_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR09-f + [If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails] + + TST10-3 (HIGH-PRIO) => FTR09-f + [check S or U mode access fails when no PMP entry matching and at least one PMP entry implemented] +### Sub-feature: 003_no defined entry - S/U mode access + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + + If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails + QUESTION: what happens if no PMP entry is implemented ? + ASSUMPTION: access fails +* **Verification Goals** + + check S or U mode access fails when no PMP entry implemented +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F010_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR09-f-question + [what happens if no PMP entry is implemented ?] + + TST10-4 (HIGH-PRIO) => FTR09-f-question + [check S or U mode access fails when no PMP entry implemented] +## Feature: cfg NA4 access S/U (G=0) + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access instruction fetch inside defined NA4 address range with execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S011_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-11 (HIGH-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception +* **Verification Goals** + + S or U mode single access instruction fetch inside defined NA4 address range without execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=0, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S012_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-12 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access instruction fetch from outside defined NA4 address range with execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from outside all PMP defined regions + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S013_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-13 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check instruction fetch access-fault exception raised] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access instruction fetch inside defined NA4 address range with execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S014_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-14 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception +* **Verification Goals** + + S or U mode single access instruction fetch inside defined NA4 address range without execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=0, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S015_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-15 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access instruction fetch from outside defined NA4 address range with execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from outside all PMP defined regions + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S016_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-16 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check instruction fetch access-fault exception raised] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S021_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-21 (HIGH-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S022_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-22 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S023_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-23 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S024_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-24 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S025_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-25 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S026_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-26 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S031_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-31 (HIGH-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S032_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-32 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S033_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-33 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S034_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-34 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S035_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-35 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S036_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-36 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S041_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-41 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S042_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-42 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S043_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-43 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S044_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-44 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S045_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-45 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S046_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-46 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S051_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-51 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S052_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-52 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S053_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-53 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S054_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-54 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S055_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-55 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S056_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-56 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +## Feature: cfg NA4 access M (G=0) + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access instruction fetch inside defined NA4 address range with execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S011_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-11 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access instruction fetch inside defined NA4 address range without execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=0, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S012_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-12 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access instruction fetch from outside defined NA4 address range with execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S013_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-13 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access instruction fetch inside defined NA4 address range with execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S014_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-14 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception +* **Verification Goals** + + M mode single access instruction fetch inside defined NA4 address range without execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=0, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S015_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-15 (MEDIUM-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access instruction fetch from outside defined NA4 address range with execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S016_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-16 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S021_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-21 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S022_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-22 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S023_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-23 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S024_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-24 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S025_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-25 (MEDIUM-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S026_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-26 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S031_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-31 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S032_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-32 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S033_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-33 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S034_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-34 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S035_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-35 (MEDIUM-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S036_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-36 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S041_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-41 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S042_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-42 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S043_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-43 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S044_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-44 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S045_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-45 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S046_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-46 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S051_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-51 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S052_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-52 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S053_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-53 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S054_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-54 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S055_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-55 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S056_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-56 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +## Feature: cfg NAPOT access S/U + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=NAPOT] +## Feature: cfg NAPOT access M + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=NAPOT] +## Feature: cfg TOR access S/U + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 030_fetch_L0_X1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S061_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-11 (LOW-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 031_fetch_L1_X1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S062_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 032_load_L0_R1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S063_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 033_load_L1_R1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S064_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 034_store_L0_W1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S065_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 035_store_L1_W1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S066_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +## Feature: cfg TOR access M + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 030_fetch_L0_X1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S061_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 031_fetch_L1_X1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S062_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-14 (LOW-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 032_load_L0_R1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S063_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-21 (HIGH-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 033_load_L1_R1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S064_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-24 (LOW-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 034_store_L0_W1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S065_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-31 (HIGH-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 035_store_L1_W1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S066_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-34 (LOW-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +## Feature: cfg OFF access S/U + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=OFF] +## Feature: cfg OFF access M + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=OFF] +## Feature: cfg NA4 not selectable + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S011_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S014_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S021_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 003_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S024_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 004_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S031_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 005_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S034_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 006_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S041_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S041_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S041_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 007_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S044_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S044_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S044_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 008_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S051_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S051_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S051_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 009_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S054_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S054_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S054_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 010_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S011_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 011_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S014_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 012_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S021_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 013_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S024_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 014_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S031_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S034_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 016_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S041_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S041_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S041_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 017_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S044_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S044_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S044_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 018_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S051_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S051_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S051_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 019_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S054_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S054_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S054_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +## Feature: multi entries NA4 + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NA4 access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST21-1 = extension of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) + [configure only one (any, but the first one) PMP entry + - use A=NA4 for the PMP entry configuration + - execute the chosen kind of access + - should be same result] +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F021_S001_I000 feature description (Cf. Feature: "multi entries NA4") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST21-2 = extension of compatible pair of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - use A=NA4 for each PMP entry configuration + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST21-3 = extension of compatible group(N) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - use A=NA4 for each PMP entry configuration + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +### Sub-feature: 003_8_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose all 8 PMP entries + + reuse of VP_PMP_F021_S001_I000 feature description (Cf. Feature: "multi entries NA4") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST21-4 = extension of compatible group(8) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) + [configure 8 PMP entries (highest-numbered ones first) + - use A=NA4 for each PMP entry configuration + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] +### Sub-feature: 004_2_intersecting_entries_fail + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NA4 access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should generate the access-type related access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S005_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-1 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +### Sub-feature: 005_2_intersecting_entries_succeed + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NA4 access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should not generate any access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S006_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-2 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] +## Feature: multi entries NAPOT + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NAPOT access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] + TST22-1 = extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) + [configure only one (any, but the first one) PMP entry + - use A=NAPOT for the PMP entry configuration + - execute the chosen kind of access + - should be same result] +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F022_S001_I000 feature description (Cf. Feature: "multi entries NAPOT") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] + TST22-2 = extension of compatible pair of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - use A=NAPOT for each PMP entry configuration + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] + TST22-3 = extension of compatible group(N) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - use A=NAPOT for each PMP entry configuration + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +### Sub-feature: 003_8_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose all 8 PMP entries + + reuse of VP_PMP_F022_S001_I000 feature description (Cf. Feature: "multi entries NAPOT") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Testcase +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] + TST22-4 = extension of compatible group(8) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) + [configure 8 PMP entries (highest-numbered ones first) + - use A=NAPOT for each PMP entry configuration + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] +### Sub-feature: 004_2_intersecting_entries_fail + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NAPOT access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should generate the access-type related access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S005_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-1 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +### Sub-feature: 005_2_intersecting_entries_succeed + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NAPOT access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should not generate any access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S006_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-2 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] +## Feature: multi entries TOR + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg TOR access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] + TST23-1 = extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) + [configure only one (any, but the first one) PMP entry + - execute the chosen kind of access + - should be same result] +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F023_S001_I000 feature description (Cf. Feature: "multi entries TOR") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] + TST23-2 = extension of compatible pair of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] + TST23-3 = extension of compatible group(N) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +### Sub-feature: 003_8_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose all 8 PMP entries + + reuse of VP_PMP_F023_S001_I000 feature description (Cf. Feature: "multi entries TOR") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] + TST23-4 = extension of compatible group(8) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) + [configure 8 PMP entries (highest-numbered ones first) + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] +### Sub-feature: 004_2_intersecting_entries_fail + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg TOR access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should generate the access-type related access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S005_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-1 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +### Sub-feature: 005_2_intersecting_entries_succeed + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg TOR access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should not generate any access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S006_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-2 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] +## Feature: multi entries OFF + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg OFF access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F024_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g + TST24-1 = extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? + [configure only one (any, but the first one) PMP entry + - execute the chosen kind of access + - check appropriate access-fault exception raised] +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F024_S001_I000 feature description (Cf. Feature: "multi entries OFF") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F024_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g + TST24-2 = extension of compatible pair of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses (if possible to chain due to access-fault) + - check 2 appropriate access-fault exceptions raised] +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g + TST24-3 = extension of compatible group(N) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute the N kinds of accesses (if possible to chain due to access-fault) + - check N appropriate access-fault exceptions raised] +### Sub-feature: 003_8_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose all 8 PMP entries + + reuse of VP_PMP_F024_S001_I000 feature description (Cf. Feature: "multi entries OFF") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F024_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g + TST24-4 = extension of compatible group(8) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? + [configure 8 PMP entries (highest-numbered ones first) + - execute the 8 kinds of accesses (if possible to chain due to access-fault) + - check 8 appropriate access-fault exceptions raised] +## Feature: multi entries ALL + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F025_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F025_S001_I000 feature description (Cf. Feature: "multi entries ALL") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F025_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-1 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +### Sub-feature: 005_2_intersecting_entries_succeed + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should not generate any access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F025_S006_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-2 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] +## Feature: entry reconfiguration + +### Sub-feature: 000_reconfigure_N_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of feature descriptions (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + reuse of feature descriptions (Cf. Feature: "CSRs M-mode only") + reuse of feature descriptions (Cf. Feature: "CSRs locked access") + reuse of feature descriptions (Cf. Feature: "multi entries NA4/NAPOT/TOR/OFF") +* **Verification Goals** + + configure any N PMP entries, possibly some with L=1 + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + RECONFIGURATION and ACCESS + - for each pmp entry with L=0, apply any other CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + RESET + - if there is any pmp entry with L=1, apply hart reset (or only PMP reset if possible) + - and restart with CONFIGURATION and RESET + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F031_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + diff --git a/verif/regress/pmp_cv32a65x_tests.sh b/verif/regress/pmp_cv32a65x_tests.sh new file mode 100644 index 000000000..6d3693695 --- /dev/null +++ b/verif/regress/pmp_cv32a65x_tests.sh @@ -0,0 +1,278 @@ +##----------------------------------------------------------------------------- +## Copyright 2024 Robert Bosch GmbH +## +## SPDX-License-Identifier: SHL-0.51 +## +## Original Author: Konstantinos Leventos - Robert Bosch France SAS +##----------------------------------------------------------------------------- + + +# Where the tools are +if ! [ -n "$RISCV" ]; then + echo "Error: RISCV variable undefined" + return +fi + +# Install the required tools +source ./verif/regress/install-verilator.sh + +# Setup sim env +source ./verif/sim/setup-env.sh + + +if ! [ -n "$DV_SIMULATORS" ]; then + DV_SIMULATORS=vcs-uvm +fi + +if ! [ -n "$UVM_VERBOSITY" ]; then + UVM_VERBOSITY=UVM_NONE +fi + +SIMUENV_VCS_TESTHARNESS=`echo $DV_SIMULATORS | grep -c vcs-testharness` +SIMUENV_VCS_UVM=`echo $DV_SIMULATORS | grep -c vcs-uvm` +SIMUENV_XRUN_UVM=`echo $DV_SIMULATORS | grep -c xrun-uvm` +SIMULATOR_VCS=`echo $DV_SIMULATORS | grep -c vcs` +SIMULATOR_XRUN=`echo $DV_SIMULATORS | grep -c xrun` + +export DV_OPTS="$DV_OPTS" +export DV_OPTS="$DV_OPTS --iss_timeout 2000" + +if [ $SIMULATOR_VCS == 1 ]; then + export ISSCOMP_OPTS="$ISSCOMP_OPTS -debug_access+r" +fi + +export ISSRUN_OPTS="$ISSRUN_OPTS +debug_disable=1" +export ISSRUN_OPTS="$ISSRUN_OPTS +UVM_VERBOSITY=$UVM_VERBOSITY" + +if [ $SIMULATOR_XRUN == 1 ]; then + export ISSRUN_OPTS="$ISSRUN_OPTS -gui" +fi + +export SPIKE_PARAMS="--help" + +export DEBUG_FILE="" + +TEST_TARGET="#cv32a65x#" + +cd verif/sim/ + + +# ------------------------------------------------------------------------------ +#1# pmp_cv32a65x_granularity_test.S on cv32a65x + +echo "running #1# pmp_cv32a65x_granularity_test.S on cv32a65x with $DV_SIMULATORS" + +python3 cva6.py \ + --target cv32a65x \ + --iss_yaml=cva6.yaml \ + --iss=$DV_SIMULATORS \ + --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_granularity_test.S \ + --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ + --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ + -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ + -I../tests/custom/env -I../tests/custom/common" \ + $DV_OPTS \ + --debug="$DEBUG_FILE" \ + --spike_params="$SPIKE_PARAMS" \ + --issrun_opts="$ISSRUN_OPTS" \ + --isscomp_opts="$ISSCOMP_OPTS" + +make -C ../.. clean +make clean_all + + +# ------------------------------------------------------------------------------ +#2# pmp_cv32a65x_exact_csrr_test.S on cv32a65x + +echo "running #2# pmp_cv32a65x_exact_csrr_test.S on cv32a65x with $DV_SIMULATORS" + +python3 cva6.py \ + --target cv32a65x \ + --iss_yaml=cva6.yaml \ + --iss=$DV_SIMULATORS \ + --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_exact_csrr_test.S \ + --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ + --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ + -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ + -I../tests/custom/env -I../tests/custom/common" \ + $DV_OPTS \ + --debug="$DEBUG_FILE" \ + --spike_params="$SPIKE_PARAMS" \ + --issrun_opts="$ISSRUN_OPTS" \ + --isscomp_opts="$ISSCOMP_OPTS" + +make -C ../.. clean +make clean_all + +# ------------------------------------------------------------------------------ +#3# pmp_cv32a65x_lsu_tor_test.S on cv32a65x + +echo "running #3# pmp_cv32a65x_lsu_tor_test.S on cv32a65x with $DV_SIMULATORS" + +python3 cva6.py \ + --target cv32a65x \ + --iss_yaml=cva6.yaml \ + --iss=$DV_SIMULATORS \ + --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_tor_test.S \ + --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ + --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ + -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ + -I../tests/custom/env -I../tests/custom/common" \ + $DV_OPTS \ + --debug="$DEBUG_FILE" \ + --spike_params="$SPIKE_PARAMS" \ + --issrun_opts="$ISSRUN_OPTS" \ + --isscomp_opts="$ISSCOMP_OPTS" + +make -C ../.. clean +make clean_all + + + +## ------------------------------------------------------------------------------ +##4# pmp_cv32a65x_lsu_napot_test.S not supported on cv32a65x config +# +#echo "running #4# pmp_cv32a65x_lsu_napot_test.S on cv32a65x with $DV_SIMULATORS" +# +#python3 cva6.py \ +# --target cv32a65x \ +# --iss_yaml=cva6.yaml \ +# --iss=$DV_SIMULATORS \ +# --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_napot_test.S \ +# --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ +# --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ +# -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ +# -I../tests/custom/env -I../tests/custom/common" \ +# $DV_OPTS \ +# --debug="$DEBUG_FILE" \ +# --spike_params="$SPIKE_PARAMS" \ +# --issrun_opts="$ISSRUN_OPTS" \ +# --isscomp_opts="$ISSCOMP_OPTS" +# +#make -C ../.. clean +#make clean_all + + + +# ------------------------------------------------------------------------------ +#5# pmp_cv32a65x_decreasing_entries_test.S on cv32a65x + +echo "running #5# pmp_cv32a65x_decreasing_entries_test.S on cv32a65x with $DV_SIMULATORS" + +python3 cva6.py \ + --target cv32a65x \ + --iss_yaml=cva6.yaml \ + --iss=$DV_SIMULATORS \ + --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_decreasing_entries_test.S \ + --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ + --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ + -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ + -I../tests/custom/env -I../tests/custom/common" \ + $DV_OPTS \ + --debug="$DEBUG_FILE" \ + --spike_params="$SPIKE_PARAMS" \ + --issrun_opts="$ISSRUN_OPTS" \ + --isscomp_opts="$ISSCOMP_OPTS" + +make -C ../.. clean +make clean_all + +# ------------------------------------------------------------------------------ +#6# pmp_cv32a65x_defined_matches_test.S is not supported on cv32a65x +# +#echo "running #6# pmp_cv32a65x_defined_matches_test.S on cv32a65x with $DV_SIMULATORS" +# +#python3 cva6.py \ +# --target cv32a65x \ +# --iss_yaml=cva6.yaml \ +# --iss=$DV_SIMULATORS \ +# --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_defined_matches_test.S \ +# --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ +# --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ +# -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ +# -I../tests/custom/env -I../tests/custom/common" \ +# $DV_OPTS \ +# --debug="$DEBUG_FILE" \ +# --spike_params="$SPIKE_PARAMS" \ +# --issrun_opts="$ISSRUN_OPTS" \ +# --isscomp_opts="$ISSCOMP_OPTS" +# +#make -C ../.. clean +#make clean_all + + + +## ------------------------------------------------------------------------------ +##7# pmp_cv32a65x_double_entries_test.S is not supported cv32a65x (uses NAPOT) +# +#echo "running #7# pmp_cv32a65x_double_entries_test.S on cv32a65x with $DV_SIMULATORS" +# +#python3 cva6.py \ +# --target cv32a65x \ +# --iss_yaml=cva6.yaml \ +# --iss=$DV_SIMULATORS \ +# --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_double_entries_test.S \ +# --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ +# --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ +# -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ +# -I../tests/custom/env -I../tests/custom/common" \ +# $DV_OPTS \ +# --debug="$DEBUG_FILE" \ +# --spike_params="$SPIKE_PARAMS" \ +# --issrun_opts="$ISSRUN_OPTS" \ +# --isscomp_opts="$ISSCOMP_OPTS" +# +#make -C ../.. clean +#make clean_all + + + +# ------------------------------------------------------------------------------ +##8# pmp_cv32a65x_locked_outside_napot_test.S not supported on cv32a65x +# +#echo "running #8# pmp_cv32a65x_locked_outside_napot_test.S on cv32a65x with $DV_SIMULATORS" +# +#python3 cva6.py \ +# --target cv32a65x \ +# --iss_yaml=cva6.yaml \ +# --iss=$DV_SIMULATORS \ +# --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_napot_test.S \ +# --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ +# --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ +# -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ +# -I../tests/custom/env -I../tests/custom/common" \ +# $DV_OPTS \ +# --debug="$DEBUG_FILE" \ +# --spike_params="$SPIKE_PARAMS" \ +# --issrun_opts="$ISSRUN_OPTS" \ +# --isscomp_opts="$ISSCOMP_OPTS" +# +#make -C ../.. clean +#make clean_all + +# ------------------------------------------------------------------------------ +#9# pmp_cv32a65x_locked_outside_tor_test.S on cv32a65x + +echo "running #9# pmp_cv32a65x_locked_outside_tor_test.S on cv32a65x with $DV_SIMULATORS" + +python3 cva6.py \ + --target cv32a65x \ + --iss_yaml=cva6.yaml \ + --iss=$DV_SIMULATORS \ + --asm_tests ../tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_tor_test.S \ + --linker=../../config/gen_from_riscv_config/cv32a65x/linker/link.ld \ + --gcc_opts="-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles \ + -g ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -lgcc \ + -I../tests/custom/env -I../tests/custom/common" \ + $DV_OPTS \ + --debug="$DEBUG_FILE" \ + --spike_params="$SPIKE_PARAMS" \ + --issrun_opts="$ISSRUN_OPTS" \ + --isscomp_opts="$ISSCOMP_OPTS" + +make -C ../.. clean +make clean_all + + + +cd - diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_decreasing_entries_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_decreasing_entries_test.S new file mode 100644 index 000000000..ad6f674b8 --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_decreasing_entries_test.S @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_decreasing_entries_test.S (TST04-4) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Configure PMP using decreasing entries of TOR. + + # From 0xB000_0000 to 0xC000_0000 Read-Write-Execute. + li t0, 0x30000000 + csrw pmpaddr7, t0 + + # From 0xA000_0000 to 0xB000_0000 Read-Write-Execute. + li t0, 0x2c000000 + csrw pmpaddr6, t0 + + # From 0x9000_0000 to 0xA000_0000 Read-Write-Execute. + li t0, 0x28000000 + csrw pmpaddr5, t0 + + # From 0x8000_0000 to 0x9000_0000 Read-Write-Execute. + li t0, 0x24000000 + csrw pmpaddr4, t0 + + # From 0x0002_0000 to 0x8000_0000 no Permissions. + li t0, 0x20000000 + csrw pmpaddr3, t0 + + # From 0x0001_0000 to 0x0002_0000 only Execute. + li t0, 0x00008000 + csrw pmpaddr2, t0 + + # From 0x0000_1000 to 0x0001_0000 no Permissions. + li t0, 0x00004000 + csrw pmpaddr1, t0 + + # From 0x0000_0000 to 0x0000_1000 only Execute. + li t0, 0x00000400 + csrw pmpaddr0, t0 + + + # Addr 4-7 configs, written in cfg1, with LOCK OFF, and TOR. + li t0, 0x0f0f0f0f + csrw pmpcfg1, t0 + + # Addr 0-3 configs, written in cfg0, with LOCK OFF, and TOR. + li t0, 0x080c080c + csrw pmpcfg0, t0 + + + # Do the READ-WRITE test. + + # Check 1 read-write test, at 0x8800_0000. + li t1, 0x88000000 + li t2, 0xEFFACED1 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 2 read-write test, at 0x9800_0000. + li t1, 0x98000000 + li t2, 0xACCEDED2 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 3 read-write test, at 0xA800_0000. + li t1, 0xA8000000 + li t2, 0xDEFACED3 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 4 read-write test, at 0xB800_0000. + li t1, 0xB8000000 + li t2, 0xDEC0DED4 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_defined_matches_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_defined_matches_test.S new file mode 100644 index 000000000..033e95e5b --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_defined_matches_test.S @@ -0,0 +1,48 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_defined_matches_test.S (TST10-1, TST10-2) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Check a Memory Access succeeds if no PMP entry is defined. + li t1, 0x90000000 + li t2, 0xC0D1F1ED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Set up a PMP entry using NAPOT, from 0x8000_0000 to 0xA0000_0000, Read-Write-Execute. + li t0, 0x0000001f + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + li t0, 0x23ffffff + csrw pmpaddr0, t0 + csrr t1, pmpaddr0 + bne t0, t1, fail + + # Check a memory access succeeds if no PMP entry matches. + li t1, 0xB0000000 + li t2, 0xCA5CADED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_double_entries_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_double_entries_test.S new file mode 100644 index 000000000..161abdc23 --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_double_entries_test.S @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_double_entries_test.S (TST04-2) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Set up PMP using NAPOT, from 0xB000_0000 to 0xC000_0000, Read-Write. + li t0, 0x001b0000 + csrw pmpcfg1, t0 + csrr t1, pmpcfg1 + bne t0, t1, fail + li t0, 0x2dffffff + csrw pmpaddr6, t0 + csrr t1, pmpaddr6 + bne t0, t1, fail + + # Set up PMP using NAPOT, from 0x8000_0000 to 0x9000_0000, Read-Write. + li t0, 0x001b0000 + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + li t0, 0x21ffffff + csrw pmpaddr2, t0 + csrr t1, pmpaddr2 + bne t0, t1, fail + + # Read-Write check in 0xB800_0000. + li t1, 0xB8000000 + li t2, 0xC0D1F1ED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Read-Write check in 0x8800_0000. + li t1, 0x88000000 + li t2, 0xCA5CADED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check that all other addr / cfg are zero. + csrr t0, pmpaddr0 + bne t0, zero, fail + csrr t0, pmpaddr1 + bne t0, zero, fail + csrr t0, pmpaddr3 + bne t0, zero, fail + csrr t0, pmpaddr4 + bne t0, zero, fail + csrr t0, pmpaddr5 + bne t0, zero, fail + csrr t0, pmpaddr7 + bne t0, zero, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_exact_csrr_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_exact_csrr_test.S new file mode 100644 index 000000000..1b6ad31bd --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_exact_csrr_test.S @@ -0,0 +1,99 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_exact_csrr_test.S (TST05-1) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Write in addresses and check what is written. + + # Checking PMP ADDR 0 + li t0, 0xFACADE00 + csrw pmpaddr0, t0 + csrr t1, pmpaddr0 + bne t0, t1, fail + csrw pmpaddr0, zero + + # Checking PMP ADDR 1 + li t0, 0xFACADE02 + csrw pmpaddr1, t0 + csrr t1, pmpaddr1 + bne t0, t1, fail + csrw pmpaddr1, zero + + # Checking PMP ADDR 2 + li t0, 0xFACADE04 + csrw pmpaddr2, t0 + csrr t1, pmpaddr2 + bne t0, t1, fail + csrw pmpaddr2, zero + + # Checking PMP ADDR 3 + li t0, 0xFACADE06 + csrw pmpaddr3, t0 + csrr t1, pmpaddr3 + bne t0, t1, fail + csrw pmpaddr3, zero + + # Checking PMP ADDR 4 + li t0, 0xFACADE08 + csrw pmpaddr4, t0 + csrr t1, pmpaddr4 + bne t0, t1, fail + csrw pmpaddr4, zero + + # Checking PMP ADDR 5 + li t0, 0xFACADE0A + csrw pmpaddr5, t0 + csrr t1, pmpaddr5 + bne t0, t1, fail + csrw pmpaddr5, zero + + # Checking PMP ADDR 6 + li t0, 0xFACADE0C + csrw pmpaddr6, t0 + csrr t1, pmpaddr6 + bne t0, t1, fail + csrw pmpaddr6, zero + + # Checking PMP ADDR 7 + li t0, 0xFACADE0E + csrw pmpaddr7, t0 + csrr t1, pmpaddr7 + bne t0, t1, fail + csrw pmpaddr7, zero + + + # Write in configurations and check what is written, except for the reserved combinations with R=0 and W=1. + + # Checking PMP CFG 0 + li t0, 0x01030304 + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + csrw pmpcfg0, zero + + # Checking PMP CFG 1 + li t0, 0x04050507 + csrw pmpcfg1, t0 + csrr t1, pmpcfg1 + bne t0, t1, fail + csrw pmpcfg1, zero + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_granularity_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_granularity_test.S new file mode 100644 index 000000000..2a8a27498 --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_granularity_test.S @@ -0,0 +1,44 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_granularity_test.S (TST01) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Configure PMP to find its granularity. + + # Write all zeroes in cfg0. + li t0, 0 + csrw pmpcfg0, t0 + + # Write all ones in addr0. + li t1, -1 + csrw pmpaddr0, t1 + + # Read the value back. + csrr t2, pmpaddr0 + + # Check for granularity 8 = 2^(1+2) <=> G = 1. + # As per: https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html + # Which states: The PMP grain is 2**G+2. Only a PMP granularity of 8 bytes (G=1) is supported in CVA6. + # And from the RISC-V Spec: G is the index of the least-significant bit set, the PMP granularity is 2^(G+2) bytes. + li t3, 0xFFFFFFFE + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_napot_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_napot_test.S new file mode 100644 index 000000000..542a5cb48 --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_napot_test.S @@ -0,0 +1,45 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_locked_outside_napot_test.S (TST14-26, TST14-36) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Set up PMP using NAPOT, from 0x8000_0000 to 0xB000_0000. + li t2, 0x25ffffff + csrw pmpaddr0, t2 + + # Configure it with LOCK ON, Read-Write-Execute. + li t0, 0x0000009f + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + + # Check pmpaddr after switching to NAPOT (and lock) + csrr t0, pmpaddr0 + bne t0, t2, fail + + # Check a memory access succeeds when outside the LOCKED entry. + li t1, 0xB8000000 + li t2, 0xC0D1F1ED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_tor_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_tor_test.S new file mode 100644 index 000000000..14459fad2 --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_locked_outside_tor_test.S @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_locked_outside_tor_test.S (TST16-26, TST16-36) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # From 0x0000_0000 to 0x0000_1000 only Execute. + li t0, 0x00000400 + csrw pmpaddr0, t0 + + # From 0x0000_1000 to 0x0001_0000 no Permissions. + li t0, 0x00004000 + csrw pmpaddr1, t0 + + # From 0x0001_0000 to 0x0002_0000 only Execute. + li t0, 0x00008000 + csrw pmpaddr2, t0 + + # From 0x0002_0000 to 0x8000_0000 no Permissions. + li t0, 0x20000000 + csrw pmpaddr3, t0 + + # From 0x8000_0000 to 0xB000_0000 Read-Write-Execute. + li t0, 0x2C000000 + csrw pmpaddr4, t0 + + # Configure the TOR areas with LOCK ON. + li t0, 0x888c888c + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + li t0, 0x0000008f + csrw pmpcfg1, t0 + csrr t1, pmpcfg1 + bne t0, t1, fail + + # Check a memory access succeeds when outside the LOCKED entry. + li t1, 0xB8000000 + li t2, 0xC0D1F1ED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_napot_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_napot_test.S new file mode 100644 index 000000000..4f8b0b5ed --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_napot_test.S @@ -0,0 +1,111 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_lsu_napot_test.S (TST14-11, TST14-21, TST14-31) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Configure PMP using NAPOT. + + # From 0x0000_0000 to 0x0000_1000 only Execute. + li t0, 0x000001ff + csrw pmpaddr0, t0 + + # From 0x0001_0000 to 0x0002_0000 only Execute. + li t0, 0x00005fff + csrw pmpaddr1, t0 + + # From 0x8000_0000 to 0xC000_0000 Read-Write-Execute. + li t0, 0x27ffffff + csrw pmpaddr2, t0 + + + # Addr 0-2 configs, written in cfg0, with LOCK OFF, and NAPOT. + li t0, 0x001f1c1c + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + + + # Do the READ-WRITE test. + + # Check 1 read-write test, at 0x8000_0000. + li t1, 0x80000000 + li t2, 0xEFFACED1 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 2 read-write test, at 0x9000_0000. + li t1, 0x90000000 + li t2, 0xACCEDED2 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 3 read-write test, at 0xA000_0000. + li t1, 0xA0000000 + li t2, 0xDEFACED3 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 4 read-write test, at 0xB000_0000. + li t1, 0xB0000000 + li t2, 0xDEC0DED4 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + + # Do the EXEC "RET" test. + + # Exec test 1, at 0x0000_0800. + li t0, 0x00000800 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 2, at 0x0001_8000. + li t0, 0x00018000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 3, at 0x9800_0000. + li t0, 0x98000000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 4, at 0xA800_0000. + li t0, 0xA8000000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_tor_test.S b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_tor_test.S new file mode 100644 index 000000000..55f261c2d --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_lsu_tor_test.S @@ -0,0 +1,125 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_lsu_tor_test.S (TST16-11, TST16-21, TST16-31) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Configure PMP using TOR. + + # From 0x0000_0000 to 0x0000_1000 only Execute. + li t0, 0x00000400 + csrw pmpaddr0, t0 + + # From 0x0000_1000 to 0x0001_0000 no Permissions. + li t0, 0x00004000 + csrw pmpaddr1, t0 + + # From 0x0001_0000 to 0x0002_0000 only Execute. + li t0, 0x00008000 + csrw pmpaddr2, t0 + + # From 0x0002_0000 to 0x8000_0000 no Permissions. + li t0, 0x20000000 + csrw pmpaddr3, t0 + + # From 0x8000_0000 to 0xC000_0000 Read-Write-Execute. + li t0, 0x30000000 + csrw pmpaddr4, t0 + + + # Addr 0-3 configs, written in cfg0, with LOCK OFF, and TOR. + li t0, 0x080c080c + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + + # Addr 4 config, written in cfg1, with LOCK OFF, and TOR. + li t0, 0x0000000f + csrw pmpcfg1, t0 + csrr t1, pmpcfg1 + bne t0, t1, fail + + + # Do the READ-WRITE test. + + # Check 1 read-write test, at 0x8000_0000. + li t1, 0x80000000 + li t2, 0xEFFACED1 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 2 read-write test, at 0x9000_0000. + li t1, 0x90000000 + li t2, 0xACCEDED2 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 3 read-write test, at 0xA000_0000. + li t1, 0xA0000000 + li t2, 0xDEFACED3 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 4 read-write test, at 0xB000_0000. + li t1, 0xB0000000 + li t2, 0xDEC0DED4 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + + # Do the EXEC "RET" test. + + # Exec test 1, at 0x0000_0800. + li t0, 0xA0000800 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 2, at 0x0001_8000. + li t0, 0xB0018000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 3, at 0x9800_0000. + li t0, 0x98000000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 4, at 0xA800_0000. + li t0, 0xA8000000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_read_me_first.txt b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_read_me_first.txt new file mode 100644 index 000000000..ffc0be5e9 --- /dev/null +++ b/verif/tests/custom/pmp_cv32a65x/pmp_cv32a65x_read_me_first.txt @@ -0,0 +1,30 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# pmp_cv32a65x_read_me_first.txt +# ------------------------------------------------------------------------------ + +Steps to run the pmp_cv32a65x tests: + Optional Step 0. If there is still a problem with $data/FE/cva6_lib/cva6/verif/env/uvme/cov/uvme_exception_covg.sv + comment out line 112 of that same file. This step is a hotfix and should be deleted from this file + as soon as the problem with the coverage is resolved. + 1. Go to the main cva6 project folder, usually with cd $data/FE/cva6_lib/cva6 + 2. Export the following values, this is mandatory, and may be different with your local environment: + export PATH=$PATH:/tools/vtec/tools/devicetree/1.4.6/rh7/usr/bin + export VERILATOR_INSTALL_DIR=/tools/vtec/tools/veripool/verilator/5.008/rh7/ + export RISCV=/tools/vtec/tools/embecosm/riscv32-embecosm-centos7-gcc13.1.0 + export CV_SW_PREFIX=riscv32-unknown-elf- + export RISCV_PREFIX=${RISCV}/bin/${CV_SW_PREFIX} + export RISCV_GCC=${RISCV_PREFIX}gcc + export XCELIUM_HOME=/tools/cds/xceliummain_23.09.005_Linux/ + 3. Run the setup environment script as well in ./verif/sim/setup-env.sh + 4. Edit the file in $data/FE/cva6_lib/cva6/verif/regress/pmp_cv32a65x_tests.sh to select which test to run: + For example, with TEST_NUMBER="#1#" uncommented, the (currently failing) test "granularity" will run. + Optional Step 4,5. It is good to check / force the versions of some modules used, specifically: + module load std/gcc/9.2.0 -f + module std/python/3.11.4 -f + 5. Run that very same file from the cva6 folder specifically, usually with sh ./verif/regress/pmp_cv32a65x_tests.sh