diff --git a/.github/workflows/verible.yml b/.github/workflows/verible.yml index 87496bc03..6b2f1730c 100644 --- a/.github/workflows/verible.yml +++ b/.github/workflows/verible.yml @@ -21,3 +21,4 @@ jobs: with: github_token: ${{ secrets.GITHUB_TOKEN }} files: '$(find core -regex ".*\.\(v\|sv\)$" | grep -v "^core/include/.*_config_pkg.sv$")' + fail_on_formatting_suggestions: true diff --git a/.gitignore b/.gitignore index 962e06663..43896084e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ +*.swp +*.swo site/* *.ucdb covhtmlreport/* diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index c3f0a6a39..b94585e70 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -124,7 +124,7 @@ build_tools: stage: light tests rules: *on_dev before_script: - - git -C verif/core-v-verif fetch --unshallow + - git -C verif/core-v-verif fetch --unshallow || git -C verif/core-v-verif fetch --all - !reference [.copy_spike_artifacts] - rm -rf artifacts/ - mkdir -p artifacts/{reports,logs} @@ -170,6 +170,8 @@ smoke-gen: SPIKE_TANDEM: 1 script: - bash verif/regress/smoke-gen_tests.sh + - cp verif/sim/seedlist.yaml artifacts/logs/ + - cp verif/sim/uvm_seed.log artifacts/logs/ - !reference [.simu_after_script] smoke-bench: @@ -302,6 +304,20 @@ fpga-build: - mv corev_apu/fpga/work-fpga/ariane_xilinx.bit artifacts/ariane_xilinx_$TARGET.bit - python3 .gitlab-ci/scripts/report_fpga.py corev_apu/fpga/reports/ariane.utilization.rpt +pmp_tests: + timeout : 2 hours + extends: + - .synthesis_test + variables: + DASHBOARD_JOB_TITLE: "PMP $DV_TARGET" + DASHBOARD_JOB_DESCRIPTION: "Physical Memory Protection tests" + DASHBOARD_SORT_INDEX: 2 + DASHBOARD_JOB_CATEGORY: "Test suites" + DV_SIMULATORS: "vcs-uvm" + SPIKE_TANDEM: 1 + script: source verif/regress/pmp_cv32a65x_tests.sh + after_script: *simu_after_script + .regress_test: stage: heavy tests before_script: @@ -451,6 +467,7 @@ generated_tests: - source verif/regress/dv-generated-tests.sh - mv verif/sim/vcs_results/default/vcs.d/simv.vdb artifacts/coverage - mv verif/sim/seedlist.yaml artifacts/coverage + - mv verif/sim/uvm_seed.log artifacts/coverage - python3 .gitlab-ci/scripts/report_pass.py .generated_xif_tests: @@ -471,6 +488,7 @@ generated_tests: - source verif/regress/dv-generated-xif-tests.sh - mv verif/sim/vcs_results/default/vcs.d/simv.vdb artifacts/coverage - mv verif/sim/seedlist.yaml artifacts/coverage + - mv verif/sim/uvm_seed.log artifacts/coverage - python3 .gitlab-ci/scripts/report_pass.py directed_isacov-tests: @@ -490,6 +508,7 @@ directed_isacov-tests: - mkdir -p artifacts/coverage - source verif/regress/dv-generated-tests.sh - mv verif/sim/vcs_results/default/vcs.d/simv.vdb artifacts/coverage + - mv verif/sim/uvm_seed.log artifacts/coverage - python3 .gitlab-ci/scripts/report_pass.py csr_embedded_tests: @@ -506,6 +525,7 @@ csr_embedded_tests: - mkdir -p artifacts/coverage - source verif/regress/dv-csr-embedded-tests.sh - mv verif/sim/vcs_results/default/vcs.d/simv.vdb artifacts/coverage + - mv verif/sim/uvm_seed.log artifacts/coverage - python3 .gitlab-ci/scripts/report_tandem.py verif/sim/out*/"$DV_SIMULATORS"_sim .backend_test: @@ -537,7 +557,7 @@ simu-gate: PERIOD: "15" # 66 Mhz script: - mkdir -p artifacts/{reports,logs} - - git -C verif/core-v-verif fetch --unshallow + - git -C verif/core-v-verif fetch --unshallow || git -C verif/core-v-verif fetch --all - !reference [.copy_spike_artifacts] - echo $PERIOD - source ./verif/sim/setup-env.sh @@ -604,6 +624,7 @@ code_coverage-report: - mkdir -p verif/sim/vcs_results/default/vcs.d - mv artifacts/coverage/simv.vdb verif/sim/vcs_results/default/vcs.d/ - mv artifacts/coverage/seedlist.yaml verif/sim/seedlist.yaml + - mv artifacts/coverage/uvm_seed.log verif/sim/uvm_seed.log - make -C verif/sim generate_cov_dash - mv verif/sim/urgReport artifacts/cov_reports/ - python3 .gitlab-ci/scripts/report_coverage.py artifacts/cov_reports/urgReport/hierarchy.txt artifacts/cov_reports/urgReport/"feature.CVA6 Verification Master Plan1.7.-1268999905.txt" diff --git a/.gitlab-ci/scripts/github_integration.py b/.gitlab-ci/scripts/github_integration.py index c49c5b798..d91016ebd 100644 --- a/.gitlab-ci/scripts/github_integration.py +++ b/.gitlab-ci/scripts/github_integration.py @@ -3,6 +3,7 @@ This module makes it possible to trigger GitHub workflows. """ from os import environ as env +import time import requests def api_url(owner, repo): @@ -52,6 +53,7 @@ class DashboardDone(Workflow): 'pr_number': str(pr), 'success': success, } + time.sleep(120) return self._trigger(inputs) def send_success(self, pr): diff --git a/.gitlab-ci/scripts/report_synth.py b/.gitlab-ci/scripts/report_synth.py index 06cf9833b..206e4d9a5 100644 --- a/.gitlab-ci/scripts/report_synth.py +++ b/.gitlab-ci/scripts/report_synth.py @@ -82,7 +82,7 @@ hier_metric = rb.TableMetric('Hierarchies details') for i in hier: hier_metric.add_value( i[0], # hier - f"{int(float(i[1])/kgate_ratio)} kGates", # area + f"{float(i[1])/kgate_ratio:.3f} kGates", # area f"{int(float(i[2]))} %", # % #int(float(i[3]))/int(float(i[1])*100), # % combi #int(float(i[4]))/int(float(i[1])*100), # % reg diff --git a/.readthedocs.yaml b/.readthedocs.yaml index 355531d45..d9241c384 100644 --- a/.readthedocs.yaml +++ b/.readthedocs.yaml @@ -7,6 +7,7 @@ version: 2 submodules: include: - docs/riscv-isa/riscv-isa-manual + recursive: true build: os: "ubuntu-20.04" @@ -26,7 +27,7 @@ build: - npm install docs/riscv-isa/riscv-isa-manual/dependencies - gem install -g docs/riscv-isa/riscv-isa-manual/dependencies/Gemfile pre_build: - - make -C docs prepare + - PATH=$PWD/node_modules/.bin:$PATH make -C docs prepare # Build from the docs directory with Sphinx sphinx: diff --git a/Bender.yml b/Bender.yml index 5ef388dad..2178c96f7 100644 --- a/Bender.yml +++ b/Bender.yml @@ -1,5 +1,5 @@ package: - name: ariane + name: cva6 authors: - "Florian Zaruba " - "Michael Schaffner " @@ -68,6 +68,7 @@ sources: - target: any(cv64a6_imafdcv_sv39, cv64a6_imafdc_sv39, cv64a6_imafdc_sv39_wb, cv64a6_imafdch_sv39, cv64a6_imafdch_sv39_wb, cv32a6_imac_sv0, cv32a6_imac_sv32, cv32a6_imafc_sv32) files: - core/cva6_mmu/cva6_tlb.sv + - core/cva6_mmu/cva6_shared_tlb.sv - core/cva6_mmu/cva6_mmu.sv - core/cva6_mmu/cva6_ptw.sv @@ -78,6 +79,8 @@ sources: # Extension Interface - core/cvxif_example/include/cvxif_instr_pkg.sv - core/cvxif_fu.sv + - core/cvxif_issue_register_commit_if_driver.sv + - core/cvxif_compressed_if_driver.sv - core/cvxif_example/cvxif_example_coprocessor.sv - core/cvxif_example/instr_decoder.sv @@ -95,6 +98,7 @@ sources: - core/csr_regfile.sv - core/decoder.sv - core/ex_stage.sv + - core/acc_dispatcher.sv - core/instr_realign.sv - core/id_stage.sv - core/issue_read_operands.sv @@ -118,6 +122,7 @@ sources: # Frontend (i.e., fetch, decode, dispatch) - core/frontend/btb.sv - core/frontend/bht.sv + - core/frontend/bht2lvl.sv - core/frontend/ras.sv - core/frontend/instr_scan.sv - core/frontend/instr_queue.sv @@ -142,6 +147,7 @@ sources: # Physical Memory Protection - core/pmp/src/pmp.sv - core/pmp/src/pmp_entry.sv + - core/pmp/src/pmp_data_if.sv - include_dirs: - common/local/util @@ -153,12 +159,15 @@ sources: - common/local/util files: - common/local/util/tc_sram_wrapper.sv + - common/local/util/sram_cache.sv - target: all(fpga, xilinx) include_dirs: - common/local/util files: + - common/local/util/sram_cache.sv - common/local/util/tc_sram_fpga_wrapper.sv + - vendor/pulp-platform/fpga-support/rtl/SyncSpRamBeNx64.sv - target: not(synthesis) include_dirs: diff --git a/CODEOWNERS b/CODEOWNERS index 9a4976dad..67589d40d 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,5 +1,5 @@ # Global Owners -* @JeanRochCoulon @zarubaf +* @JeanRochCoulon # Core @@ -7,9 +7,18 @@ core/mmu_sv39 @sjthales core/cvxif_example @Gchauvon core/cvxif_fu.sv @Gchauvon -# APU +# HPDCache + +core/cache_subsystem/hpdcache @cfuguet +core/cache_subsystem/cva6_hpdcache* @cfuguet +core/include/cv64a6_imafdc_sv39_hpdcache_config_pkg.sv @cfuguet +core/include/cv64a6_imafdc_sv39_hpdcache_wb_config_pkg.sv @cfuguet + +# OpenPiton corev_apu/openpiton @Jbalkind +core/cache_subsystem/wt_l15_adapter.sv @Jbalkind +core/include/cv64a6_imafdc_sv39_openpiton_config_pkg.sv @Jbalkind ## Documentation diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 51b182403..1778129d7 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -22,8 +22,8 @@ Therefore here are guidelines to help the CVA6 team accept new contributions: * If you do not know how to contact us already, get in touch through info@openhwgroup.org or open an issue in GitHub. - Specific recommendations: - * Always consider using the CV-X-IF interface if your contribution is an instruction-set extension. - - and talk to the team if it's not possible. + * For instruction set extensions, talk to the team to assess the relevance of including it into the core or as a coprocessor on the CV-X-IF interface. + - If the extension is custom (not a RISC-V specified extension), a coprocessor on CV-X-IF is definitely its place. * Your contribution shall be optional and fully disabled by default. - so that projects already using CVA6 are not impacted (no functionality change, no extra silicon...). * To configure your contribution, System Verilog top-level parameters are preferred. @@ -34,6 +34,12 @@ Therefore here are guidelines to help the CVA6 team accept new contributions: * Your complete contribution shall be identifiable with parameters (or `directives / templating if together we decide to go this way). - If at some point we need to revert it, e.g. if there is no-one maintaining nor using it and it has become a burden to the project. - We call this the "parachute" rule: The CVA6 team does not want to use it but is far more comfortable getting one. + - Also, this allows not to lose code coverage in verification when your contribution is not enabled (with some tweaks in the coverage tool). + - This rule also applies to CSRs which are specific to your contribution. + * To ease maintenance, all common code lines shall exist only once. + - Counter-example: CVA6 used to have two different MMU modules (Sv32 and Sv39) for CV32A6 and CV64A6. + - It took time to refactor both in a joint design to ease maintenance. + - Related reading for reference: [DRY principle](https://en.wikipedia.org/wiki/Don%27t_repeat_yourself) * Your contribution shall pass the Continuous Integration (CI) flow - When the contribution is disabled: in all cases, to ensure you have not broken the design. - When the contribution is disabled: the line and condition code coverage shall not be impacted. diff --git a/Flist.ariane b/Flist.ariane index 0edfa8e4f..592125b7f 100644 --- a/Flist.ariane +++ b/Flist.ariane @@ -72,6 +72,7 @@ core/decoder.sv core/ex_stage.sv core/frontend/btb.sv core/frontend/bht.sv +core/frontend/bht2lvl.sv core/frontend/ras.sv core/frontend/instr_scan.sv core/frontend/instr_queue.sv diff --git a/Makefile b/Makefile index 915b2df77..739494652 100644 --- a/Makefile +++ b/Makefile @@ -279,7 +279,8 @@ xil_debug_filter += $(addprefix $(root-dir), corev_apu/riscv-dbg/src/dmi_vjtag_t xil_debug_filter += $(addprefix $(root-dir), corev_apu/riscv-dbg/src/dmi_vjtag.sv) src := $(filter-out $(xil_debug_filter), $(src)) -fpga_src := $(addprefix $(root-dir), $(fpga_src)) src/bootrom/bootrom_$(XLEN).sv +fpga_src += corev_apu/fpga/src/bootrom/bootrom_$(XLEN).sv +fpga_src := $(addprefix $(root-dir), $(fpga_src)) # look for testbenches tbs := $(top_level_path) corev_apu/tb/ariane_testharness.sv core/cva6_rvfi.sv @@ -780,7 +781,7 @@ fpga_filter += $(addprefix $(root-dir), core/cache_subsystem/hpdcache/rtl/src/co fpga_filter += $(addprefix $(root-dir), core/cache_subsystem/hpdcache/rtl/src/common/macros/behav/hpdcache_sram_wbyteenable_1rw.sv) fpga_filter += $(addprefix $(root-dir), core/cache_subsystem/hpdcache/rtl/src/common/macros/behav/hpdcache_sram_wmask_1rw.sv) -src/bootrom/bootrom_$(XLEN).sv: +$(addprefix $(root-dir), corev_apu/fpga/src/bootrom/bootrom_$(XLEN).sv): $(MAKE) -C corev_apu/fpga/src/bootrom BOARD=$(BOARD) XLEN=$(XLEN) PLATFORM=$(PLATFORM) bootrom_$(XLEN).sv fpga: $(ariane_pkg) $(src) $(fpga_src) $(uart_src) $(src_flist) diff --git a/README.md b/README.md index e54c4d387..691a46a04 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,12 @@ -# CVA6 RISC-V CPU [![Build Status](https://github.com/openhwgroup/cva6/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/openhwgroup/cva6/actions/workflows/ci.yml) [![CVA6 dashboard](https://riscv-ci.pages.thales-invia.fr/dashboard/badge.svg)](https://riscv-ci.pages.thales-invia.fr/dashboard/) [![Documentation Status](https://readthedocs.com/projects/openhw-group-cva6-user-manual/badge/?version=latest)](https://docs.openhwgroup.org/projects/cva6-user-manual/?badge=latest) [![GitHub release](https://img.shields.io/github/release/openhwgroup/cva6?include_prereleases=&sort=semver&color=blue)](https://github.com/openhwgroup/cva6/releases/) +# CVA6 RISC-V CPU [![Build Status](https://github.com/openhwgroup/cva6/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/openhwgroup/cva6/actions/workflows/ci.yml) [![CVA6 dashboard](https://riscv-ci.pages.thales-invia.fr/dashboard/badge_master.svg)](https://riscv-ci.pages.thales-invia.fr/dashboard/dashboard_cva6.html) [![Documentation Status](https://readthedocs.com/projects/openhw-group-cva6-user-manual/badge/?version=latest)](https://docs.openhwgroup.org/projects/cva6-user-manual/?badge=latest) [![GitHub release](https://img.shields.io/github/release/openhwgroup/cva6?include_prereleases=&sort=semver&color=blue)](https://github.com/openhwgroup/cva6/releases/) CVA6 is a 6-stage, single-issue, in-order CPU which implements the 64-bit RISC-V instruction set. It fully implements I, M, A and C extensions as specified in Volume I: User-Level ISA V 2.3 as well as the draft privilege extension 1.10. It implements three privilege levels M, S, U to fully support a Unix-like operating system. Furthermore, it is compliant to the draft external debug spec 0.13. It has a configurable size, separate TLBs, a hardware PTW and branch-prediction (branch target buffer and branch history table). The primary design goal was on reducing critical path length. +A performance model of CVA6 is available in the `perf-model/` folder of this repository. +It can be used to investigate performance-related micro-architecture changes. + @@ -167,9 +170,14 @@ To generate VCD waveforms of the `smoke-tests` regression suite using Verilator, ```sh export DV_SIMULATORS=veri-testharness,spike export TRACE_FAST=1 -bash verif/regress/smoke-tests.sh +bash verif/regress/smoke-tests-.sh ``` +Where `` is one of the following, depending on the CPU variant you want to use. +- `cv32a65x`. +- `cv32a6_imac_sv32`. +- `cv64a6_imafdc_sv39`. + After each simulation run involving Verilator or VCS, the generated waveforms will be copied to the directory containing the log files (see above,) with the name of the current HW configuration added to the file name right before @@ -403,7 +411,7 @@ Info : Listening on port 4444 for telnet connections Then you will be able to either connect through `telnet` or with `gdb`: ``` -riscv64-unknown-elf-gdb /path/to/elf +risc-none-elf-gdb /path/to/elf (gdb) target remote localhost:3333 (gdb) load diff --git a/common/local/util/instr_tracer.sv b/common/local/util/instr_tracer.sv index 908366406..7a6242352 100644 --- a/common/local/util/instr_tracer.sv +++ b/common/local/util/instr_tracer.sv @@ -25,32 +25,32 @@ module instr_tracer #( parameter type exception_t = logic, parameter interrupts_t INTERRUPTS = '0 )( - input logic pck, - input logic rstn, - input logic flush_unissued, - input logic flush_all, - input logic [31:0] instruction, - input logic fetch_valid, - input logic fetch_ack, - input logic issue_ack, // issue acknowledged - input scoreboard_entry_t issue_sbe, // issue scoreboard entry - input logic [1:0][4:0] waddr, // WB stage - input logic [1:0][63:0] wdata, - input logic [1:0] we_gpr, - input logic [1:0] we_fpr, - input scoreboard_entry_t [1:0] commit_instr, // commit instruction - input logic [1:0] commit_ack, - input logic st_valid, // stores - address translation - input logic [CVA6Cfg.PLEN-1:0] st_paddr, - input logic ld_valid, // loads - input logic ld_kill, - input logic [CVA6Cfg.PLEN-1:0] ld_paddr, - input bp_resolve_t resolve_branch, // misprediction - input exception_t commit_exception, - input riscv::priv_lvl_t priv_lvl, // current privilege level - input logic debug_mode, + input logic pck, + input logic rstn, + input logic flush_unissued, + input logic flush_all, + input logic [31:0] instruction [CVA6Cfg.NrIssuePorts-1:0], + input logic [CVA6Cfg.NrIssuePorts-1:0] fetch_valid, + input logic [CVA6Cfg.NrIssuePorts-1:0] fetch_ack, + input logic [CVA6Cfg.NrIssuePorts-1:0] issue_ack, // issue acknowledged + input scoreboard_entry_t [CVA6Cfg.NrIssuePorts-1:0] issue_sbe, // issue scoreboard entry + input logic [CVA6Cfg.NrCommitPorts-1:0][4:0] waddr, // WB stage + input logic [CVA6Cfg.NrCommitPorts-1:0][63:0] wdata, + input logic [CVA6Cfg.NrCommitPorts-1:0] we_gpr, + input logic [CVA6Cfg.NrCommitPorts-1:0] we_fpr, + input scoreboard_entry_t [CVA6Cfg.NrCommitPorts-1:0] commit_instr, // commit instruction + input logic [CVA6Cfg.NrCommitPorts-1:0] commit_ack, + input logic st_valid, // stores - address translation + input logic [CVA6Cfg.PLEN-1:0] st_paddr, + input logic ld_valid, // loads + input logic ld_kill, + input logic [CVA6Cfg.PLEN-1:0] ld_paddr, + input bp_resolve_t resolve_branch, // misprediction + input exception_t commit_exception, + input riscv::priv_lvl_t priv_lvl, // current privilege level + input logic debug_mode, - input logic[CVA6Cfg.XLEN-1:0] hart_id_i + input logic[CVA6Cfg.XLEN-1:0] hart_id_i ); // keep the decoded instructions in a queue @@ -94,7 +94,7 @@ module instr_tracer #( forever begin automatic bp_resolve_t bp_instruction = '0; // new cycle, we are only interested if reset is de-asserted - @(pck) if (rstn !== 1'b1) begin + @(posedge pck) if (rstn !== 1'b1) begin flush(); continue; end @@ -106,20 +106,24 @@ module instr_tracer #( // Instruction Decode // ------------------- // we are decoding an instruction - if (fetch_valid && fetch_ack) begin - decode_instruction = instruction; - decode_queue.push_back(decode_instruction); + for (int unsigned i = 0; i < CVA6Cfg.NrIssuePorts; ++i) begin + if (fetch_valid[i] && fetch_ack[i]) begin + decode_instruction = instruction[i]; + decode_queue.push_back(decode_instruction); + end end // ------------------- // Instruction Issue // ------------------- // we got a new issue ack, so put the element from the decode queue to // the issue queue - if (issue_ack && !flush_unissued) begin - issue_instruction = decode_queue.pop_front(); - issue_queue.push_back(issue_instruction); - // also save the scoreboard entry to a separate issue queue - issue_sbe_queue.push_back(scoreboard_entry_t'(issue_sbe)); + for (int unsigned i = 0; i < CVA6Cfg.NrIssuePorts; ++i) begin + if (issue_ack[i] && !flush_unissued) begin + issue_instruction = decode_queue.pop_front(); + issue_queue.push_back(issue_instruction); + // also save the scoreboard entry to a separate issue queue + issue_sbe_queue.push_back(scoreboard_entry_t'(issue_sbe[i])); + end end // -------------------- diff --git a/config/gen_from_riscv_config/cv32a65x/spike/spike.yaml b/config/gen_from_riscv_config/cv32a65x/spike/spike.yaml index 521e53e73..540b68e5e 100644 --- a/config/gen_from_riscv_config/cv32a65x/spike/spike.yaml +++ b/config/gen_from_riscv_config/cv32a65x/spike/spike.yaml @@ -52,6 +52,7 @@ spike_param_tree: pmpaddr5_write_mask: 0xFFFFFFFE pmpaddr6_write_mask: 0xFFFFFFFE pmpaddr7_write_mask: 0xFFFFFFFE + mtvec_write_mask: 0xFFFFFFFE mhartid: 0 mvendorid_override_mask : 0xFFFFFFFF mvendorid_override_value: 1538 diff --git a/config/riscv-config/cv64a60ax/spec/custom_spec.yaml b/config/riscv-config/cv64a60ax/spec/custom_spec.yaml new file mode 100644 index 000000000..ec2c1f844 --- /dev/null +++ b/config/riscv-config/cv64a60ax/spec/custom_spec.yaml @@ -0,0 +1,55 @@ +# Copyright 2024 Thales DIS France SAS +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Original Author: Zbigniew CHAMSKI - Thales + +hart_ids: [0] +hart0: + icache: + reset-val: 0x1 + rv32: + accessible: false + rv64: + accessible: true + icache: + implemented: true + type: + rw: true + description: bit for cache-enable of instruction cache + msb: 0 + lsb: 0 + shadow: + shadow_type: + description: the register controls the operation of the i-cache unit. + address: 0x7c0 + priv_mode: M + dcache: + reset-val: 0x1 + rv32: + accessible: false + rv64: + accessible: true + dcache: + implemented: true + type: + rw: true + description: bit for cache-enable of data cache + shadow: + shadow_type: + msb: 0 + lsb: 0 + description: the register controls the operation of the d-cache unit. + address: 0x7c1 + priv_mode: M + diff --git a/config/riscv-config/cv64a60ax/spec/debug_spec.yaml b/config/riscv-config/cv64a60ax/spec/debug_spec.yaml new file mode 100644 index 000000000..7c1f981a6 --- /dev/null +++ b/config/riscv-config/cv64a60ax/spec/debug_spec.yaml @@ -0,0 +1,168 @@ +# Copyright 2024 Thales DIS France SAS +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Original Author: Zbigniew CHAMSKI - Thales +# Updated from CV66 64 CEA - Tanuj Khandelwal - Thales + +hart_ids: [0] +hart0: &hart0 + Debug_Spec_Version: '1.0.0' + supported_xlen: [64] + debug_mode: true + parking_loop: 0x800 + dcsr: + reset-val: 0x40000413 + rv64: + accessible: true + debugver: + implemented: true + type: + ro_constant: 0x4 + ebreakvs: + implemented: false + ebreakvu: + implemented: false + ebreakm: + implemented: true + ebreaks: + implemented: true + ebreaku: + implemented: true + stepie: + implemented: true + stopcount: + implemented: true + stoptime: + implemented: true + cause: + implemented: true + type: + ro_variable: true + v: + implemented: true + mprven: + implemented: true + nmip: + implemented: true + type: + ro_variable: true + step: + implemented: true + prv: + implemented: true + rv32: + accessible: false + dpc: + rv64: + accessible: true + rv32: + accessible: false + tselect: + rv32: + accessible: False + rv64: + accessible: True + type: + warl: + dependency_fields: [] + legal: + - tselect[63:0] in [0x00000000:0x3] + wr_illegal: + - unchanged + tinfo: #FIXME + rv32: + accessible: False + rv64: + accessible: True + index_select_reg: tselect + index_list: + - reset-val: 0x78 + index_val: 0 + shadow: + shadow_type: + type: + ro_constant: 0x78 + - reset-val: 0x8 + index_val: 1 + shadow: + shadow_type: + type: + ro_constant: 0x8 + - reset-val: 0x10 + index_val: 2 + shadow: + shadow_type: + type: + ro_constant: 0x10 + tdata1: + rv32: + accessible: False + rv64: + accessible: True + index_select_reg: tselect + index_list: + - reset-val: 0xdeadbeef + index_val: 0 + shadow: + shadow_type: + type: + ro_constant: 0xdeadbeef + - reset-val: 0 + index_val: 1 + shadow: + shadow_type: + type: &mywarl + warl: + dependency_fields: [] + legal: + - writeval[63:0] in [0x0000000000000000:0xFFFFFFFFFFFFFFFF] + wr_illegal: + - Unchanged + - reset-val: 0 + index_val: 2 + shadow: + shadow_type: + type: + warl: + dependency_fields: [] + legal: + - writeval[63:0] in [0x0000000000000000:0xFFFFFFFFFFFFFFFF] + wr_illegal: + - Unchanged + + #FIXME NTO SUPPORTED BY RISCV CNFIG + # tdata2: + # rv64: + # accessible: true + # type: + # ro_variable: true + # rv32: + # accessible: false + # tdata3: + # rv64: + # accessible: true + # type: + # ro_variable: true + # rv32: + # accessible: false + dscratch0: + rv64: + accessible: true + rv32: + accessible: false + dscratch1: + rv64: + accessible: true + rv32: + accessible: false diff --git a/config/riscv-config/cv64a60ax/spec/isa_spec.yaml b/config/riscv-config/cv64a60ax/spec/isa_spec.yaml new file mode 100644 index 000000000..cef6c746b --- /dev/null +++ b/config/riscv-config/cv64a60ax/spec/isa_spec.yaml @@ -0,0 +1,1863 @@ +# Copyright 2024 Thales DIS France SAS +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Original Author: Zbigniew CHAMSKI - Thales +# Updated from CV6A60AX 64 CEA - Tanuj Khandelwal - Thales + +hart_ids: [0] +hart0: &hart0 + ISA: RV64IMAFDCNSUZicsr_Zicbom_Zicbop_Zicboz_Zifencei_Zcb_Zba_Zbb_Zbc_Zbs + User_Spec_Version: '2.3' + supported_xlen: [64] + physical_addr_sz: 39 + pmp_granularity: 10 # FIXME: To verify + misa: + reset-val: 0x800000000014312D # B: bit 1, C: bit 2, I = bit 8, M = bit 12, Z = bit 25 + rv64: + accessible: true + mxl: + implemented: true + type: + warl: + dependency_fields: [] + legal: + - mxl[1:0] in [0x2] + wr_illegal: + - unchanged + extensions: + implemented: true + type: + # ro_constant: 0x214312F + mvendorid: + reset-val: 0x00000602 + rv64: + accessible: true + type: + ro_constant: 0x00000602 + rv32: + accessible: false + fcsr: + rv32: + accessible: false + rv64: + accessible: true + fflags: + implemented: true + type: + warl: + dependency_fields: [] + legal: + - fflags[4:0] in [0x00:0x1F] + wr_illegal: + - Unchanged + mtvec: + reset-val: 0x80010000 + rv64: + accessible: true + base: + implemented: true + type: + warl: + dependency_fields: [] + legal: + # The 62 bits of 'base' are suffixed with 2'b00 + # ==> all values are legal, alignment 4 bytes is implied + - base[61:0] in [0x00000000:0x3FFFFFFFFFFFFFFF] + wr_illegal: + - Unchanged + mode: + implemented: true + type: + warl: + dependency_fields: [] + legal: + # Only Direct mode. + - mode[1:0] in [0x0] + wr_illegal: + - Unchanged + vsstatus: + reset-val: 0x0 + rv64: + accessible: false + rv32: + accessible: false + mstatus: # FIXME verify details + reset-val: 0xA00001800 # .mpp = 0x3 + rv64: + accessible: true + uie: + implemented: true + sie: + implemented: true + mie: + implemented: true + upie: + implemented: true + spie: + implemented: true + sxl: + implemented: true + type: + warl: + dependency_fields: [] + legal: + - sxl[1:0] in [0x2] + wr_illegal: + - unchanged + uxl: + implemented: true + type: + warl: + dependency_fields: [] + legal: + - uxl[1:0] in [0x2] + wr_illegal: + - unchanged + mpie: + implemented: true + mpp: + implemented: true + type: + warl: + dependency_fields: [] + legal: + - mpp[1:0] in [0x3] + wr_illegal: + - Unchanged + fs: + implemented: true + xs: + implemented: true + mprv: + implemented: false + sum: + implemented: true + mxr: + implemented: true + tvm: + implemented: false + tw: + implemented: false + tsr: + implemented: false + rv32: + accessible: false + mip: # Check if readonly or not + reset-val: 0 + rv64: + accessible: true + usip: + implemented: true + ssip: + implemented: true + msip: + implemented: true + utip: + implemented: true + stip: + implemented: true + mtip: + implemented: true + type: + ro_variable: true + ueip: + implemented: true + seip: + implemented: true + meip: + implemented: true + type: + ro_variable: true + rv32: + accessible: false + hip: + reset-val: 0 + rv64: + accessible: false + vssip: + implemented: false + vstip: + implemented: false + vseip: + implemented: false + sgeip: + implemented: false + rv32: + accessible: false + mie: + reset-val: 0 + rv64: + accessible: true + usie: + implemented: true + ssie: + implemented: true + msie: + implemented: true + utie: + implemented: true + stie: + implemented: true + mtie: + implemented: true + ueie: + implemented: true + seie: + implemented: true + meie: + implemented: true + rv32: + accessible: false + hie: + reset-val: 0 + rv64: + accessible: false + vssie: + implemented: false + vstie: + implemented: false + vseie: + implemented: false + sgeie: + implemented: false + rv32: + accessible: false + mepc: + reset-val: 0x0 + rv64: + accessible: true + rv32: + accessible: false + mtval: + reset-val: 0x0 + rv64: + accessible: true + rv32: + accessible: false + mcause: + reset-val: 0 + rv64: + accessible: true + interrupt: + implemented: true + exception_code: + implemented: true + rv32: + accessible: false + medeleg: + reset-val: 0 + rv64: + accessible: true + rv32: + accessible: false + mideleg: + reset-val: 0 + rv64: + accessible: true + rv32: + accessible: false + menvcfg: #FIXME: not convinced if it is needed + reset-val: 0 + rv64: + accessible: true + rv32: + accessible: false + marchid: + rv64: + accessible: true + type: + ro_constant: 0x00000003 + rv32: + accessible: false + reset-val: 0x00000003 + # FIXME not supported yet + # mconfigptr: + # rv64: + # accessible: true + # type: + # ro_constant: 0x0 + # rv32: + # accessible: false + # reset-val: 0x0 + mhartid: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x00 + mhpmcounter3: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter4: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter5: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter6: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter7: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter8: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter9: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter10: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter11: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter12: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter13: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter14: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter15: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter16: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter17: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter18: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter19: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter20: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter21: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter22: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter23: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter24: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter25: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter26: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter27: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter28: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter29: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter30: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmcounter31: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + # FIXME NOT SUPPORTED + # instret: + # rv64: + # accessible: true + # type: + # warl: + # dependency_fields: [] + # legal: + # - instret[31:0] in [0x00000000:0xFFFFFFFF] + # wr_illegal: + # - unchanged + # rv32: + # accessible: false + # reset-val: 0 + mcountinhibit: #FIXME Details + rv64: + accessible: true + rv32: + accessible: false + reset-val: 0x0 + mhpmevent3: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent4: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent5: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent6: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent7: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent8: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent9: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent10: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent11: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent12: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent13: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent14: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent15: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent16: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent17: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent18: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent19: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent20: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent21: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent22: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent23: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent24: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent25: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent26: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent27: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent28: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent29: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent30: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mhpmevent31: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0x0 + mimpid: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + mcounteren: #FIXME Check details + rv64: + accessible: true + rv32: + accessible: false + reset-val: 0 + pmpcfg0: + reset-val: 0 + rv32: + accessible: false + rv64: + accessible: true + pmp0cfg: + implemented: true + type: + warl: + dependency_fields: [pmpcfg0::pmp0cfg] + legal: + - "pmp0cfg[7] in [0] -> pmp0cfg[7] in [0x0:0x1] pmp0cfg[6:5] in [0] pmp0cfg[4:3] not in [2] pmp0cfg[2:0] not in [2,6]" + wr_illegal: + - Unchanged + pmp1cfg: + implemented: true + type: + warl: + dependency_fields: [pmpcfg0::pmp1cfg] + legal: + - "pmp1cfg[7] in [0] -> pmp1cfg[7] in [0x0,0x1] pmp1cfg[6:5] in [0] pmp1cfg[4:3] not in [2] pmp1cfg[2:0] not in [2,6]" + wr_illegal: + - Unchanged + pmp2cfg: + implemented: true + type: + warl: + dependency_fields: [pmpcfg0::pmp2cfg] + legal: + - "pmp2cfg[7] in [0] -> pmp2cfg[7] in [0x0,0x1] pmp2cfg[6:5] in [0] pmp2cfg[4:3] not in [2] pmp2cfg[2:0] not in [2,6]" + wr_illegal: + - Unchanged + pmp3cfg: + implemented: true + type: + warl: + dependency_fields: [pmpcfg0::pmp3cfg] + legal: + - "pmp3cfg[7] in [0] -> pmp3cfg[7] in [0x0,0x1] pmp3cfg[6:5] in [0] pmp3cfg[4:3] not in [2] pmp3cfg[2:0] not in [2,6]" + wr_illegal: + - Unchanged + pmp4cfg: + implemented: true + type: + ro_constant: 0 + pmp5cfg: + implemented: true + type: + ro_constant: 0 + pmp6cfg: + implemented: true + type: + ro_constant: 0 + pmp7cfg: + implemented: true + type: + ro_constant: 0 + pmpcfg2: + reset-val: 0 + rv32: + accessible: false + rv64: + accessible: true + pmp8cfg: + implemented: true + type: + ro_constant: 0 + pmp9cfg: + implemented: true + type: + ro_constant: 0 + pmp10cfg: + implemented: true + type: + ro_constant: 0 + pmp11cfg: + implemented: true + type: + ro_constant: 0 + pmp12cfg: + implemented: true + type: + ro_constant: 0 + pmp13cfg: + implemented: true + type: + ro_constant: 0 + pmp14cfg: + implemented: true + type: + ro_constant: 0 + pmp15cfg: + implemented: true + type: + ro_constant: 0 + pmpcfg4: + reset-val: 0 + rv32: + accessible: false + rv64: + accessible: true + pmp16cfg: + implemented: true + type: + ro_constant: 0 + pmp17cfg: + implemented: true + type: + ro_constant: 0 + pmp18cfg: + implemented: true + type: + ro_constant: 0 + pmp19cfg: + implemented: true + type: + ro_constant: 0 + pmp20cfg: + implemented: true + type: + ro_constant: 0 + pmp21cfg: + implemented: true + type: + ro_constant: 0 + pmp22cfg: + implemented: true + type: + ro_constant: 0 + pmp23cfg: + implemented: true + type: + ro_constant: 0 + pmpcfg6: + reset-val: 0 + rv32: + accessible: false + rv64: + accessible: true + pmp24cfg: + implemented: true + type: + ro_constant: 0 + pmp25cfg: + implemented: true + type: + ro_constant: 0 + pmp26cfg: + implemented: true + type: + ro_constant: 0 + pmp27cfg: + implemented: true + type: + ro_constant: 0 + pmp28cfg: + implemented: true + type: + ro_constant: 0 + pmp29cfg: + implemented: true + type: + ro_constant: 0 + pmp30cfg: + implemented: true + type: + ro_constant: 0 + pmp31cfg: + implemented: true + type: + ro_constant: 0 + pmpcfg8: + reset-val: 0 + rv32: + accessible: false + rv64: + accessible: true + pmp32cfg: + implemented: true + type: + ro_constant: 0 + pmp33cfg: + implemented: true + type: + ro_constant: 0 + pmp34cfg: + implemented: true + type: + ro_constant: 0 + pmp35cfg: + implemented: true + type: + ro_constant: 0 + pmp36cfg: + implemented: true + type: + ro_constant: 0 + pmp37cfg: + implemented: true + type: + ro_constant: 0 + pmp38cfg: + implemented: true + type: + ro_constant: 0 + pmp39cfg: + implemented: true + type: + ro_constant: 0 + pmpcfg10: + reset-val: 0 + rv32: + accessible: false + rv64: + accessible: true + pmp40cfg: + implemented: true + type: + ro_constant: 0 + pmp41cfg: + implemented: true + type: + ro_constant: 0 + pmp42cfg: + implemented: true + type: + ro_constant: 0 + pmp43cfg: + implemented: true + type: + ro_constant: 0 + pmp44cfg: + implemented: true + type: + ro_constant: 0 + pmp45cfg: + implemented: true + type: + ro_constant: 0 + pmp46cfg: + implemented: true + type: + ro_constant: 0 + pmp47cfg: + implemented: true + type: + ro_constant: 0 + pmpcfg12: + reset-val: 0 + rv32: + accessible: false + rv64: + accessible: true + pmp48cfg: + implemented: true + type: + ro_constant: 0 + pmp49cfg: + implemented: true + type: + ro_constant: 0 + pmp50cfg: + implemented: true + type: + ro_constant: 0 + pmp51cfg: + implemented: true + type: + ro_constant: 0 + pmp52cfg: + implemented: true + type: + ro_constant: 0 + pmp53cfg: + implemented: true + type: + ro_constant: 0 + pmp54cfg: + implemented: true + type: + ro_constant: 0 + pmp55cfg: + implemented: true + type: + ro_constant: 0 + pmpcfg14: + reset-val: 0 + rv32: + accessible: false + rv64: + accessible: true + pmp56cfg: + implemented: true + type: + ro_constant: 0 + pmp57cfg: + implemented: true + type: + ro_constant: 0 + pmp58cfg: + implemented: true + type: + ro_constant: 0 + pmp59cfg: + implemented: true + type: + ro_constant: 0 + pmp60cfg: + implemented: true + type: + ro_constant: 0 + pmp61cfg: + implemented: true + type: + ro_constant: 0 + pmp62cfg: + implemented: true + type: + ro_constant: 0 + pmp63cfg: + implemented: true + type: + ro_constant: 0 + mcycle: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - mcycle[63:0] in [0x0000000000000000:0xFFFFFFFFFFFFFFFF] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + minstret: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - minstret[63:0] in [0x0000000000000000:0xFFFFFFFFFFFFFFFF] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr0: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - pmpaddr0[63:0] bitmask [0xFFFFFFFFFFFFFFFE, 0x0000000000000000] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr1: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - pmpaddr1[63:0] bitmask [0xFFFFFFFFFFFFFFFE, 0x0000000000000000] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr2: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - pmpaddr2[63:0] bitmask [0xFFFFFFFFFFFFFFFE, 0x0000000000000000] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr3: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - pmpaddr3[63:0] bitmask [0xFFFFFFFFFFFFFFFE, 0x0000000000000000] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr4: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - pmpaddr4[63:0] bitmask [0xFFFFFFFFFFFFFFFE, 0x0000000000000000] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr5: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - pmpaddr5[63:0] bitmask [0xFFFFFFFFFFFFFFFE, 0x0000000000000000] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr6: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - pmpaddr6[63:0] bitmask [0xFFFFFFFFFFFFFFFE, 0x0000000000000000] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr7: + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - pmpaddr7[63:0] bitmask [0xFFFFFFFFFFFFFFFE, 0x0000000000000000] + wr_illegal: + - unchanged + rv32: + accessible: false + reset-val: 0 + pmpaddr8: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr9: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr10: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr11: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr12: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr13: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr14: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr15: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr16: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr17: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr18: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr19: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr20: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr21: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr22: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr23: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr24: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr25: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr26: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr27: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr28: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr29: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr30: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr31: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr32: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr33: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr34: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr35: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr36: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr37: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr38: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr39: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr40: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr41: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr42: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr43: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr44: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr45: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr46: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr47: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr48: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr49: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr50: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr51: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr52: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr53: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr54: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr55: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr56: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr57: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr58: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr59: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr60: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr61: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr62: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + pmpaddr63: + rv64: + accessible: true + type: + ro_constant: 0x0 + rv32: + accessible: false + reset-val: 0 + satp: + rv32: + accessible: false + rv64: + accessible: true + ppn: + type: + warl: + dependency_fields: [] + legal: + - "ppn[43:0] in [0x00000000000:0xFFFFFFFFFFF]" + wr_illegal: + - Unchanged + asid: + type: + warl: + dependency_fields: [] + legal: + - "asid[15:0] in [0x0000:0x00FF]" + wr_illegal: + - Unchanged + mode: + type: + warl: + dependency_fields: [] + legal: + - "mode[3:0] in [0,8]" + wr_illegal: + - Unchanged + reset-val: 0x0000000000000000 + scause: + rv32: + accessible: false + rv64: + accessible: true + exception_code: + implemented: True + interrupt: + implemented: True + reset-val: 0 + senvcfg: + rv32: + accessible: false + rv64: + accessible: true + reset-val: 0 + sepc: + rv32: + accessible: false + rv64: + accessible: true + reset-val: 0 + sie: #FIXME Check if readonly or not + reset-val: 0 + rv64: + accessible: true + ssie: + implemented: true + stie: + implemented: true + seie: + implemented: true + rv32: + accessible: false + sip: #FIXME Check if readonly or not + reset-val: 0 + rv64: + accessible: true + ssip: + implemented: true + stip: + implemented: true + seip: + implemented: true + rv32: + accessible: false + sscratch: + rv64: + accessible: true + rv32: + accessible: false + sstatus: + reset-val: 0x0 + rv64: + accessible: true + uie: + implemented: false + sie: + implemented: true + upie: + implemented: false + spie: + implemented: true + spp: + implemented: true + fs: + implemented: false + xs: + implemented: true + sum: + implemented: true + mxr: + implemented: true + # FIXME not supported yet + #uxl: + # implemented: true + # type: + # warl: + # dependency_fields: [] + # legal: + # - uxl[1:0] in [0x2] + # wr_illegal: + # - unchanged + sd: + implemented: true + rv32: + accessible: false + stval: + rv32: + accessible: false + rv64: + accessible: true + type: + warl: + dependency_fields: [] + legal: + - stval[63:0] in [0x0000000000000000:0xFFFFFFFFFFFFFFFF] + wr_illegal: + - Unchanged + reset-val: 0 + stvec: + reset-val: 0x80010000 + rv64: + accessible: true + base: + implemented: true + type: + warl: + dependency_fields: [] + legal: + # The 62 bits of 'base' are suffixed with 2'b00 + # ==> all values are legal, alignment 4 bytes is implied + - base[61:0] in [0x00000000:0x3FFFFFFFFFFFFFFF] + wr_illegal: + - Unchanged + mode: + implemented: true + type: + warl: + dependency_fields: [] + legal: + # Only Direct mode. + - mode[1:0] in [0x0] + wr_illegal: + - Unchanged + time: + rv64: + accessible: true + type: + ro_variable: true + rv32: + accessible: false + reset-val: 0 diff --git a/config/riscv-config/cv64a60ax/spec/platform_spec.yaml b/config/riscv-config/cv64a60ax/spec/platform_spec.yaml new file mode 100644 index 000000000..23d847bf3 --- /dev/null +++ b/config/riscv-config/cv64a60ax/spec/platform_spec.yaml @@ -0,0 +1,53 @@ +# Copyright 2024 Thales DIS France SAS +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Original Author: Tanuj Khandelwal CEA (copied from riscv-config examples) + +nmi: + label: nmi_vector + # address: 12288 +reset: + label: reset_vector + # address: 16384 +mtime: + implemented: false +mtimecmp: + implemented: false + #mcause_non_standard: + # implemented: true +mtval_condition_writes: + implemented: false +scause_non_standard: + implemented: false +stval_condition_writes: + implemented: false +zicbo_cache_block_sz : + implemented: true + zicbom_sz: 64 + zicboz_sz: 64 + +#memory_map: +# - memory_region: +# name: bootrom +# base_addr: 0x10000 +# size: 0x10000 +# description: System boot ROM +# attributes: +# read_only: true +# cached: false +# - memory_region: +# name: dram +# base_addr: 0x80000000 +# size: 0x40000000 +# description: System (D)RAM diff --git a/core/Flist.cva6 b/core/Flist.cva6 index 966238e3e..17cb6ae98 100644 --- a/core/Flist.cva6 +++ b/core/Flist.cva6 @@ -112,6 +112,7 @@ ${CVA6_REPO_DIR}/core/branch_unit.sv ${CVA6_REPO_DIR}/core/compressed_decoder.sv ${CVA6_REPO_DIR}/core/macro_decoder.sv ${CVA6_REPO_DIR}/core/controller.sv +${CVA6_REPO_DIR}/core/zcmt_decoder.sv ${CVA6_REPO_DIR}/core/csr_buffer.sv ${CVA6_REPO_DIR}/core/csr_regfile.sv ${CVA6_REPO_DIR}/core/decoder.sv @@ -143,6 +144,7 @@ ${CVA6_REPO_DIR}/core/cva6_fifo_v3.sv // What is "frontend"? ${CVA6_REPO_DIR}/core/frontend/btb.sv ${CVA6_REPO_DIR}/core/frontend/bht.sv +${CVA6_REPO_DIR}/core/frontend/bht2lvl.sv ${CVA6_REPO_DIR}/core/frontend/ras.sv ${CVA6_REPO_DIR}/core/frontend/instr_scan.sv ${CVA6_REPO_DIR}/core/frontend/instr_queue.sv diff --git a/core/acc_dispatcher.sv b/core/acc_dispatcher.sv index d00e7eb5f..aa526951e 100644 --- a/core/acc_dispatcher.sv +++ b/core/acc_dispatcher.sv @@ -23,36 +23,12 @@ module acc_dispatcher parameter type exception_t = logic, parameter type fu_data_t = logic, parameter type scoreboard_entry_t = logic, - localparam type accelerator_req_t = struct packed { - logic req_valid; - logic resp_ready; - riscv::instruction_t insn; - logic [CVA6Cfg.XLEN-1:0] rs1; - logic [CVA6Cfg.XLEN-1:0] rs2; - fpnew_pkg::roundmode_e frm; - logic [CVA6Cfg.TRANS_ID_BITS-1:0] trans_id; - logic store_pending; - // Invalidation interface - logic acc_cons_en; - logic inval_ready; - }, - parameter type acc_req_t = accelerator_req_t, - parameter type acc_resp_t = struct packed { - logic req_ready; - logic resp_valid; - logic [CVA6Cfg.XLEN-1:0] result; - logic [CVA6Cfg.TRANS_ID_BITS-1:0] trans_id; - exception_t exception; - // Metadata - logic store_pending; - logic store_complete; - logic load_complete; - logic [4:0] fflags; - logic fflags_valid; - // Invalidation interface - logic inval_valid; - logic [63:0] inval_addr; - }, + parameter type acc_req_t = logic, + parameter type acc_resp_t = logic, + parameter type accelerator_req_t = logic, + parameter type accelerator_resp_t = logic, + parameter type acc_mmu_req_t = logic, + parameter type acc_mmu_resp_t = logic, parameter type acc_cfg_t = logic, parameter acc_cfg_t AccCfg = '0 ) ( @@ -65,10 +41,11 @@ module acc_dispatcher // Interface with the CSRs input priv_lvl_t ld_st_priv_lvl_i, input logic sum_i, - input pmpcfg_t [CVA6Cfg.NrPMPEntries-1:0] pmpcfg_i, - input logic [CVA6Cfg.NrPMPEntries-1:0][CVA6Cfg.PLEN-3:0] pmpaddr_i, + input pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] pmpcfg_i, + input logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] pmpaddr_i, input logic [2:0] fcsr_frm_i, output logic dirty_v_state_o, + input logic acc_mmu_en_i, // Interface with the issue stage input scoreboard_entry_t issue_instr_i, input logic issue_instr_hs_i, @@ -88,6 +65,9 @@ module acc_dispatcher output logic acc_stall_st_pending_o, input logic acc_no_st_pending_i, input dcache_req_i_t [2:0] dcache_req_ports_i, + // Interface with the MMU + output acc_mmu_req_t acc_mmu_req_o, + input acc_mmu_resp_t acc_mmu_resp_i, // Interface with the controller output logic ctrl_halt_o, input logic [11:0] csr_addr_i, @@ -219,7 +199,7 @@ module acc_dispatcher end // An accelerator instruction was issued. - if (acc_req_o.req_valid) insn_ready_d[acc_req_o.trans_id] = 1'b0; + if (acc_req_o.acc_req.req_valid) insn_ready_d[acc_req_o.acc_req.trans_id] = 1'b0; end : p_non_speculative_ff /************************* @@ -231,29 +211,31 @@ module acc_dispatcher logic acc_req_ready; accelerator_req_t acc_req_int; - fall_through_register #( + spill_register #( .T(accelerator_req_t) ) i_accelerator_req_register ( - .clk_i (clk_i), - .rst_ni (rst_ni), - .clr_i (1'b0), - .testmode_i(1'b0), - .data_i (acc_req), - .valid_i (acc_req_valid), - .ready_o (acc_req_ready), - .data_o (acc_req_int), - .valid_o (acc_req_o.req_valid), - .ready_i (acc_resp_i.req_ready) + .clk_i (clk_i), + .rst_ni (rst_ni), + .data_i (acc_req), + .valid_i(acc_req_valid), + .ready_o(acc_req_ready), + .data_o (acc_req_int), + .valid_o(acc_req_o.acc_req.req_valid), + .ready_i(acc_resp_i.acc_resp.req_ready) ); - assign acc_req_o.insn = acc_req_int.insn; - assign acc_req_o.rs1 = acc_req_int.rs1; - assign acc_req_o.rs2 = acc_req_int.rs2; - assign acc_req_o.frm = acc_req_int.frm; - assign acc_req_o.trans_id = acc_req_int.trans_id; - assign acc_req_o.store_pending = !acc_no_st_pending_i && acc_cons_en_i; - assign acc_req_o.acc_cons_en = acc_cons_en_i; - assign acc_req_o.inval_ready = inval_ready_i; + assign acc_req_o.acc_req.insn = acc_req_int.insn; + assign acc_req_o.acc_req.rs1 = acc_req_int.rs1; + assign acc_req_o.acc_req.rs2 = acc_req_int.rs2; + assign acc_req_o.acc_req.frm = acc_req_int.frm; + assign acc_req_o.acc_req.trans_id = acc_req_int.trans_id; + assign acc_req_o.acc_req.store_pending = !acc_no_st_pending_i && acc_cons_en_i; + assign acc_req_o.acc_req.acc_cons_en = acc_cons_en_i; + assign acc_req_o.acc_req.inval_ready = inval_ready_i; + + // MMU interface + assign acc_req_o.acc_mmu_resp = acc_mmu_resp_i; + assign acc_req_o.acc_mmu_en = acc_mmu_en_i; always_comb begin : accelerator_req_dispatcher // Do not fetch from the instruction queue @@ -263,7 +245,7 @@ module acc_dispatcher acc_req = '0; acc_req_valid = 1'b0; - // Unpack fu_data_t into accelerator_req_t + // Unpack fu_data_t into acc_req_t if (!acc_insn_queue_empty) begin acc_req = '{ // Instruction is forwarded from the decoder as an immediate @@ -297,23 +279,27 @@ module acc_dispatcher logic acc_ld_disp; logic acc_st_disp; - assign acc_trans_id_o = acc_resp_i.trans_id; - assign acc_result_o = acc_resp_i.result; - assign acc_valid_o = acc_resp_i.resp_valid; - assign acc_exception_o = acc_resp_i.exception; + assign acc_trans_id_o = acc_resp_i.acc_resp.trans_id; + assign acc_result_o = acc_resp_i.acc_resp.result; + assign acc_valid_o = acc_resp_i.acc_resp.resp_valid; + assign acc_exception_o = acc_resp_i.acc_resp.exception; // Unpack the accelerator response - assign acc_fflags_valid_o = acc_resp_i.fflags_valid; - assign acc_fflags_o = acc_resp_i.fflags; + assign acc_fflags_valid_o = acc_resp_i.acc_resp.fflags_valid; + assign acc_fflags_o = acc_resp_i.acc_resp.fflags; + + // MMU interface + assign acc_mmu_req_o = acc_resp_i.acc_mmu_req; + // Always ready to receive responses - assign acc_req_o.resp_ready = 1'b1; + assign acc_req_o.acc_req.resp_ready = 1'b1; // Signal dispatched load/store to issue stage - assign acc_ld_disp = acc_req_valid && (acc_insn_queue_o.operation == ACCEL_OP_LOAD); - assign acc_st_disp = acc_req_valid && (acc_insn_queue_o.operation == ACCEL_OP_STORE); + assign acc_ld_disp = acc_req_valid && (acc_insn_queue_o.operation == ACCEL_OP_LOAD); + assign acc_st_disp = acc_req_valid && (acc_insn_queue_o.operation == ACCEL_OP_STORE); // Cache invalidation - assign inval_valid_o = acc_resp_i.inval_valid; - assign inval_addr_o = acc_resp_i.inval_addr; + assign inval_valid_o = acc_resp_i.acc_resp.inval_valid; + assign inval_addr_o = acc_resp_i.acc_resp.inval_addr; /************************** * Accelerator commit * @@ -351,8 +337,8 @@ module acc_dispatcher `FF(wait_acc_store_q, wait_acc_store_d, '0) // Set on store barrier. Clear when no store is pending. - assign wait_acc_store_d = (wait_acc_store_q | commit_st_barrier_i) & acc_resp_i.store_pending; - assign ctrl_halt_o = wait_acc_store_q; + assign wait_acc_store_d = (wait_acc_store_q | commit_st_barrier_i) & acc_resp_i.acc_resp.store_pending; + assign ctrl_halt_o = wait_acc_store_q; /************************** * Load/Store tracking * @@ -390,9 +376,9 @@ module acc_dispatcher .clk_i (clk_i), .rst_ni (rst_ni), .clear_i (1'b0), - .en_i (acc_ld_disp ^ acc_resp_i.load_complete), + .en_i (acc_ld_disp ^ acc_resp_i.acc_resp.load_complete), .load_i (1'b0), - .down_i (acc_resp_i.load_complete), + .down_i (acc_resp_i.acc_resp.load_complete), .d_i ('0), .q_o (acc_disp_loads_pending), .overflow_o(acc_disp_loads_overflow) @@ -435,9 +421,9 @@ module acc_dispatcher .clk_i (clk_i), .rst_ni (rst_ni), .clear_i (1'b0), - .en_i (acc_st_disp ^ acc_resp_i.store_complete), + .en_i (acc_st_disp ^ acc_resp_i.acc_resp.store_complete), .load_i (1'b0), - .down_i (acc_resp_i.store_complete), + .down_i (acc_resp_i.acc_resp.store_complete), .d_i ('0), .q_o (acc_disp_stores_pending), .overflow_o(acc_disp_stores_overflow) diff --git a/core/branch_unit.sv b/core/branch_unit.sv index 068883663..097416756 100644 --- a/core/branch_unit.sv +++ b/core/branch_unit.sv @@ -31,6 +31,8 @@ module branch_unit #( input fu_data_t fu_data_i, // Instruction PC - ISSUE_STAGE input logic [CVA6Cfg.VLEN-1:0] pc_i, + // Is zcmt instruction - ISSUE_STAGE + input logic is_zcmt_i, // Instruction is compressed - ISSUE_STAGE input logic is_compressed_instr_i, // Branch unit instruction is valid - ISSUE_STAGE @@ -58,7 +60,6 @@ module branch_unit #( // TODO(zarubaf): The ALU can be used to calculate the branch target jump_base = (fu_data_i.operation == ariane_pkg::JALR) ? fu_data_i.operand_a[CVA6Cfg.VLEN-1:0] : pc_i; - target_address = {CVA6Cfg.VLEN{1'b0}}; resolve_branch_o = 1'b0; resolved_branch_o.target_address = {CVA6Cfg.VLEN{1'b0}}; resolved_branch_o.is_taken = 1'b0; @@ -75,13 +76,21 @@ module branch_unit #( // we need to put the branch target address into rd, this is the result of this unit branch_result_o = next_pc; resolved_branch_o.pc = pc_i; - // There are only two sources of mispredicts: + // There are only three sources of mispredicts: // 1. Branches // 2. Jumps to register addresses + // 3. Zcmt instructions if (branch_valid_i) begin - // write target address which goes to PC Gen + // write target address which goes to PC Gen or select target address if zcmt resolved_branch_o.target_address = (branch_comp_res_i) ? target_address : next_pc; resolved_branch_o.is_taken = branch_comp_res_i; + if (CVA6Cfg.RVZCMT) begin + if (is_zcmt_i) begin + // Unconditional jump handling + resolved_branch_o.is_mispredict = 1'b1; // miss prediction for ZCMT + resolved_branch_o.cf_type = ariane_pkg::JumpR; + end + end // check the outcome of the branch speculation if (ariane_pkg::op_is_branch(fu_data_i.operation)) begin // Set the `cf_type` of the output as `branch`, this will update the BHT. diff --git a/core/cache_subsystem/cva6_icache.sv b/core/cache_subsystem/cva6_icache.sv index d97fed369..be7becb0a 100644 --- a/core/cache_subsystem/cva6_icache.sv +++ b/core/cache_subsystem/cva6_icache.sv @@ -424,9 +424,9 @@ module cva6_icache logic [CVA6Cfg.ICACHE_SET_ASSOC_WIDTH-1:0] hit_idx; for (genvar i = 0; i < CVA6Cfg.ICACHE_SET_ASSOC; i++) begin : gen_tag_cmpsel - assign cl_hit[i] = (cl_tag_rdata[i] == cl_tag_d) & vld_rdata[i]; - assign cl_sel[i] = cl_rdata[i][{cl_offset_q, 3'b0}+:CVA6Cfg.FETCH_WIDTH]; - assign cl_user[i] = cl_ruser[i][{cl_offset_q, 3'b0}+:CVA6Cfg.FETCH_USER_WIDTH]; + assign cl_hit[i] = (cl_tag_rdata[i] == cl_tag_d) & vld_rdata[i]; + assign cl_sel[i] = cl_rdata[i][{cl_offset_q, 3'b0}+:CVA6Cfg.FETCH_WIDTH]; + assign cl_user[i] = CVA6Cfg.FETCH_USER_EN ? cl_ruser[i][{cl_offset_q, 3'b0}+:CVA6Cfg.FETCH_USER_WIDTH] : '0; end @@ -441,10 +441,10 @@ module cva6_icache always_comb begin if (cmp_en_q) begin dreq_o.data = cl_sel[hit_idx]; - dreq_o.user = cl_user[hit_idx]; + dreq_o.user = CVA6Cfg.FETCH_USER_EN ? cl_user[hit_idx] : '0; end else begin dreq_o.data = mem_rtrn_i.data[{cl_offset_q, 3'b0}+:CVA6Cfg.FETCH_WIDTH]; - dreq_o.user = mem_rtrn_i.user[{cl_offset_q, 3'b0}+:CVA6Cfg.FETCH_USER_WIDTH]; + dreq_o.user = CVA6Cfg.FETCH_USER_EN ? mem_rtrn_i.user[{cl_offset_q, 3'b0}+:CVA6Cfg.FETCH_USER_WIDTH] : '0; end end diff --git a/core/cache_subsystem/wt_dcache.sv b/core/cache_subsystem/wt_dcache.sv index a829fc48b..5b49d957f 100644 --- a/core/cache_subsystem/wt_dcache.sv +++ b/core/cache_subsystem/wt_dcache.sv @@ -188,10 +188,10 @@ module wt_dcache // read controllers (LD unit and PTW/MMU) /////////////////////////////////////////////////////// - // 0 is used by MMU, 1 by READ access requests + // 0 is used by MMU or implicit read by zcmt, 1 by READ access requests for (genvar k = 0; k < NumPorts - 1; k++) begin : gen_rd_ports // set these to high prio ports - if ((k == 0 && CVA6Cfg.MmuPresent) || (k == 1) || (k == 2 && CVA6Cfg.EnableAccelerator)) begin + if ((k == 0 && (CVA6Cfg.MmuPresent || CVA6Cfg.RVZCMT )) || (k == 1) || (k == 2 && CVA6Cfg.EnableAccelerator)) begin assign rd_prio[k] = 1'b1; wt_dcache_ctrl #( .CVA6Cfg(CVA6Cfg), diff --git a/core/cache_subsystem/wt_l15_adapter.sv b/core/cache_subsystem/wt_l15_adapter.sv index cd1ca2296..6e6ddae4f 100644 --- a/core/cache_subsystem/wt_l15_adapter.sv +++ b/core/cache_subsystem/wt_l15_adapter.sv @@ -303,8 +303,12 @@ module wt_l15_adapter always_comb begin : p_rtrn_logic icache_rtrn_o.rtype = ICACHE_IFILL_ACK; dcache_rtrn_o.rtype = DCACHE_LOAD_ACK; - icache_rtrn_vld_o = 1'b0; - dcache_rtrn_vld_o = 1'b0; + icache_rtrn_vld_o = 1'b0; + dcache_rtrn_vld_o = 1'b0; + icache_rtrn_o.inv.vld = rtrn_fifo_data.l15_inval_icache_inval; + icache_rtrn_o.inv.all = rtrn_fifo_data.l15_inval_icache_all_way; + dcache_rtrn_o.inv.vld = rtrn_fifo_data.l15_inval_dcache_inval; + dcache_rtrn_o.inv.all = rtrn_fifo_data.l15_inval_dcache_all_way; if (!rtrn_fifo_empty) begin unique case (rtrn_fifo_data.l15_returntype) L15_LOAD_RET: begin @@ -370,13 +374,9 @@ module wt_l15_adapter // invalidation signal mapping assign icache_rtrn_o.inv.idx = {rtrn_fifo_data.l15_inval_address_15_4, 4'b0000}; assign icache_rtrn_o.inv.way = rtrn_fifo_data.l15_inval_way; - assign icache_rtrn_o.inv.vld = rtrn_fifo_data.l15_inval_icache_inval; - assign icache_rtrn_o.inv.all = rtrn_fifo_data.l15_inval_icache_all_way; assign dcache_rtrn_o.inv.idx = {rtrn_fifo_data.l15_inval_address_15_4, 4'b0000}; assign dcache_rtrn_o.inv.way = rtrn_fifo_data.l15_inval_way; - assign dcache_rtrn_o.inv.vld = rtrn_fifo_data.l15_inval_dcache_inval; - assign dcache_rtrn_o.inv.all = rtrn_fifo_data.l15_inval_dcache_all_way; fifo_v2 #( .dtype(l15_rtrn_t), diff --git a/core/commit_stage.sv b/core/commit_stage.sv index 8984b7d62..d41c6b5a3 100644 --- a/core/commit_stage.sv +++ b/core/commit_stage.sv @@ -115,9 +115,8 @@ module commit_stage for (int i = 0; i < CVA6Cfg.NrCommitPorts; i++) begin dirty_fp_state_o |= commit_ack_o[i] & (commit_instr_i[i].fu inside {FPU, FPU_VEC} || (CVA6Cfg.FpPresent && ariane_pkg::is_rd_fpr( commit_instr_i[i].op - ))); - // Check if we issued a vector floating-point instruction to the accellerator - dirty_fp_state_o |= commit_instr_i[i].fu == ACCEL && commit_instr_i[i].vfp; + // Check if we issued a vector floating-point instruction to the accellerator + ))) | commit_instr_i[i].fu == ACCEL && commit_instr_i[i].vfp; end end @@ -302,10 +301,10 @@ module commit_stage end if (CVA6Cfg.NrCommitPorts > 1) begin - - commit_ack_o[1] = 1'b0; - we_gpr_o[1] = 1'b0; - wdata_o[1] = commit_instr_i[1].result; + commit_macro_ack[1] = 1'b0; + commit_ack_o[1] = 1'b0; + we_gpr_o[1] = 1'b0; + wdata_o[1] = commit_instr_i[1].result; // ----------------- // Commit Port 2 @@ -351,10 +350,9 @@ module commit_stage end end if (CVA6Cfg.RVZCMP) begin - if (CVA6Cfg.NrCommitPorts > 1) - commit_macro_ack_o = (commit_instr_i[0].is_macro_instr || commit_instr_i[1].is_macro_instr) ? commit_macro_ack : commit_ack_o; - else - commit_macro_ack_o = (commit_instr_i[0].is_macro_instr) ? commit_macro_ack : commit_ack_o; + for (int i = 0; i < CVA6Cfg.NrCommitPorts; i++) begin + commit_macro_ack_o[i] = commit_instr_i[i].is_macro_instr ? commit_macro_ack[i] : commit_ack_o[i]; + end end else commit_macro_ack_o = commit_ack_o; end diff --git a/core/compressed_decoder.sv b/core/compressed_decoder.sv index 1f09fd1f2..26c0289a1 100644 --- a/core/compressed_decoder.sv +++ b/core/compressed_decoder.sv @@ -31,7 +31,9 @@ module compressed_decoder #( // Output instruction is macro - decoder output logic is_macro_instr_o, // Output instruction is compressed - decoder - output logic is_compressed_o + output logic is_compressed_o, + // Output instruction is macro - decoder + output logic is_zcmt_instr_o ); // ------------------- @@ -42,6 +44,7 @@ module compressed_decoder #( is_compressed_o = 1'b1; instr_o = instr_i; is_macro_instr_o = 0; + is_zcmt_instr_o = 1'b0; // I: | imm[11:0] | rs1 | funct3 | rd | opcode | // S: | imm[11:5] | rs2 | rs1 | funct3 | imm[4:0] | opcode | @@ -867,18 +870,13 @@ module compressed_decoder #( 3'b000, riscv::OpcodeStoreFp }; - end else if (CVA6Cfg.RVZCMP) begin - if (instr_i[12:10] == 3'b110 || instr_i[12:10] == 3'b111 || instr_i[12:10] == 3'b011) begin //is a push/pop instruction - is_macro_instr_o = 1; - instr_o = instr_i; - end else begin - illegal_instr_o = 1'b1; - end - end else begin - illegal_instr_o = 1'b1; - end + end else if (CVA6Cfg.RVZCMP && (instr_i[12:10] == 3'b110 || instr_i[12:10] == 3'b111 || instr_i[12:10] == 3'b011)) begin + is_macro_instr_o = 1; + instr_o = instr_i; + end else if (CVA6Cfg.RVZCMT && (instr_i[12:10] == 3'b000)) //jt/jalt instruction + is_zcmt_instr_o = 1'b1; + else illegal_instr_o = 1'b1; end - riscv::OpcodeC2Swsp: begin // c.swsp -> sw rs2, imm(x2) instr_o = { diff --git a/core/csr_regfile.sv b/core/csr_regfile.sv index d6e965f2f..7bbf52904 100644 --- a/core/csr_regfile.sv +++ b/core/csr_regfile.sv @@ -18,6 +18,7 @@ module csr_regfile #( parameter config_pkg::cva6_cfg_t CVA6Cfg = config_pkg::cva6_cfg_empty, parameter type exception_t = logic, + parameter type jvt_t = logic, parameter type irq_ctrl_t = logic, parameter type scoreboard_entry_t = logic, parameter type rvfi_probes_csr_t = logic, @@ -161,13 +162,15 @@ module csr_regfile // TO_BE_COMPLETED - PERF_COUNTERS output logic perf_we_o, // PMP configuration containing pmpcfg for max 64 PMPs - ACC_DISPATCHER - output riscv::pmpcfg_t [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0] pmpcfg_o, + output riscv::pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] pmpcfg_o, // PMP addresses - ACC_DISPATCHER - output logic [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0][CVA6Cfg.PLEN-3:0] pmpaddr_o, + output logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] pmpaddr_o, // TO_BE_COMPLETED - PERF_COUNTERS output logic [31:0] mcountinhibit_o, // RVFI - output rvfi_probes_csr_t rvfi_csr_o + output rvfi_probes_csr_t rvfi_csr_o, + //jvt output + output jvt_t jvt_o ); localparam logic [63:0] SMODE_STATUS_READ_MASK = ariane_pkg::smode_status_read_mask(CVA6Cfg); @@ -295,6 +298,7 @@ module csr_regfile assign pmpaddr_o = pmpaddr_q[(CVA6Cfg.NrPMPEntries>0?CVA6Cfg.NrPMPEntries-1 : 0):0]; riscv::fcsr_t fcsr_q, fcsr_d; + jvt_t jvt_q, jvt_d; // ---------------- // Assignments // ---------------- @@ -350,6 +354,13 @@ module csr_regfile read_access_exception = 1'b1; end end + riscv::CSR_JVT: begin + if (CVA6Cfg.RVZCMT) begin + csr_rdata = {jvt_q.base, jvt_q.mode}; + end else begin + read_access_exception = 1'b1; + end + end // non-standard extension riscv::CSR_FTRAN: begin if (CVA6Cfg.FpPresent && !(mstatus_q.fs == riscv::Off || (CVA6Cfg.RVH && v_q && vsstatus_q.fs == riscv::Off))) begin @@ -773,11 +784,13 @@ module csr_regfile riscv::CSR_PMPCFG14, riscv::CSR_PMPCFG15: begin // index is calculated using PMPCFG0 as the offset - automatic logic [11:0] index = csr_addr.address[11:0] - riscv::CSR_PMPCFG0; + automatic logic [3:0] index = csr_addr.address[11:0] - riscv::CSR_PMPCFG0; // if index is not even and XLEN==64, raise exception if (CVA6Cfg.XLEN == 64 && index[0] == 1'b1) read_access_exception = 1'b1; else begin + // The following line has no effect. It's here just to prevent the synthesizer from crashing + if (CVA6Cfg.XLEN == 64) index = (index >> 1) << 1; csr_rdata = pmpcfg_q[index*4+:CVA6Cfg.XLEN/8]; end end @@ -886,7 +899,7 @@ module csr_regfile // -------------------- cycle_d = cycle_q; instret_d = instret_q; - if (!debug_mode_q) begin + if (!(CVA6Cfg.DebugEn && debug_mode_q)) begin // increase instruction retired counter for (int i = 0; i < CVA6Cfg.NrCommitPorts; i++) begin if (commit_ack_i[i] && !ex_i.valid && (!CVA6Cfg.PerfCounterEn || (CVA6Cfg.PerfCounterEn && !mcountinhibit_q[2]))) @@ -908,12 +921,14 @@ module csr_regfile perf_we_o = 1'b0; perf_data_o = 'b0; + if (CVA6Cfg.RVZCMT) begin + jvt_d = jvt_q; + end + fcsr_d = fcsr_q; - fcsr_d = fcsr_q; - - priv_lvl_d = priv_lvl_q; - v_d = v_q; - debug_mode_d = debug_mode_q; + priv_lvl_d = priv_lvl_q; + v_d = v_q; + debug_mode_d = debug_mode_q; if (CVA6Cfg.DebugEn) begin dcsr_d = dcsr_q; @@ -949,7 +964,7 @@ module csr_regfile mcause_d = mcause_q; mcounteren_d = mcounteren_q; mscratch_d = mscratch_q; - mtval_d = mtval_q; + if (CVA6Cfg.TvalEn) mtval_d = mtval_q; if (CVA6Cfg.RVH) begin mtinst_d = mtinst_q; mtval2_d = mtval2_q; @@ -1060,6 +1075,14 @@ module csr_regfile riscv::CSR_DSCRATCH1: if (CVA6Cfg.DebugEn) dscratch1_d = csr_wdata; else update_access_exception = 1'b1; + riscv::CSR_JVT: begin + if (CVA6Cfg.RVZCMT) begin + jvt_d.base = csr_wdata[CVA6Cfg.XLEN-1:6]; + jvt_d.mode = 6'b000000; + end else begin + update_access_exception = 1'b1; + end + end // trigger module CSRs riscv::CSR_TSELECT: update_access_exception = 1'b1; // not implemented riscv::CSR_TDATA1: update_access_exception = 1'b1; // not implemented @@ -1435,9 +1458,14 @@ module csr_regfile | CVA6Cfg.XLEN'(riscv::MIP_MTIP) | CVA6Cfg.XLEN'(riscv::MIP_MEIP); end else begin - mask = CVA6Cfg.XLEN'(riscv::MIP_MSIP) - | CVA6Cfg.XLEN'(riscv::MIP_MTIP) - | CVA6Cfg.XLEN'(riscv::MIP_MEIP); + if (CVA6Cfg.SoftwareInterruptEn) begin + mask = CVA6Cfg.XLEN'(riscv::MIP_MSIP) // same shift as MSIE + | CVA6Cfg.XLEN'(riscv::MIP_MTIP) // same shift as MTIE + | CVA6Cfg.XLEN'(riscv::MIP_MEIP); // same shift as MEIE + end else begin + mask = CVA6Cfg.XLEN'(riscv::MIP_MTIP) // same shift as MTIE + | CVA6Cfg.XLEN'(riscv::MIP_MEIP); // same shift as MEIE + end end end mie_d = (mie_q & ~mask) | (csr_wdata & mask); // we only support supervisor and M-mode interrupts @@ -1715,9 +1743,10 @@ module csr_regfile default: update_access_exception = 1'b1; endcase end - - mstatus_d.sxl = riscv::XLEN_64; - mstatus_d.uxl = riscv::XLEN_64; + if (CVA6Cfg.IS_XLEN64) begin + mstatus_d.sxl = riscv::XLEN_64; + mstatus_d.uxl = riscv::XLEN_64; + end if (!CVA6Cfg.RVU) begin mstatus_d.mpp = riscv::PRIV_LVL_M; end @@ -1771,7 +1800,7 @@ module csr_regfile // Machine Mode External Interrupt Pending mip_d[riscv::IRQ_M_EXT] = irq_i[0]; // Machine software interrupt - mip_d[riscv::IRQ_M_SOFT] = ipi_i; + mip_d[riscv::IRQ_M_SOFT] = CVA6Cfg.SoftwareInterruptEn && ipi_i; // Timer interrupt pending, coming from platform timer mip_d[riscv::IRQ_M_TIMER] = time_irq_i; @@ -1931,14 +1960,14 @@ module csr_regfile // 3: The debugger requested entry to Debug Mode. (priority 2) // 4: The hart single stepped because step was set. (priority 1) // we are currently not in debug mode and could potentially enter - if (!debug_mode_q) begin + if (CVA6Cfg.DebugEn && !debug_mode_q) begin dcsr_d.prv = priv_lvl_o; // save virtualization mode bit dcsr_d.v = (!CVA6Cfg.RVH) ? 1'b0 : v_q; // trigger module fired // caused by a breakpoint - if (CVA6Cfg.DebugEn && ex_i.valid && ex_i.cause == riscv::BREAKPOINT) begin + if (ex_i.valid && ex_i.cause == riscv::BREAKPOINT) begin dcsr_d.prv = priv_lvl_o; // save virtualization mode bit dcsr_d.v = (!CVA6Cfg.RVH) ? 1'b0 : v_q; @@ -1968,7 +1997,7 @@ module csr_regfile end // we've got a debug request - if (CVA6Cfg.DebugEn && ex_i.valid && ex_i.cause == riscv::DEBUG_REQUEST) begin + if (ex_i.valid && ex_i.cause == riscv::DEBUG_REQUEST) begin dcsr_d.prv = priv_lvl_o; dcsr_d.v = (!CVA6Cfg.RVH) ? 1'b0 : v_q; // save the PC @@ -1982,7 +2011,7 @@ module csr_regfile end // single step enable and we just retired an instruction - if (CVA6Cfg.DebugEn && dcsr_q.step && commit_ack_i[0]) begin + if (dcsr_q.step && commit_ack_i[0]) begin dcsr_d.prv = priv_lvl_o; dcsr_d.v = (!CVA6Cfg.RVH) ? 1'b0 : v_q; // valid CTRL flow change @@ -2419,7 +2448,7 @@ module csr_regfile unique case (conv_csr_addr.address) riscv::CSR_MIP: - csr_rdata_o = csr_rdata | ({{CVA6Cfg.XLEN - 1{1'b0}}, irq_i[1]} << riscv::IRQ_S_EXT); + csr_rdata_o = csr_rdata | ({{CVA6Cfg.XLEN - 1{1'b0}}, CVA6Cfg.RVS && irq_i[1]} << riscv::IRQ_S_EXT); // in supervisor mode we also need to check whether we delegated this bit riscv::CSR_SIP: begin if (CVA6Cfg.RVS) begin @@ -2438,8 +2467,16 @@ module csr_regfile assign fflags_o = fcsr_q.fflags; assign frm_o = fcsr_q.frm; assign fprec_o = fcsr_q.fprec; + //JVT outputs + if (CVA6Cfg.RVZCMT) begin + assign jvt_o.base = jvt_q.base; + assign jvt_o.mode = jvt_q.mode; + end else begin + assign jvt_o.base = '0; + assign jvt_o.mode = '0; + end // MMU outputs - assign satp_ppn_o = CVA6Cfg.RVS ? satp_q.ppn : '0; + assign satp_ppn_o = CVA6Cfg.RVS ? satp_q.ppn : '0; assign vsatp_ppn_o = CVA6Cfg.RVH ? vsatp_q.ppn : '0; assign hgatp_ppn_o = CVA6Cfg.RVH ? hgatp_q.ppn : '0; if (CVA6Cfg.RVS) begin @@ -2501,18 +2538,19 @@ module csr_regfile // sequential process always_ff @(posedge clk_i or negedge rst_ni) begin if (~rst_ni) begin - priv_lvl_q <= riscv::PRIV_LVL_M; + priv_lvl_q <= riscv::PRIV_LVL_M; // floating-point registers - fcsr_q <= '0; + fcsr_q <= '0; + if (CVA6Cfg.RVZCMT) begin + jvt_q <= '0; + end // debug signals - debug_mode_q <= 1'b0; if (CVA6Cfg.DebugEn) begin - dcsr_q <= '0; - dcsr_q.prv <= riscv::PRIV_LVL_M; - dcsr_q.xdebugver <= 4'h4; - dpc_q <= '0; - dscratch0_q <= {CVA6Cfg.XLEN{1'b0}}; - dscratch1_q <= {CVA6Cfg.XLEN{1'b0}}; + debug_mode_q <= 1'b0; + dcsr_q <= '{xdebugver: 4'h4, prv: riscv::PRIV_LVL_M, default: '0}; + dpc_q <= '0; + dscratch0_q <= {CVA6Cfg.XLEN{1'b0}}; + dscratch1_q <= {CVA6Cfg.XLEN{1'b0}}; end // machine mode registers mstatus_q <= 64'b0; @@ -2525,12 +2563,12 @@ module csr_regfile mcause_q <= {CVA6Cfg.XLEN{1'b0}}; mcounteren_q <= {CVA6Cfg.XLEN{1'b0}}; mscratch_q <= {CVA6Cfg.XLEN{1'b0}}; - mtval_q <= {CVA6Cfg.XLEN{1'b0}}; - fiom_q <= '0; - dcache_q <= {{CVA6Cfg.XLEN - 1{1'b0}}, 1'b1}; - icache_q <= {{CVA6Cfg.XLEN - 1{1'b0}}, 1'b1}; - mcountinhibit_q <= '0; - acc_cons_q <= {{CVA6Cfg.XLEN - 1{1'b0}}, CVA6Cfg.EnableAccelerator}; + if (CVA6Cfg.TvalEn) mtval_q <= {CVA6Cfg.XLEN{1'b0}}; + fiom_q <= '0; + dcache_q <= {{CVA6Cfg.XLEN - 1{1'b0}}, 1'b1}; + icache_q <= {{CVA6Cfg.XLEN - 1{1'b0}}, 1'b1}; + mcountinhibit_q <= '0; + acc_cons_q <= {{CVA6Cfg.XLEN - 1{1'b0}}, CVA6Cfg.EnableAccelerator}; // supervisor mode registers if (CVA6Cfg.RVS) begin medeleg_q <= {CVA6Cfg.XLEN{1'b0}}; @@ -2587,6 +2625,9 @@ module csr_regfile priv_lvl_q <= priv_lvl_d; // floating-point registers fcsr_q <= fcsr_d; + if (CVA6Cfg.RVZCMT) begin + jvt_q <= jvt_d; + end // debug signals if (CVA6Cfg.DebugEn) begin debug_mode_q <= debug_mode_d; @@ -2708,6 +2749,7 @@ module csr_regfile // RVFI //------------- assign rvfi_csr_o.fcsr_q = CVA6Cfg.FpPresent ? fcsr_q : '0; + assign rvfi_csr_o.jvt_q = CVA6Cfg.RVZCMT ? jvt_q : '0; assign rvfi_csr_o.dcsr_q = CVA6Cfg.DebugEn ? dcsr_q : '0; assign rvfi_csr_o.dpc_q = CVA6Cfg.DebugEn ? dpc_q : '0; assign rvfi_csr_o.dscratch0_q = CVA6Cfg.DebugEn ? dscratch0_q : '0; @@ -2729,7 +2771,7 @@ module csr_regfile assign rvfi_csr_o.mscratch_q = mscratch_q; assign rvfi_csr_o.mepc_q = mepc_q; assign rvfi_csr_o.mcause_q = mcause_q; - assign rvfi_csr_o.mtval_q = mtval_q; + assign rvfi_csr_o.mtval_q = CVA6Cfg.TvalEn ? mtval_q : '0; assign rvfi_csr_o.fiom_q = fiom_q; assign rvfi_csr_o.mcountinhibit_q = mcountinhibit_q; assign rvfi_csr_o.cycle_q = cycle_q; diff --git a/core/cva6.sv b/core/cva6.sv index d395b4f5c..eccac870c 100644 --- a/core/cva6.sv +++ b/core/cva6.sv @@ -39,7 +39,7 @@ module cva6 logic [CVA6Cfg.VLEN-1:0] predict_address; // target address at which to jump, or not }, - localparam type exception_t = struct packed { + parameter type exception_t = struct packed { logic [CVA6Cfg.XLEN-1:0] cause; // cause of exception logic [CVA6Cfg.XLEN-1:0] tval; // additional information of causing exception (e.g.: instruction causing it), // address of LD/ST fault @@ -86,6 +86,11 @@ module cva6 branchpredict_sbe_t branch_predict; // this field contains branch prediction information regarding the forward branch path exception_t ex; // this field contains exceptions which might have happened earlier, e.g.: fetch exceptions }, + //JVT struct{base,mode} + localparam type jvt_t = struct packed { + logic [CVA6Cfg.XLEN-7:0] base; + logic [5:0] mode; + }, // ID/EX/WB Stage localparam type scoreboard_entry_t = struct packed { @@ -113,6 +118,7 @@ module cva6 logic is_last_macro_instr; // is last decoded 32bit instruction of macro definition logic is_double_rd_macro_instr; // is double move decoded 32bit instruction of macro definition logic vfp; // is this a vector floating-point instruction? + logic is_zcmt; //is a zcmt instruction }, localparam type writeback_t = struct packed { logic valid; // wb data is valid @@ -211,6 +217,14 @@ module cva6 logic [CVA6Cfg.DCACHE_USER_WIDTH-1:0] data_ruser; }, + // Accelerator - CVA6 + parameter type accelerator_req_t = logic, + parameter type accelerator_resp_t = logic, + + // Accelerator - CVA6's MMU + parameter type acc_mmu_req_t = logic, + parameter type acc_mmu_resp_t = logic, + // AXI types parameter type axi_ar_chan_t = struct packed { logic [CVA6Cfg.AxiIdWidth-1:0] id; @@ -412,9 +426,12 @@ module cva6 // -------------- logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.VLEN-1:0] rs1_forwarding_id_ex; // unregistered version of fu_data_o.operanda logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.VLEN-1:0] rs2_forwarding_id_ex; // unregistered version of fu_data_o.operandb + logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rvfi_rs1; + logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rvfi_rs2; fu_data_t [CVA6Cfg.NrIssuePorts-1:0] fu_data_id_ex; logic [CVA6Cfg.VLEN-1:0] pc_id_ex; + logic zcmt_id_ex; logic is_compressed_instr_id_ex; logic [CVA6Cfg.NrIssuePorts-1:0][31:0] tinst_ex; // fixed latency units @@ -500,6 +517,11 @@ module cva6 // ACCEL Commit logic acc_valid_acc_ex; // -------------- + // EX <-> ACC_DISP + // -------------- + acc_mmu_req_t acc_mmu_req; + acc_mmu_resp_t acc_mmu_resp; + // -------------- // ID <-> COMMIT // -------------- scoreboard_entry_t [CVA6Cfg.NrCommitPorts-1:0] commit_instr_id_commit; @@ -560,9 +582,11 @@ module cva6 logic acc_cons_en_csr; logic debug_mode; logic single_step_csr_commit; - riscv::pmpcfg_t [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0] pmpcfg; - logic [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0][CVA6Cfg.PLEN-3:0] pmpaddr; + riscv::pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] pmpcfg; + logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] pmpaddr; logic [31:0] mcountinhibit_csr_perf; + //jvt + jvt_t jvt; // ---------------------------- // Performance Counters <-> * // ---------------------------- @@ -617,6 +641,8 @@ module cva6 // ---------------- dcache_req_i_t [2:0] dcache_req_ports_ex_cache; dcache_req_o_t [2:0] dcache_req_ports_cache_ex; + dcache_req_i_t dcache_req_ports_id_cache; + dcache_req_o_t dcache_req_ports_cache_id; dcache_req_i_t [1:0] dcache_req_ports_acc_cache; dcache_req_o_t [1:0] dcache_req_ports_cache_acc; logic dcache_commit_wbuffer_empty; @@ -671,8 +697,11 @@ module cva6 id_stage #( .CVA6Cfg(CVA6Cfg), .branchpredict_sbe_t(branchpredict_sbe_t), + .dcache_req_i_t(dcache_req_i_t), + .dcache_req_o_t(dcache_req_o_t), .exception_t(exception_t), .fetch_entry_t(fetch_entry_t), + .jvt_t(jvt_t), .irq_ctrl_t(irq_ctrl_t), .scoreboard_entry_t(scoreboard_entry_t), .interrupts_t(interrupts_t), @@ -716,7 +745,11 @@ module cva6 .compressed_ready_i(x_compressed_ready), .compressed_resp_i (x_compressed_resp), .compressed_valid_o(x_compressed_valid), - .compressed_req_o (x_compressed_req) + .compressed_req_o (x_compressed_req), + .jvt_i (jvt), + // DCACHE interfaces + .dcache_req_ports_i(dcache_req_ports_cache_id), + .dcache_req_ports_o(dcache_req_ports_id_cache) ); logic [CVA6Cfg.NrWbPorts-1:0][CVA6Cfg.TRANS_ID_BITS-1:0] trans_id_ex_id; @@ -744,16 +777,17 @@ module cva6 assign ex_ex_ex_id[FPU_WB] = fpu_exception_ex_id; assign wt_valid_ex_id[FPU_WB] = fpu_valid_ex_id; - always_comb begin : gen_cvxif_input_assignement - x_compressed_ready = cvxif_resp_i.compressed_ready; - x_compressed_resp = cvxif_resp_i.compressed_resp; - x_issue_ready = cvxif_resp_i.issue_ready; - x_issue_resp = cvxif_resp_i.issue_resp; - x_register_ready = cvxif_resp_i.register_ready; - x_result_valid = cvxif_resp_i.result_valid; - x_result = cvxif_resp_i.result; - end if (CVA6Cfg.CvxifEn) begin + always_comb begin : gen_cvxif_input_assignement + x_compressed_ready = cvxif_resp_i.compressed_ready; + x_compressed_resp = cvxif_resp_i.compressed_resp; + x_issue_ready = cvxif_resp_i.issue_ready; + x_issue_resp = cvxif_resp_i.issue_resp; + x_register_ready = cvxif_resp_i.register_ready; + x_result_valid = cvxif_resp_i.result_valid; + x_result = cvxif_resp_i.result; + end + always_comb begin : gen_cvxif_output_assignement cvxif_req.compressed_valid = x_compressed_valid; cvxif_req.compressed_req = x_compressed_req; @@ -817,6 +851,7 @@ module cva6 .rs2_forwarding_o (rs2_forwarding_id_ex), .fu_data_o (fu_data_id_ex), .pc_o (pc_id_ex), + .is_zcmt_o (zcmt_id_ex), .is_compressed_instr_o (is_compressed_instr_id_ex), .tinst_o (tinst_ex), // fixed latency unit ready @@ -879,7 +914,9 @@ module cva6 .stall_issue_o (stall_issue), //RVFI .rvfi_issue_pointer_o (rvfi_issue_pointer), - .rvfi_commit_pointer_o(rvfi_commit_pointer) + .rvfi_commit_pointer_o(rvfi_commit_pointer), + .rvfi_rs1_o (rvfi_rs1), + .rvfi_rs2_o (rvfi_rs2) ); // --------- @@ -898,7 +935,9 @@ module cva6 .icache_dreq_t(icache_dreq_t), .icache_drsp_t(icache_drsp_t), .lsu_ctrl_t(lsu_ctrl_t), - .x_result_t(x_result_t) + .x_result_t(x_result_t), + .acc_mmu_req_t(acc_mmu_req_t), + .acc_mmu_resp_t(acc_mmu_resp_t) ) ex_stage_i ( .clk_i(clk_i), .rst_ni(rst_ni), @@ -908,6 +947,7 @@ module cva6 .rs2_forwarding_i(rs2_forwarding_id_ex), .fu_data_i(fu_data_id_ex), .pc_i(pc_id_ex), + .is_zcmt_i(zcmt_id_ex), .is_compressed_instr_i(is_compressed_instr_id_ex), .tinst_i(tinst_ex), // fixed latency units @@ -981,6 +1021,9 @@ module cva6 .x_result_ready_o (x_result_ready), // Accelerator .acc_valid_i (acc_valid_acc_ex), + // Accelerator MMU access + .acc_mmu_req_i (acc_mmu_req), + .acc_mmu_resp_o (acc_mmu_resp), // Performance counters .itlb_miss_o (itlb_miss_ex_perf), .dtlb_miss_o (dtlb_miss_ex_perf), @@ -1078,6 +1121,7 @@ module cva6 csr_regfile #( .CVA6Cfg (CVA6Cfg), .exception_t (exception_t), + .jvt_t (jvt_t), .irq_ctrl_t (irq_ctrl_t), .scoreboard_entry_t(scoreboard_entry_t), .rvfi_probes_csr_t (rvfi_probes_csr_t), @@ -1154,6 +1198,7 @@ module cva6 .pmpcfg_o (pmpcfg), .pmpaddr_o (pmpaddr), .mcountinhibit_o (mcountinhibit_csr_perf), + .jvt_o (jvt), //RVFI .rvfi_csr_o (rvfi_csr) ); @@ -1258,15 +1303,29 @@ module cva6 dcache_req_o_t [NumPorts-1:0] dcache_req_from_cache; // D$ request - assign dcache_req_to_cache[0] = dcache_req_ports_ex_cache[0]; + // Since ZCMT is only enable for embdeed class so MMU should be disable. + // Cache port 0 is being ultilize in implicit read access in ZCMT extension. + if (CVA6Cfg.RVZCMT & ~(CVA6Cfg.MmuPresent)) begin + assign dcache_req_to_cache[0] = dcache_req_ports_id_cache; + end else begin + assign dcache_req_to_cache[0] = dcache_req_ports_ex_cache[0]; + end assign dcache_req_to_cache[1] = dcache_req_ports_ex_cache[1]; assign dcache_req_to_cache[2] = dcache_req_ports_acc_cache[0]; assign dcache_req_to_cache[3] = dcache_req_ports_ex_cache[2].data_req ? dcache_req_ports_ex_cache [2] : dcache_req_ports_acc_cache[1]; // D$ response - assign dcache_req_ports_cache_ex[0] = dcache_req_from_cache[0]; - assign dcache_req_ports_cache_ex[1] = dcache_req_from_cache[1]; + // Since ZCMT is only enable for embdeed class so MMU should be disable. + // Cache port 0 is being ultilized in implicit read access in ZCMT extension. + if (CVA6Cfg.RVZCMT & ~(CVA6Cfg.MmuPresent)) begin + assign dcache_req_ports_cache_id = dcache_req_from_cache[0]; + assign dcache_req_ports_cache_ex[0] = '0; + end else begin + assign dcache_req_ports_cache_ex[0] = dcache_req_from_cache[0]; + assign dcache_req_ports_cache_id = '0; + end + assign dcache_req_ports_cache_ex[1] = dcache_req_from_cache[1]; assign dcache_req_ports_cache_acc[0] = dcache_req_from_cache[2]; always_comb begin : gen_dcache_req_store_data_gnt dcache_req_ports_cache_ex[2] = dcache_req_from_cache[3]; @@ -1326,10 +1385,11 @@ module cva6 .inval_valid_i (inval_valid), .inval_ready_o (inval_ready) ); - end else if (CVA6Cfg.DCacheType inside { - config_pkg::HPDCACHE_WT, - config_pkg::HPDCACHE_WB, - config_pkg::HPDCACHE_WT_WB}) + end else if ( + CVA6Cfg.DCacheType == config_pkg::HPDCACHE_WT || + CVA6Cfg.DCacheType == config_pkg::HPDCACHE_WB || + CVA6Cfg.DCacheType == config_pkg::HPDCACHE_WT_WB + ) begin : gen_cache_hpd cva6_hpdcache_subsystem #( .CVA6Cfg (CVA6Cfg), @@ -1464,7 +1524,11 @@ module cva6 .acc_cfg_t (acc_cfg_t), .AccCfg (AccCfg), .acc_req_t (cvxif_req_t), - .acc_resp_t (cvxif_resp_t) + .acc_resp_t (cvxif_resp_t), + .accelerator_req_t (accelerator_req_t), + .accelerator_resp_t(accelerator_resp_t), + .acc_mmu_req_t (acc_mmu_req_t), + .acc_mmu_resp_t (acc_mmu_resp_t) ) i_acc_dispatcher ( .clk_i (clk_i), .rst_ni (rst_ni), @@ -1480,6 +1544,7 @@ module cva6 .pmpcfg_i (pmpcfg), .pmpaddr_i (pmpaddr), .fcsr_frm_i (frm_csr_id_issue_ex), + .acc_mmu_en_i (enable_translation_csr_ex), .dirty_v_state_o (dirty_v_state), .issue_instr_i (issue_instr_id_acc), .issue_instr_hs_i (issue_instr_hs_id_acc), @@ -1496,6 +1561,8 @@ module cva6 .acc_stall_st_pending_o(stall_st_pending_ex), .acc_no_st_pending_i (no_st_pending_commit), .dcache_req_ports_i (dcache_req_ports_ex_cache), + .acc_mmu_req_o (acc_mmu_req), + .acc_mmu_resp_i (acc_mmu_resp), .ctrl_halt_o (halt_acc_ctrl), .csr_addr_i (csr_addr_ex_csr), .acc_dcache_req_ports_o(dcache_req_ports_acc_cache), @@ -1525,6 +1592,9 @@ module cva6 // D$ connection is unused assign dcache_req_ports_acc_cache = '0; + // MMU access is unused + assign acc_mmu_req = '0; + // No invalidation interface assign inval_valid = '0; assign inval_addr = '0; @@ -1592,6 +1662,13 @@ module cva6 `endif // PITON_ARIANE `ifndef VERILATOR + + logic [31:0] fetch_instructions[CVA6Cfg.NrIssuePorts-1:0]; + + for (genvar i = 0; i < CVA6Cfg.NrIssuePorts; ++i) begin + assign fetch_instructions[i] = fetch_entry_if_id[i].instruction; + end + instr_tracer #( .CVA6Cfg(CVA6Cfg), .bp_resolve_t(bp_resolve_t), @@ -1605,9 +1682,9 @@ module cva6 .rstn(rst_ni), .flush_unissued(flush_unissued_instr_ctrl_id), .flush_all(flush_ctrl_ex), - .instruction(id_stage_i.fetch_entry_i[0].instruction), - .fetch_valid(id_stage_i.fetch_entry_valid_i[0]), - .fetch_ack(id_stage_i.fetch_entry_ready_o[0]), + .instruction(fetch_instructions), + .fetch_valid(id_stage_i.fetch_entry_valid_i), + .fetch_ack(id_stage_i.fetch_entry_ready_o), .issue_ack(issue_stage_i.i_scoreboard.issue_ack_i), .issue_sbe(issue_stage_i.i_scoreboard.issue_instr_o), .waddr(waddr_commit_id), @@ -1715,8 +1792,8 @@ module cva6 .decoded_instr_valid_i (issue_entry_valid_id_issue), .decoded_instr_ack_i (issue_instr_issue_id), - .rs1_forwarding_i(rs1_forwarding_id_ex), - .rs2_forwarding_i(rs2_forwarding_id_ex), + .rs1_i(rvfi_rs1), + .rs2_i(rvfi_rs2), .commit_instr_i(commit_instr_id_commit), .commit_drop_i (commit_drop_id_commit), @@ -1731,6 +1808,7 @@ module cva6 .wdata_i (wdata_commit_id), .csr_i(rvfi_csr), + .irq_i(irq_i), .rvfi_probes_o(rvfi_probes_o) diff --git a/core/cva6_fifo_v3.sv b/core/cva6_fifo_v3.sv index d1d7e2116..d1faa01b3 100644 --- a/core/cva6_fifo_v3.sv +++ b/core/cva6_fifo_v3.sv @@ -77,13 +77,18 @@ module cva6_fifo_v3 #( read_pointer_n = read_pointer_q; write_pointer_n = write_pointer_q; status_cnt_n = status_cnt_q; - data_ft_n = data_ft_q; - first_word_n = first_word_q; + if (FPGA_EN && FPGA_ALTERA) data_ft_n = data_ft_q; + if (FPGA_EN && FPGA_ALTERA) first_word_n = first_word_q; if (FPGA_EN) begin fifo_ram_we = '0; fifo_ram_write_address = '0; fifo_ram_wdata = '0; - data_o = (DEPTH == 0) ? data_i : (first_word_q ? data_ft_q : fifo_ram_rdata); + if (DEPTH == 0) begin + data_o = data_i; + end else begin + if (FPGA_ALTERA) data_o = first_word_q ? data_ft_q : fifo_ram_rdata; + else data_o = fifo_ram_rdata; + end end else begin data_o = (DEPTH == 0) ? data_i : mem_q[read_pointer_q]; mem_n = mem_q; @@ -96,7 +101,7 @@ module cva6_fifo_v3 #( fifo_ram_we = 1'b1; fifo_ram_write_address = write_pointer_q; fifo_ram_wdata = data_i; - first_word_n = FPGA_ALTERA && first_word_q && pop_i; + if (FPGA_ALTERA) first_word_n = first_word_q && pop_i; end else begin // push the data onto the queue mem_n[write_pointer_q] = data_i; @@ -113,7 +118,7 @@ module cva6_fifo_v3 #( if (pop_i && ~empty_o) begin data_ft_n = data_i; - first_word_n = FPGA_EN && FPGA_ALTERA && first_word_q && push_i; + if (FPGA_EN && FPGA_ALTERA) first_word_n = first_word_q && push_i; // read from the queue is a default assignment // but increment the read pointer... if (read_pointer_n == FifoDepth[ADDR_DEPTH-1:0] - 1) read_pointer_n = '0; @@ -151,8 +156,8 @@ module cva6_fifo_v3 #( read_pointer_q <= '0; write_pointer_q <= '0; status_cnt_q <= '0; - first_word_q <= '0; - data_ft_q <= '0; + if (FPGA_ALTERA) first_word_q <= '0; + if (FPGA_ALTERA) data_ft_q <= '0; end else begin if (flush_i) begin read_pointer_q <= '0; diff --git a/core/cva6_mmu/cva6_mmu.sv b/core/cva6_mmu/cva6_mmu.sv index 538227993..cad2c6eaf 100644 --- a/core/cva6_mmu/cva6_mmu.sv +++ b/core/cva6_mmu/cva6_mmu.sv @@ -100,8 +100,8 @@ module cva6_mmu // PMP - input riscv::pmpcfg_t [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0] pmpcfg_i, - input logic [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0][CVA6Cfg.PLEN-3:0] pmpaddr_i + input riscv::pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] pmpcfg_i, + input logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] pmpaddr_i ); // memory management, pte for cva6 @@ -223,7 +223,7 @@ module cva6_mmu .v_i (ld_st_v_i), .update_i (update_dtlb), .lu_access_i (dtlb_lu_access), - .lu_asid_i (itlb_lu_asid), + .lu_asid_i (dtlb_lu_asid), .lu_vmid_i (vmid_i), .lu_vaddr_i (lsu_vaddr_i), .lu_gpaddr_o (dtlb_gpaddr), @@ -495,6 +495,7 @@ module cva6_mmu logic lsu_is_store_n, lsu_is_store_q; logic dtlb_hit_n, dtlb_hit_q; logic [CVA6Cfg.PtLevels-2:0] dtlb_is_page_n, dtlb_is_page_q; + exception_t misaligned_ex_n, misaligned_ex_q; // check if we need to do translation or if we are always ready (e.g.: we are not translating anything) assign lsu_dtlb_hit_o = (en_ld_st_translation_i || en_ld_st_g_translation_i) ? dtlb_lu_hit : 1'b1; @@ -509,9 +510,13 @@ module cva6_mmu dtlb_hit_n = dtlb_lu_hit; lsu_is_store_n = lsu_is_store_i; dtlb_is_page_n = dtlb_is_page; + misaligned_ex_n = misaligned_ex_i; lsu_valid_o = lsu_req_q; - lsu_exception_o = misaligned_ex_i; + lsu_exception_o = misaligned_ex_q; + + // mute misaligned exceptions if there is no request otherwise they will throw accidental exceptions + misaligned_ex_n.valid = misaligned_ex_i.valid & lsu_req_i; // we work with SV39 or SV32, so if VM is enabled, check that all bits [CVA6Cfg.VLEN-1:CVA6Cfg.SV-1] are equal to bit [CVA6Cfg.SV] canonical_addr_check = (lsu_req_i && en_ld_st_translation_i && @@ -536,7 +541,7 @@ module cva6_mmu lsu_dtlb_ppn_o = (CVA6Cfg.PPNW)'(lsu_vaddr_n[((CVA6Cfg.PLEN > CVA6Cfg.VLEN) ? CVA6Cfg.VLEN -1: CVA6Cfg.PLEN -1 ):12]); // translation is enabled and no misaligned exception occurred - if ((en_ld_st_translation_i || en_ld_st_g_translation_i) && !misaligned_ex_i.valid) begin + if ((en_ld_st_translation_i || en_ld_st_g_translation_i) && !misaligned_ex_q.valid) begin lsu_valid_o = 1'b0; lsu_dtlb_ppn_o = (en_ld_st_g_translation_i && CVA6Cfg.RVH)? dtlb_g_content.ppn :dtlb_content.ppn; @@ -736,6 +741,7 @@ module cva6_mmu dtlb_is_page_q <= '0; lsu_tinst_q <= '0; hs_ld_st_inst_q <= '0; + misaligned_ex_q <= '0; end else begin lsu_vaddr_q <= lsu_vaddr_n; lsu_req_q <= lsu_req_n; @@ -749,6 +755,7 @@ module cva6_mmu hs_ld_st_inst_q <= hs_ld_st_inst_n; dtlb_gpte_q <= dtlb_gpte_n; lsu_gpaddr_q <= lsu_gpaddr_n; + misaligned_ex_q <= misaligned_ex_n; end end end diff --git a/core/cva6_mmu/cva6_ptw.sv b/core/cva6_mmu/cva6_ptw.sv index a5fef76fc..1d6444be1 100644 --- a/core/cva6_mmu/cva6_ptw.sv +++ b/core/cva6_mmu/cva6_ptw.sv @@ -16,7 +16,7 @@ // Date: 26/02/2024 // Description: Hardware-PTW (Page-Table-Walker) for CVA6 supporting sv32, sv39 and sv39x4. // This module is an merge of the PTW Sv39 developed by Florian Zaruba, -// the PTW Sv32 developed by Sebastien Jacq and the PTW Sv39x4 by Bruno Sá. +// the PTW Sv32 developed by Sebastien Jacq and the PTW Sv39x4 by Bruno Sá. /* verilator lint_off WIDTH */ @@ -83,8 +83,8 @@ module cva6_ptw output logic shared_tlb_miss_o, // PMP - input riscv::pmpcfg_t [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0] pmpcfg_i, - input logic [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0][CVA6Cfg.PLEN-3:0] pmpaddr_i, + input riscv::pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] pmpcfg_i, + input logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] pmpaddr_i, output logic [CVA6Cfg.PLEN-1:0] bad_paddr_o, output logic [CVA6Cfg.GPLEN-1:0] bad_gpaddr_o ); @@ -216,7 +216,7 @@ module cva6_ptw // output the correct ASIDs shared_tlb_update_o.asid = tlb_update_asid_q; - shared_tlb_update_o.vmid = tlb_update_vmid_q; + shared_tlb_update_o.vmid = CVA6Cfg.RVH ? tlb_update_vmid_q : '0; bad_paddr_o = ptw_access_exception_o ? ptw_pptr_q : 'b0; if (CVA6Cfg.RVH) @@ -258,8 +258,8 @@ module cva6_ptw // PAGESIZE=2^12 and LEVELS=3.) // 2. Let pte be the value of the PTE at address a+va.vpn[i]×PTESIZE. (For // Sv32, PTESIZE=4.) - // 3. If pte.v = 0, or if pte.r = 0 and pte.w = 1, or if any bits or encodings - // that are reserved for future standard use are set within pte, stop and raise + // 3. If pte.v = 0, or if pte.r = 0 and pte.w = 1, or if any bits or encodings + // that are reserved for future standard use are set within pte, stop and raise // a page-fault exception corresponding to the original access type. // 4. Otherwise, the PTE is valid. If pte.r = 1 or pte.x = 1, go to step 5. // Otherwise, this PTE is a pointer to the next level of the page table. @@ -296,7 +296,6 @@ module cva6_ptw global_mapping_n = global_mapping_q; // input registers tlb_update_asid_n = tlb_update_asid_q; - tlb_update_vmid_n = tlb_update_vmid_q; vaddr_n = vaddr_q; pptr = ptw_pptr_q; @@ -304,6 +303,7 @@ module cva6_ptw gpaddr_n = gpaddr_q; gptw_pptr_n = gptw_pptr_q; gpte_d = gpte_q; + tlb_update_vmid_n = tlb_update_vmid_q; end shared_tlb_miss_o = 1'b0; @@ -616,17 +616,17 @@ module cva6_ptw ptw_lvl_q <= '0; tag_valid_q <= 1'b0; tlb_update_asid_q <= '0; - tlb_update_vmid_q <= '0; vaddr_q <= '0; ptw_pptr_q <= '0; global_mapping_q <= 1'b0; data_rdata_q <= '0; data_rvalid_q <= 1'b0; if (CVA6Cfg.RVH) begin - gpaddr_q <= '0; - gptw_pptr_q <= '0; - ptw_stage_q <= S_STAGE; - gpte_q <= '0; + gpaddr_q <= '0; + gptw_pptr_q <= '0; + ptw_stage_q <= S_STAGE; + gpte_q <= '0; + tlb_update_vmid_q <= '0; end end else begin state_q <= state_d; diff --git a/core/cva6_rvfi.sv b/core/cva6_rvfi.sv index b77b1e89a..430dac738 100644 --- a/core/cva6_rvfi.sv +++ b/core/cva6_rvfi.sv @@ -64,8 +64,8 @@ module cva6_rvfi logic [CVA6Cfg.NrIssuePorts-1:0] decoded_instr_valid; logic [CVA6Cfg.NrIssuePorts-1:0] decoded_instr_ack; - logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs1_forwarding; - logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs2_forwarding; + logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs1; + logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs2; logic [CVA6Cfg.NrCommitPorts-1:0][CVA6Cfg.XLEN-1:0] rvfi_intr; @@ -132,8 +132,8 @@ module cva6_rvfi assign decoded_instr_valid = instr.decoded_instr_valid; assign decoded_instr_ack = instr.decoded_instr_ack; - assign rs1_forwarding = instr.rs1_forwarding; - assign rs2_forwarding = instr.rs2_forwarding; + assign rs1 = instr.rs1; + assign rs2 = instr.rs2; assign commit_instr_pc = instr.commit_instr_pc; assign commit_instr_op = instr.commit_instr_op; @@ -240,8 +240,8 @@ module cva6_rvfi for (int unsigned i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin if (decoded_instr_valid[i] && decoded_instr_ack[i] && !flush_unissued_instr) begin mem_n[issue_pointer[i]] = '{ - rs1_rdata: rs1_forwarding[i], - rs2_rdata: rs2_forwarding[i], + rs1_rdata: rs1[i], + rs2_rdata: rs2[i], lsu_addr: '0, lsu_rmask: '0, lsu_wmask: '0, @@ -336,14 +336,12 @@ module cva6_rvfi assign rvfi_csr_o.``CSR_NAME``.rmask = CSR_ENABLE_COND ? 1 : 0; \ assign rvfi_csr_o.``CSR_NAME``.wmask = (rvfi_csr_o.``CSR_NAME``.rdata != {{CVA6Cfg.XLEN - $bits(CSR_SOURCE_NAME)}, CSR_SOURCE_NAME}) && CSR_ENABLE_COND; - `define COMMA , - `define CONNECT_RVFI_SAME(CSR_ENABLE_COND, CSR_NAME) \ `CONNECT_RVFI_FULL(CSR_ENABLE_COND, CSR_NAME, csr.``CSR_NAME``_q) `CONNECT_RVFI_FULL(CVA6Cfg.FpPresent, fflags, csr.fcsr_q.fflags) `CONNECT_RVFI_FULL(CVA6Cfg.FpPresent, frm, csr.fcsr_q.frm) - `CONNECT_RVFI_FULL(CVA6Cfg.FpPresent, fcsr, { csr.fcsr_q.frm `COMMA csr.fcsr_q.fflags}) + `CONNECT_RVFI_FULL(CVA6Cfg.FpPresent, fcsr, {csr.fcsr_q.frm, csr.fcsr_q.fflags}) `CONNECT_RVFI_FULL(CVA6Cfg.FpPresent, ftran, csr.fcsr_q.fprec) `CONNECT_RVFI_SAME(CVA6Cfg.FpPresent, dcsr) @@ -418,7 +416,7 @@ module cva6_rvfi `CONNECT_RVFI_SAME(1'b1, icache) `CONNECT_RVFI_SAME(CVA6Cfg.EnableAccelerator, acc_cons) - + `CONNECT_RVFI_SAME(CVA6Cfg.RVZCMT, jvt) `CONNECT_RVFI_FULL(1'b1, pmpcfg0, csr.pmpcfg_q[CVA6Cfg.XLEN/8-1:0]) `CONNECT_RVFI_FULL(CVA6Cfg.XLEN == 32, pmpcfg1, csr.pmpcfg_q[7:4]) @@ -429,7 +427,8 @@ module cva6_rvfi genvar i; generate for (i = 0; i < 16; i++) begin - `CONNECT_RVFI_FULL(1'b1, pmpaddr[i], csr.pmpaddr_q[i][CVA6Cfg.PLEN-3:0]) + `CONNECT_RVFI_FULL(1'b1, pmpaddr[i], { + csr.pmpaddr_q[i][CVA6Cfg.PLEN-3:1], pmpcfg_q[i].addr_mode[1]}) end endgenerate ; diff --git a/core/cva6_rvfi_probes.sv b/core/cva6_rvfi_probes.sv index 5e06e2629..34b865d8d 100644 --- a/core/cva6_rvfi_probes.sv +++ b/core/cva6_rvfi_probes.sv @@ -35,8 +35,8 @@ module cva6_rvfi_probes input logic [CVA6Cfg.NrIssuePorts-1:0] decoded_instr_valid_i, input logic [CVA6Cfg.NrIssuePorts-1:0] decoded_instr_ack_i, - input logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.VLEN-1:0] rs1_forwarding_i, - input logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.VLEN-1:0] rs2_forwarding_i, + input logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs1_i, + input logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs2_i, input scoreboard_entry_t [CVA6Cfg.NrCommitPorts-1:0] commit_instr_i, input logic [CVA6Cfg.NrCommitPorts-1:0] commit_drop_i, @@ -51,6 +51,7 @@ module cva6_rvfi_probes input logic [CVA6Cfg.NrCommitPorts-1:0][CVA6Cfg.XLEN-1:0] wdata_i, input rvfi_probes_csr_t csr_i, + input logic [1:0] irq_i, output rvfi_probes_t rvfi_probes_o ); @@ -75,8 +76,8 @@ module cva6_rvfi_probes instr.decoded_instr_valid = decoded_instr_valid_i; instr.decoded_instr_ack = decoded_instr_ack_i; - instr.rs1_forwarding = rs1_forwarding_i; - instr.rs2_forwarding = rs2_forwarding_i; + instr.rs1 = rs1_i; + instr.rs2 = rs2_i; instr.ex_commit_cause = ex_commit_i.cause; instr.ex_commit_valid = ex_commit_i.valid; @@ -109,6 +110,7 @@ module cva6_rvfi_probes instr.wdata = wdata_i; csr = csr_i; + csr.mip_q = csr_i.mip_q | ({{CVA6Cfg.XLEN - 1{1'b0}}, CVA6Cfg.RVS && irq_i[1]} << riscv::IRQ_S_EXT); end diff --git a/core/cvxif_compressed_if_driver.sv b/core/cvxif_compressed_if_driver.sv index 26fdeab85..ab759f8e4 100644 --- a/core/cvxif_compressed_if_driver.sv +++ b/core/cvxif_compressed_if_driver.sv @@ -16,24 +16,24 @@ module cvxif_compressed_if_driver #( input logic clk_i, // Asynchronous reset active low - SUBSYSTEM input logic rst_ni, + input logic flush_i, // CVA6 Hart id input logic [CVA6Cfg.XLEN-1:0] hart_id_i, - input logic [CVA6Cfg.NrIssuePorts-1:0] is_compressed_i, - input logic [CVA6Cfg.NrIssuePorts-1:0] is_illegal_i, - input logic [CVA6Cfg.NrIssuePorts-1:0] instruction_valid_i, - input logic [CVA6Cfg.NrIssuePorts-1:0][31:0] instruction_i, + input logic is_compressed_i, + input logic is_illegal_i, + input logic [31:0] instruction_i, - output logic [CVA6Cfg.NrIssuePorts-1:0] is_compressed_o, - output logic [CVA6Cfg.NrIssuePorts-1:0] is_illegal_o, - output logic [CVA6Cfg.NrIssuePorts-1:0][31:0] instruction_o, - input logic stall_i, - output logic [CVA6Cfg.NrIssuePorts-1:0] stall_o, + output logic is_compressed_o, + output logic is_illegal_o, + output logic [31:0] instruction_o, + input logic stall_i, + output logic stall_o, // CVXIF Compressed interface - input logic compressed_ready_i, - input x_compressed_resp_t compressed_resp_i, - output logic compressed_valid_o, - output x_compressed_req_t compressed_req_o + input logic compressed_ready_i, + input x_compressed_resp_t compressed_resp_i, + output logic compressed_valid_o, + output x_compressed_req_t compressed_req_o ); @@ -44,32 +44,22 @@ module cvxif_compressed_if_driver #( compressed_valid_o = 1'b0; compressed_req_o.instr = '0; compressed_req_o.hartid = hart_id_i; - stall_o[0] = stall_i; - stall_o[1] = 1'b0; - if (is_illegal_i[0]) begin - compressed_valid_o = is_illegal_i[0] && instruction_valid_i[0]; - compressed_req_o.instr = instruction_i[0][15:0]; - is_illegal_o[0] = ~compressed_resp_i.accept; - instruction_o[0] = compressed_resp_i.accept ? compressed_resp_i.instr : instruction_i[0]; - is_compressed_o[0] = compressed_resp_i.accept ? 1'b0 : is_compressed_i[0]; + stall_o = stall_i; + if (is_illegal_i) begin + compressed_valid_o = is_illegal_i; + compressed_req_o.instr = instruction_i[15:0]; + is_illegal_o = ~compressed_resp_i.accept; + instruction_o = compressed_resp_i.accept ? compressed_resp_i.instr : instruction_i; + is_compressed_o = compressed_resp_i.accept ? 1'b0 : is_compressed_i; if (~stall_i) begin // Propagate stall from macro decoder or wait for compressed ready if compressed transaction is happening. - // Stall if both instruction are illegal - stall_o[0] = (compressed_valid_o && ~compressed_ready_i); - if (CVA6Cfg.SuperscalarEn) begin - stall_o[1] = is_illegal_i[1]; - end + stall_o = (compressed_valid_o && ~compressed_ready_i); end end - if (CVA6Cfg.SuperscalarEn) begin - if (~is_illegal_i[0] && is_illegal_i[1]) begin // 2nd instruction is illegal - compressed_valid_o = is_illegal_i[1] && instruction_valid_i[1]; - compressed_req_o.instr = instruction_i[1][15:0]; - is_illegal_o[1] = ~compressed_resp_i.accept; - instruction_o[1] = compressed_resp_i.accept ? compressed_resp_i.instr : instruction_i[1]; - is_compressed_o[1] = compressed_resp_i.accept ? 1'b0 : is_compressed_i[1]; - stall_o[1] = (compressed_valid_o && ~compressed_ready_i); - end + if (flush_i) begin + compressed_valid_o = 1'b0; + compressed_req_o.instr = '0; + compressed_req_o.hartid = hart_id_i; end end diff --git a/core/cvxif_example/copro_alu.sv b/core/cvxif_example/copro_alu.sv index 672528454..4e980ffea 100644 --- a/core/cvxif_example/copro_alu.sv +++ b/core/cvxif_example/copro_alu.sv @@ -88,8 +88,32 @@ module copro_alu rd_n = rd_i; we_n = 1'b1; end - cvxif_instr_pkg::ADD_RS3_R4: begin - result_n = NrRgprPorts == 3 ? registers_i[2] + registers_i[1] + registers_i[0] : registers_i[1] + registers_i[0]; + cvxif_instr_pkg::MADD_RS3_R4: begin + result_n = NrRgprPorts == 3 ? (registers_i[0] + registers_i[1] + registers_i[2]) : (registers_i[0] + registers_i[1]); + hartid_n = hartid_i; + id_n = id_i; + valid_n = 1'b1; + rd_n = rd_i; + we_n = 1'b1; + end + cvxif_instr_pkg::MSUB_RS3_R4: begin + result_n = NrRgprPorts == 3 ? (registers_i[0] - registers_i[1] - registers_i[2]) : (registers_i[0] - registers_i[1]); + hartid_n = hartid_i; + id_n = id_i; + valid_n = 1'b1; + rd_n = rd_i; + we_n = 1'b1; + end + cvxif_instr_pkg::NMADD_RS3_R4: begin + result_n = NrRgprPorts == 3 ? ~(registers_i[0] + registers_i[1] + registers_i[2]) : ~(registers_i[0] + registers_i[1]); + hartid_n = hartid_i; + id_n = id_i; + valid_n = 1'b1; + rd_n = rd_i; + we_n = 1'b1; + end + cvxif_instr_pkg::NMSUB_RS3_R4: begin + result_n = NrRgprPorts == 3 ? ~(registers_i[0] - registers_i[1] - registers_i[2]) : ~(registers_i[0] - registers_i[1]); hartid_n = hartid_i; id_n = id_i; valid_n = 1'b1; diff --git a/core/cvxif_example/include/cvxif_instr_pkg.sv b/core/cvxif_example/include/cvxif_instr_pkg.sv index 2c0c8a34b..496cddba8 100644 --- a/core/cvxif_example/include/cvxif_instr_pkg.sv +++ b/core/cvxif_example/include/cvxif_instr_pkg.sv @@ -18,8 +18,11 @@ package cvxif_instr_pkg; DOUBLE_RS1 = 4'b0011, DOUBLE_RS2 = 4'b0100, ADD_MULTI = 4'b0101, - ADD_RS3_R4 = 4'b0110, - ADD_RS3_R = 4'b0111 + MADD_RS3_R4 = 4'b0110, + MSUB_RS3_R4 = 4'b0111, + NMADD_RS3_R4 = 4'b1000, + NMSUB_RS3_R4 = 4'b1001, + ADD_RS3_R = 4'b1111 } opcode_t; @@ -105,7 +108,7 @@ package cvxif_instr_pkg; 32'b00000_00_00000_00000_0_00_00000_1000011, // MADD opcode mask: 32'b00000_11_00000_00000_1_11_00000_1111111, resp : '{accept : 1'b1, writeback : 1'b1, register_read : {1'b1, 1'b1, 1'b1}}, - opcode : ADD_RS3_R4 + opcode : MADD_RS3_R4 }, '{ // Custom Add Multi rs1 : cus_add rd, rs1, rs1 @@ -113,7 +116,7 @@ package cvxif_instr_pkg; 32'b00000_00_00000_00000_0_00_00000_1000111, // MSUB opcode mask: 32'b00000_11_00000_00000_1_11_00000_1111111, resp : '{accept : 1'b1, writeback : 1'b1, register_read : {1'b1, 1'b1, 1'b1}}, - opcode : ADD_RS3_R4 + opcode : MSUB_RS3_R4 }, '{ // Custom Add Multi rs1 : cus_add rd, rs1, rs1 @@ -121,7 +124,7 @@ package cvxif_instr_pkg; 32'b00000_00_00000_00000_0_00_00000_1001011, // NMSUB opcode mask: 32'b00000_11_00000_00000_1_11_00000_1111111, resp : '{accept : 1'b1, writeback : 1'b1, register_read : {1'b1, 1'b1, 1'b1}}, - opcode : ADD_RS3_R4 + opcode : NMSUB_RS3_R4 }, '{ // Custom Add Multi rs1 : cus_add rd, rs1, rs1 @@ -129,7 +132,7 @@ package cvxif_instr_pkg; 32'b00000_00_00000_00000_0_00_00000_1001111, // NMADD opcode mask: 32'b00000_11_00000_00000_1_11_00000_1111111, resp : '{accept : 1'b1, writeback : 1'b1, register_read : {1'b1, 1'b1, 1'b1}}, - opcode : ADD_RS3_R4 + opcode : NMADD_RS3_R4 } }; diff --git a/core/cvxif_fu.sv b/core/cvxif_fu.sv index b191fbff4..0d309a58c 100644 --- a/core/cvxif_fu.sv +++ b/core/cvxif_fu.sv @@ -22,6 +22,8 @@ module cvxif_fu input logic clk_i, // Asynchronous reset active low - SUBSYSTEM input logic rst_ni, + // Virtualization mode state - CSR_REGFILE + input logic v_i, // CVXIF instruction is valid - ISSUE_STAGE input logic x_valid_i, // Transaction ID - ISSUE_STAGE @@ -56,7 +58,7 @@ module cvxif_fu assign x_ready_o = 1'b1; // Readyness of cvxif_fu is determined in issue stage by CVXIF issue interface // Result signals - assign x_valid_o = x_illegal_i && x_valid_i ? 1'b1 : result_valid_i; + assign x_valid_o = x_illegal_i || result_valid_i; assign x_result_o = result_i.data; assign x_trans_id_o = x_illegal_i ? x_trans_id_i : result_i.id; assign x_we_o = result_i.we; @@ -64,13 +66,14 @@ module cvxif_fu // Handling of illegal instruction exception always_comb begin - x_exception_o = '0; // No exception in this interface - if (x_illegal_i && x_valid_i) begin - x_exception_o.valid = '1; - x_exception_o.cause = riscv::ILLEGAL_INSTR; - if (CVA6Cfg.TvalEn) - x_exception_o.tval = x_off_instr_i; // TODO Optimization : Set exception in IRO. - end + x_exception_o.valid = x_illegal_i; + x_exception_o.cause = x_illegal_i ? riscv::ILLEGAL_INSTR : '0; + if (CVA6Cfg.TvalEn) + x_exception_o.tval = x_off_instr_i; // TODO Optimization : Set exception in IRO. + // Hypervisor exception fields + x_exception_o.tval2 = {CVA6Cfg.GPLEN{1'b0}}; + x_exception_o.tinst = '0; + x_exception_o.gva = CVA6Cfg.RVH ? v_i : 1'b0; end endmodule diff --git a/core/cvxif_issue_register_commit_if_driver.sv b/core/cvxif_issue_register_commit_if_driver.sv index 16ebaa5bc..88efc0002 100644 --- a/core/cvxif_issue_register_commit_if_driver.sv +++ b/core/cvxif_issue_register_commit_if_driver.sv @@ -36,16 +36,14 @@ module cvxif_issue_register_commit_if_driver #( input logic [31:0] x_off_instr_i, input logic [CVA6Cfg.TRANS_ID_BITS-1:0] x_trans_id_i, input [(CVA6Cfg.NrRgprPorts/CVA6Cfg.NrIssuePorts)-1:0][CVA6Cfg.XLEN-1:0] register_i, - input logic [(CVA6Cfg.NrRgprPorts/CVA6Cfg.NrIssuePorts)-1:0] rs_valid_i, - output logic cvxif_busy_o + input logic [(CVA6Cfg.NrRgprPorts/CVA6Cfg.NrIssuePorts)-1:0] rs_valid_i ); // X_ISSUE_REGISTER_SPLIT = 0 : Issue and register transactions are synchrone // Mandatory assignement assign register_valid_o = issue_valid_o; assign register_o.hartid = issue_req_o.hartid; assign register_o.id = issue_req_o.id; - // cvxif can not take any more instruction if issue transaction is still up. - assign cvxif_busy_o = issue_valid_o && ~issue_ready_i; + always_comb begin issue_valid_o = valid_i && ~flush_i; issue_req_o.instr = x_off_instr_i; diff --git a/core/decoder.sv b/core/decoder.sv index 2d137648f..98fc3b1c4 100644 --- a/core/decoder.sv +++ b/core/decoder.sv @@ -48,6 +48,10 @@ module decoder input logic is_last_macro_instr_i, // Is mvsa01/mva01s macro instruction - macro_decoder input logic is_double_rd_macro_instr_i, + // Zcmt instruction - FRONTEND + input logic is_zcmt_i, + // Jump address - zcmt_decoder + input logic [CVA6Cfg.XLEN-1:0] jump_address_i, // Is a branch predict instruction - FRONTEND input branchpredict_sbe_t branch_predict_i, // If an exception occured in fetch stage - FRONTEND @@ -178,9 +182,11 @@ module decoder instruction_o.use_zimm = 1'b0; instruction_o.bp = branch_predict_i; instruction_o.vfp = 1'b0; + instruction_o.is_zcmt = is_zcmt_i; ecall = 1'b0; ebreak = 1'b0; check_fprm = 1'b0; + tinst = 32'h0; if (~ex_i.valid) begin case (instr.rtype.opcode) @@ -812,10 +818,11 @@ module decoder unique case ({ CVA6Cfg.RVB, CVA6Cfg.RVZiCond }) - 2'b00: illegal_instr = illegal_instr_non_bm; - 2'b01: illegal_instr = illegal_instr_non_bm & illegal_instr_zic; - 2'b10: illegal_instr = illegal_instr_non_bm & illegal_instr_bm; - 2'b11: illegal_instr = illegal_instr_non_bm & illegal_instr_bm & illegal_instr_zic; + 2'b00: illegal_instr = illegal_instr_non_bm; + 2'b01: illegal_instr = illegal_instr_non_bm & illegal_instr_zic; + 2'b10: illegal_instr = illegal_instr_non_bm & illegal_instr_bm; + 2'b11: illegal_instr = illegal_instr_non_bm & illegal_instr_bm & illegal_instr_zic; + default: ; // TODO: Check that default case is not synthesized. endcase end end @@ -916,9 +923,18 @@ module decoder else if (instr.instr[24:20] == 5'b00000) instruction_o.op = ariane_pkg::CLZ; else if (instr.instr[24:20] == 5'b00001) instruction_o.op = ariane_pkg::CTZ; else illegal_instr_bm = 1'b1; - end else if (instr.instr[31:26] == 6'b010010) instruction_o.op = ariane_pkg::BCLRI; - else if (instr.instr[31:26] == 6'b011010) instruction_o.op = ariane_pkg::BINVI; - else if (instr.instr[31:26] == 6'b001010) instruction_o.op = ariane_pkg::BSETI; + end else if (CVA6Cfg.IS_XLEN64 && instr.instr[31:26] == 6'b010010) + instruction_o.op = ariane_pkg::BCLRI; + else if (CVA6Cfg.IS_XLEN32 && instr.instr[31:25] == 7'b0100100) + instruction_o.op = ariane_pkg::BCLRI; + else if (CVA6Cfg.IS_XLEN64 && instr.instr[31:26] == 6'b011010) + instruction_o.op = ariane_pkg::BINVI; + else if (CVA6Cfg.IS_XLEN32 && instr.instr[31:25] == 7'b0110100) + instruction_o.op = ariane_pkg::BINVI; + else if (CVA6Cfg.IS_XLEN64 && instr.instr[31:26] == 6'b001010) + instruction_o.op = ariane_pkg::BSETI; + else if (CVA6Cfg.IS_XLEN32 && instr.instr[31:25] == 7'b0010100) + instruction_o.op = ariane_pkg::BSETI; else if (CVA6Cfg.ZKN && instr.instr[31:20] == 12'b000010001111) instruction_o.op = ariane_pkg::ZIP; else illegal_instr_bm = 1'b1; @@ -929,8 +945,14 @@ module decoder instruction_o.op = ariane_pkg::REV8; else if (instr.instr[31:20] == 12'b011010011000) instruction_o.op = ariane_pkg::REV8; - else if (instr.instr[31:26] == 6'b010_010) instruction_o.op = ariane_pkg::BEXTI; - else if (instr.instr[31:26] == 6'b011_000) instruction_o.op = ariane_pkg::RORI; + else if (CVA6Cfg.IS_XLEN64 && instr.instr[31:26] == 6'b010_010) + instruction_o.op = ariane_pkg::BEXTI; + else if (CVA6Cfg.IS_XLEN32 && instr.instr[31:25] == 7'b010_0100) + instruction_o.op = ariane_pkg::BEXTI; + else if (CVA6Cfg.IS_XLEN64 && instr.instr[31:26] == 6'b011_000) + instruction_o.op = ariane_pkg::RORI; + else if (CVA6Cfg.IS_XLEN32 && instr.instr[31:25] == 7'b011_0000) + instruction_o.op = ariane_pkg::RORI; else if (CVA6Cfg.ZKN && instr.instr[31:20] == 12'b011010000111) instruction_o.op = ariane_pkg::BREV8; else if (CVA6Cfg.ZKN && instr.instr[31:20] == 12'b000010001111) @@ -1484,13 +1506,18 @@ module decoder imm_u_type = { {CVA6Cfg.XLEN - 32{instruction_i[31]}}, instruction_i[31:12], 12'b0 }; // JAL, AUIPC, sign extended to 64 bit - imm_uj_type = { - {CVA6Cfg.XLEN - 20{instruction_i[31]}}, - instruction_i[19:12], - instruction_i[20], - instruction_i[30:21], - 1'b0 - }; + // if zcmt then xlen jump address assign to immidiate + if (CVA6Cfg.RVZCMT && is_zcmt_i) begin + imm_uj_type = {{CVA6Cfg.XLEN - 32{jump_address_i[31]}}, jump_address_i[31:0]}; + end else begin + imm_uj_type = { + {CVA6Cfg.XLEN - 20{instruction_i[31]}}, + instruction_i[19:12], + instruction_i[20], + instruction_i[30:21], + 1'b0 + }; + end // NOIMM, IIMM, SIMM, SBIMM, UIMM, JIMM, RS3 // select immediate @@ -1641,9 +1668,11 @@ module decoder if (irq_ctrl_i.mip[riscv::IRQ_M_TIMER] && irq_ctrl_i.mie[riscv::IRQ_M_TIMER]) begin interrupt_cause = INTERRUPTS.M_TIMER; end - // Machine Mode Software Interrupt - if (irq_ctrl_i.mip[riscv::IRQ_M_SOFT] && irq_ctrl_i.mie[riscv::IRQ_M_SOFT]) begin - interrupt_cause = INTERRUPTS.M_SW; + if (CVA6Cfg.SoftwareInterruptEn) begin + // Machine Mode Software Interrupt + if (irq_ctrl_i.mip[riscv::IRQ_M_SOFT] && irq_ctrl_i.mie[riscv::IRQ_M_SOFT]) begin + interrupt_cause = INTERRUPTS.M_SW; + end end // Machine Mode External Interrupt if (irq_ctrl_i.mip[riscv::IRQ_M_EXT] && irq_ctrl_i.mie[riscv::IRQ_M_EXT]) begin diff --git a/core/ex_stage.sv b/core/ex_stage.sv index 3095a2c73..74cad5fb9 100644 --- a/core/ex_stage.sv +++ b/core/ex_stage.sv @@ -29,7 +29,9 @@ module ex_stage parameter type icache_dreq_t = logic, parameter type icache_drsp_t = logic, parameter type lsu_ctrl_t = logic, - parameter type x_result_t = logic + parameter type x_result_t = logic, + parameter type acc_mmu_req_t = logic, + parameter type acc_mmu_resp_t = logic ) ( // Subsystem Clock - SUBSYSTEM input logic clk_i, @@ -47,6 +49,8 @@ module ex_stage input fu_data_t [CVA6Cfg.NrIssuePorts-1:0] fu_data_i, // PC of the current instruction - ISSUE_STAGE input logic [CVA6Cfg.VLEN-1:0] pc_i, + // Is_zcmt instruction - ISSUE_STAGE + input logic is_zcmt_i, // Report whether instruction is compressed - ISSUE_STAGE input logic is_compressed_instr_i, // Report instruction encoding - ISSUE_STAGE @@ -159,6 +163,9 @@ module ex_stage input logic x_transaction_rejected_i, // accelerate port result is valid - ACC_DISPATCHER input logic acc_valid_i, + // Accelerator MMU access + input acc_mmu_req_t acc_mmu_req_i, + output acc_mmu_resp_t acc_mmu_resp_o, // Enable virtual memory translation - CSR_REGFILE input logic enable_translation_i, // Enable G-Stage memory translation - CSR_REGFILE @@ -222,9 +229,9 @@ module ex_stage // To count the data TLB misses - PERF_COUNTERS output logic dtlb_miss_o, // Report the PMP configuration - CSR_REGFILE - input riscv::pmpcfg_t [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0] pmpcfg_i, + input riscv::pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] pmpcfg_i, // Report the PMP addresses - CSR_REGFILE - input logic [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0][CVA6Cfg.PLEN-3:0] pmpaddr_i, + input logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] pmpaddr_i, // Information dedicated to RVFI - RVFI output lsu_ctrl_t rvfi_lsu_ctrl_o, // Information dedicated to RVFI - RVFI @@ -320,6 +327,7 @@ module ex_stage .debug_mode_i, .fu_data_i (one_cycle_data), .pc_i, + .is_zcmt_i, .is_compressed_instr_i, .branch_valid_i (|branch_valid_i), .branch_comp_res_i (alu_branch_res), @@ -526,7 +534,9 @@ module ex_stage .icache_arsp_t(icache_arsp_t), .icache_dreq_t(icache_dreq_t), .icache_drsp_t(icache_drsp_t), - .lsu_ctrl_t(lsu_ctrl_t) + .lsu_ctrl_t(lsu_ctrl_t), + .acc_mmu_req_t(acc_mmu_req_t), + .acc_mmu_resp_t(acc_mmu_resp_t) ) lsu_i ( .clk_i, .rst_ni, @@ -551,6 +561,8 @@ module ex_stage .enable_g_translation_i, .en_ld_st_translation_i, .en_ld_st_g_translation_i, + .acc_mmu_req_i, + .acc_mmu_resp_o, .icache_areq_i, .icache_areq_o, .priv_lvl_i, @@ -609,6 +621,7 @@ module ex_stage ) cvxif_fu_i ( .clk_i, .rst_ni, + .v_i, .x_valid_i(|x_valid_i), .x_trans_id_i(cvxif_data.trans_id), .x_illegal_i(x_transaction_rejected_i), diff --git a/core/frontend/bht2lvl.sv b/core/frontend/bht2lvl.sv new file mode 100644 index 000000000..7b0d4ad82 --- /dev/null +++ b/core/frontend/bht2lvl.sv @@ -0,0 +1,133 @@ +// Copyright 2025 ETH Zurich and University of Bologna. +// Copyright and related rights are licensed under the Solderpad Hardware +// License, Version 0.51 (the "License"); you may not use this file except in +// compliance with the License. You may obtain a copy of the License at +// http://solderpad.org/licenses/SHL-0.51. Unless required by applicable law +// or agreed to in writing, software, hardware and materials distributed under +// this License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR +// CONDITIONS OF ANY KIND, either express or implied. See the License for the +// specific language governing permissions and limitations under the License. +// +// Original author: Gianmarco Ottavi, University of Bologna +// Description: Private history BHT + +module bht2lvl #( + parameter config_pkg::cva6_cfg_t CVA6Cfg = config_pkg::cva6_cfg_empty, + parameter type bht_update_t = logic +) ( + input logic clk_i, + input logic rst_ni, + input logic flush_i, + input logic [ CVA6Cfg.VLEN-1:0] vpc_i, + input bht_update_t bht_update_i, + // we potentially need INSTR_PER_FETCH predictions/cycle + output ariane_pkg::bht_prediction_t [CVA6Cfg.INSTR_PER_FETCH-1:0] bht_prediction_o +); + + // the last bit is always zero, we don't need it for indexing + localparam OFFSET = CVA6Cfg.RVC == 1'b1 ? 1 : 2; + // re-shape the branch history table + localparam NR_ROWS = CVA6Cfg.BHTEntries / CVA6Cfg.INSTR_PER_FETCH; + // number of bits needed to index the row + localparam ROW_ADDR_BITS = $clog2(CVA6Cfg.INSTR_PER_FETCH); + localparam ROW_INDEX_BITS = CVA6Cfg.RVC == 1'b1 ? $clog2(CVA6Cfg.INSTR_PER_FETCH) : 1; + // number of bits we should use for prediction + localparam PREDICTION_BITS = $clog2(NR_ROWS) + OFFSET + ROW_ADDR_BITS; + + struct packed { + logic valid; + logic [CVA6Cfg.BHTHist-1:0] hist; + logic [2**CVA6Cfg.BHTHist-1:0][1:0] saturation_counter; + } + bht_d[NR_ROWS-1:0][CVA6Cfg.INSTR_PER_FETCH-1:0], + bht_q[NR_ROWS-1:0][CVA6Cfg.INSTR_PER_FETCH-1:0]; + + + logic [$clog2(NR_ROWS)-1:0] index, update_pc; + logic [CVA6Cfg.BHTHist-1:0] update_hist; + logic [ ROW_INDEX_BITS-1:0] update_row_index; + + assign index = vpc_i[PREDICTION_BITS-1:ROW_ADDR_BITS+OFFSET]; + assign update_pc = bht_update_i.pc[PREDICTION_BITS-1:ROW_ADDR_BITS+OFFSET]; + assign update_hist = bht_q[update_pc][update_row_index].hist; + + if (CVA6Cfg.RVC) begin : gen_update_row_index + assign update_row_index = bht_update_i.pc[ROW_ADDR_BITS+OFFSET-1:OFFSET]; + end else begin + assign update_row_index = '0; + end + + + logic [1:0] saturation_counter; + + // Get the current history of the entry + logic [CVA6Cfg.INSTR_PER_FETCH-1:0][CVA6Cfg.BHTHist-1:0] read_history; + for (genvar i = 0; i < CVA6Cfg.INSTR_PER_FETCH; i++) begin + assign read_history[i] = bht_q[index][i].hist; + end + + // prediction assignment + for (genvar i = 0; i < CVA6Cfg.INSTR_PER_FETCH; i++) begin : gen_bht_output + assign bht_prediction_o[i].valid = bht_q[index][i].valid; + assign bht_prediction_o[i].taken = bht_q[index][i].saturation_counter[read_history[i]][1] == 1'b1; + end + + always_comb begin : update_bht + bht_d = bht_q; + saturation_counter = bht_q[update_pc][update_row_index].saturation_counter[update_hist]; + + if (bht_update_i.valid) begin + bht_d[update_pc][update_row_index].valid = 1'b1; + + if (saturation_counter == 2'b11) begin + // we can safely decrease it + if (!bht_update_i.taken) + bht_d[update_pc][update_row_index].saturation_counter[update_hist] = saturation_counter - 1; + // then check if it saturated in the negative regime e.g.: branch not taken + end else if (saturation_counter == 2'b00) begin + // we can safely increase it + if (bht_update_i.taken) + bht_d[update_pc][update_row_index].saturation_counter[update_hist] = saturation_counter + 1; + end else begin // otherwise we are not in any boundaries and can decrease or increase it + if (bht_update_i.taken) + bht_d[update_pc][update_row_index].saturation_counter[update_hist] = saturation_counter + 1; + else + bht_d[update_pc][update_row_index].saturation_counter[update_hist] = saturation_counter - 1; + end + + bht_d[update_pc][update_row_index].hist = { + update_hist[CVA6Cfg.BHTHist-2:0], bht_update_i.taken + }; + end + end + + always_ff @(posedge clk_i or negedge rst_ni) begin + if (!rst_ni) begin + for (int unsigned i = 0; i < NR_ROWS; i++) begin + for (int j = 0; j < CVA6Cfg.INSTR_PER_FETCH; j++) begin + bht_q[i][j] <= '0; + for (int k = 0; k < 2 ** CVA6Cfg.BHTHist; k++) begin + bht_q[i][j].saturation_counter[k] <= 2'b10; + end + end + end + end else begin + // evict all entries + if (flush_i) begin + for (int i = 0; i < NR_ROWS; i++) begin + for (int j = 0; j < CVA6Cfg.INSTR_PER_FETCH; j++) begin + bht_q[i][j].valid <= 1'b0; + bht_q[i][j].hist <= '0; + for (int k = 0; k < 2 ** CVA6Cfg.BHTHist; k++) begin + bht_q[i][j].saturation_counter[k] <= 2'b10; + end + end + end + end else begin + bht_q <= bht_d; + end + end + end + + +endmodule diff --git a/core/frontend/frontend.sv b/core/frontend/frontend.sv index 97360a3b8..3133fff62 100644 --- a/core/frontend/frontend.sv +++ b/core/frontend/frontend.sv @@ -240,7 +240,7 @@ module frontend 4'b0001: begin ras_pop = 1'b0; ras_push = 1'b0; - if (CVA6Cfg.BTBEntries && btb_prediction_shifted[i].valid) begin + if (CVA6Cfg.BTBEntries != 0 && btb_prediction_shifted[i].valid) begin predict_address = btb_prediction_shifted[i].target_address; cf_type[i] = ariane_pkg::JumpR; end @@ -510,7 +510,7 @@ module frontend if (CVA6Cfg.BHTEntries == 0) begin assign bht_prediction = '0; - end else begin : bht_gen + end else if (CVA6Cfg.BPType == config_pkg::BHT) begin : bht_gen bht #( .CVA6Cfg (CVA6Cfg), .bht_update_t(bht_update_t), @@ -524,6 +524,18 @@ module frontend .bht_update_i (bht_update), .bht_prediction_o(bht_prediction) ); + end else if (CVA6Cfg.BPType == config_pkg::PH_BHT) begin : bht2lvl_gen + bht2lvl #( + .CVA6Cfg (CVA6Cfg), + .bht_update_t(bht_update_t) + ) i_bht ( + .clk_i, + .rst_ni, + .flush_i (flush_bp_i), + .vpc_i (icache_vaddr_q), + .bht_update_i (bht_update), + .bht_prediction_o(bht_prediction) + ); end // we need to inspect up to CVA6Cfg.INSTR_PER_FETCH instructions for branches diff --git a/core/frontend/instr_scan.sv b/core/frontend/instr_scan.sv index d72fc94fa..69e45ff69 100644 --- a/core/frontend/instr_scan.sv +++ b/core/frontend/instr_scan.sv @@ -30,7 +30,7 @@ module instr_scan #( output logic rvi_jalr_o, // Unconditional jump instruction - FRONTEND output logic rvi_jump_o, - // Instruction immediat - FRONTEND + // Instruction immediate - FRONTEND output logic [CVA6Cfg.VLEN-1:0] rvi_imm_o, // Branch compressed instruction - FRONTEND output logic rvc_branch_o, @@ -44,7 +44,7 @@ module instr_scan #( output logic rvc_jalr_o, // JAL compressed instruction - FRONTEND output logic rvc_call_o, - // Instruction compressed immediat - FRONTEND + // Instruction compressed immediate - FRONTEND output logic [CVA6Cfg.VLEN-1:0] rvc_imm_o ); @@ -69,11 +69,8 @@ module instr_scan #( }; endfunction - logic is_rvc; - assign is_rvc = (instr_i[1:0] != 2'b11); - logic rv32_rvc_jal; - assign rv32_rvc_jal = (CVA6Cfg.XLEN == 32) & ((instr_i[15:13] == riscv::OpcodeC1Jal) & is_rvc & (instr_i[1:0] == riscv::OpcodeC1)); + assign rv32_rvc_jal = (CVA6Cfg.XLEN == 32) & ((instr_i[15:13] == riscv::OpcodeC1Jal) & (instr_i[1:0] == riscv::OpcodeC1)); logic is_xret; assign is_xret = logic'(instr_i[31:30] == 2'b00) & logic'(instr_i[28:0] == 29'b10000001000000000000001110011); @@ -90,22 +87,20 @@ module instr_scan #( assign rvi_jump_o = logic'(instr_i[6:0] == riscv::OpcodeJal) | is_xret; // opcode JAL - assign rvc_jump_o = ((instr_i[15:13] == riscv::OpcodeC1J) & is_rvc & (instr_i[1:0] == riscv::OpcodeC1)) | rv32_rvc_jal; + assign rvc_jump_o = ((instr_i[15:13] == riscv::OpcodeC1J) & (instr_i[1:0] == riscv::OpcodeC1)) | rv32_rvc_jal; // always links to register 0 logic is_jal_r; assign is_jal_r = (instr_i[15:13] == riscv::OpcodeC2JalrMvAdd) & (instr_i[6:2] == 5'b00000) - & (instr_i[1:0] == riscv::OpcodeC2) - & is_rvc; + & (instr_i[1:0] == riscv::OpcodeC2); assign rvc_jr_o = is_jal_r & ~instr_i[12]; // always links to register 1 e.g.: it is a jump assign rvc_jalr_o = is_jal_r & instr_i[12]; assign rvc_call_o = rvc_jalr_o | rv32_rvc_jal; assign rvc_branch_o = ((instr_i[15:13] == riscv::OpcodeC1Beqz) | (instr_i[15:13] == riscv::OpcodeC1Bnez)) - & (instr_i[1:0] == riscv::OpcodeC1) - & is_rvc; + & (instr_i[1:0] == riscv::OpcodeC1); // check that rs1 is x1 or x5 assign rvc_return_o = ((instr_i[11:7] == 5'd1) | (instr_i[11:7] == 5'd5)) & rvc_jr_o; diff --git a/core/id_stage.sv b/core/id_stage.sv index 1ead6b934..121b4388b 100644 --- a/core/id_stage.sv +++ b/core/id_stage.sv @@ -16,8 +16,11 @@ module id_stage #( parameter config_pkg::cva6_cfg_t CVA6Cfg = config_pkg::cva6_cfg_empty, parameter type branchpredict_sbe_t = logic, + parameter type dcache_req_i_t = logic, + parameter type dcache_req_o_t = logic, parameter type exception_t = logic, parameter type fetch_entry_t = logic, + parameter type jvt_t = logic, parameter type irq_ctrl_t = logic, parameter type scoreboard_entry_t = logic, parameter type interrupts_t = logic, @@ -83,9 +86,15 @@ module id_stage #( // CVXIF Compressed interface input logic [CVA6Cfg.XLEN-1:0] hart_id_i, input logic compressed_ready_i, + //JVT + input jvt_t jvt_i, input x_compressed_resp_t compressed_resp_i, output logic compressed_valid_o, - output x_compressed_req_t compressed_req_o + output x_compressed_req_t compressed_req_o, + // Data cache request ouput - CACHE + input dcache_req_o_t dcache_req_ports_i, + // Data cache request input - CACHE + output dcache_req_i_t dcache_req_ports_o ); // ID/ISSUE register stage typedef struct packed { @@ -95,26 +104,51 @@ module id_stage #( logic is_ctrl_flow; } issue_struct_t; issue_struct_t [CVA6Cfg.NrIssuePorts-1:0] issue_n, issue_q; + // stall required for ZCMP ZCMT CVXIF + logic [CVA6Cfg.NrIssuePorts-1:0] stall_instr_fetch; logic [CVA6Cfg.NrIssuePorts-1:0] is_control_flow_instr; scoreboard_entry_t [CVA6Cfg.NrIssuePorts-1:0] decoded_instruction; + logic [CVA6Cfg.NrIssuePorts-1:0] decoded_instruction_valid; logic [CVA6Cfg.NrIssuePorts-1:0][31:0] orig_instr; - logic [CVA6Cfg.NrIssuePorts-1:0] is_illegal; - logic [CVA6Cfg.NrIssuePorts-1:0] is_illegal_cmp; - logic [CVA6Cfg.NrIssuePorts-1:0] is_illegal_cvxif; - logic [CVA6Cfg.NrIssuePorts-1:0][31:0] instruction; - logic [CVA6Cfg.NrIssuePorts-1:0][31:0] compressed_instr; - logic [CVA6Cfg.NrIssuePorts-1:0][31:0] instruction_cvxif; - logic [CVA6Cfg.NrIssuePorts-1:0] is_compressed; - logic [CVA6Cfg.NrIssuePorts-1:0] is_compressed_cmp; - logic [CVA6Cfg.NrIssuePorts-1:0] is_compressed_cvxif; + // Compressed decoder signals + logic [CVA6Cfg.NrIssuePorts-1:0] is_illegal_rvc; + logic [CVA6Cfg.NrIssuePorts-1:0][31:0] instruction_rvc; + logic [CVA6Cfg.NrIssuePorts-1:0] is_compressed_rvc; + logic [CVA6Cfg.NrIssuePorts-1:0] is_zcmt_instr; + logic [CVA6Cfg.NrIssuePorts-1:0] is_macro_instr; - logic [CVA6Cfg.NrIssuePorts-1:0] is_macro_instr_i; - logic [CVA6Cfg.NrIssuePorts-1:0] stall_instr_fetch; + // CVXIF compressed interface driver signals + // Inputs + logic is_illegal_cvxif_i; + logic [ 31:0] instruction_cvxif_i; + logic is_compressed_cvxif_i; logic stall_macro_deco; - logic is_last_macro_instr_o; - logic is_double_rd_macro_instr_o; + // Outputs + logic is_illegal_cvxif_o; + logic [ 31:0] instruction_cvxif_o; + logic is_compressed_cvxif_o; + + // ZCMP decoder signals + logic is_illegal_zcmp; + logic [ 31:0] instruction_zcmp; + logic is_compressed_zcmp; + logic stall_macro_deco_zcmp; + logic is_last_macro_instr; + logic is_double_rd_macro_instr; + + // ZCMT decoder signals + logic is_illegal_zcmt; + logic [ 31:0] instruction_zcmt; + logic is_compressed_zcmt; + logic stall_macro_deco_zcmt; + logic [ CVA6Cfg.XLEN-1:0] jump_address; + + // Decoder signals + logic [CVA6Cfg.NrIssuePorts-1:0] is_illegal_deco; + logic [CVA6Cfg.NrIssuePorts-1:0][31:0] instruction_deco; + logic [CVA6Cfg.NrIssuePorts-1:0] is_compressed_deco; if (CVA6Cfg.RVC) begin @@ -126,104 +160,146 @@ module id_stage #( .CVA6Cfg(CVA6Cfg) ) compressed_decoder_i ( .instr_i (fetch_entry_i[i].instruction), - .instr_o (compressed_instr[i]), - .illegal_instr_o (is_illegal[i]), - .is_compressed_o (is_compressed[i]), - .is_macro_instr_o(is_macro_instr_i[i]) + .instr_o (instruction_rvc[i]), + .illegal_instr_o (is_illegal_rvc[i]), + .is_compressed_o (is_compressed_rvc[i]), + .is_macro_instr_o(is_macro_instr[i]), + .is_zcmt_instr_o (is_zcmt_instr[i]) ); end + + if (CVA6Cfg.SuperscalarEn) begin + assign stall_instr_fetch[1] = is_illegal_rvc[1] || is_macro_instr[1] || is_zcmt_instr[1]; + end + if (CVA6Cfg.RVZCMP) begin - //sequencial decoder macro_decoder #( .CVA6Cfg(CVA6Cfg) ) macro_decoder_i ( - .instr_i (compressed_instr[0]), - .is_macro_instr_i (is_macro_instr_i[0]), + .instr_i (instruction_rvc[0]), + .is_macro_instr_i (is_macro_instr[0]), .clk_i (clk_i), .rst_ni (rst_ni), - .instr_o (instruction_cvxif[0]), - .illegal_instr_i (is_illegal[0]), - .is_compressed_i (is_compressed[0]), + .instr_o (instruction_zcmp), + .illegal_instr_i (is_illegal_rvc[0]), + .is_compressed_i (is_compressed_rvc[0]), .issue_ack_i (issue_instr_ack_i[0]), - .illegal_instr_o (is_illegal_cvxif[0]), - .is_compressed_o (is_compressed_cvxif[0]), - .fetch_stall_o (stall_macro_deco), - .is_last_macro_instr_o (is_last_macro_instr_o), - .is_double_rd_macro_instr_o(is_double_rd_macro_instr_o) - ); - if (CVA6Cfg.SuperscalarEn) begin - assign instruction_cvxif[CVA6Cfg.NrIssuePorts-1] = '0; - assign is_illegal_cvxif[CVA6Cfg.NrIssuePorts-1] = '0; - assign is_compressed_cvxif[CVA6Cfg.NrIssuePorts-1] = '0; - end - cvxif_compressed_if_driver #( - .CVA6Cfg(CVA6Cfg), - .x_compressed_req_t(x_compressed_req_t), - .x_compressed_resp_t(x_compressed_resp_t) - ) i_cvxif_compressed_if_driver_i ( - .clk_i (clk_i), - .rst_ni (rst_ni), - .hart_id_i (hart_id_i), - .is_compressed_i (is_compressed_cvxif), - .is_illegal_i (is_illegal_cvxif), - .instruction_i (instruction_cvxif), - .instruction_valid_i(fetch_entry_valid_i), - .is_compressed_o (is_compressed_cmp), - .is_illegal_o (is_illegal_cmp), - .instruction_o (instruction), - .stall_i (stall_macro_deco), - .stall_o (stall_instr_fetch), - .compressed_ready_i (compressed_ready_i), - .compressed_resp_i (compressed_resp_i), - .compressed_valid_o (compressed_valid_o), - .compressed_req_o (compressed_req_o) + .illegal_instr_o (is_illegal_zcmp), + .is_compressed_o (is_compressed_zcmp), + .fetch_stall_o (stall_macro_deco_zcmp), + .is_last_macro_instr_o (is_last_macro_instr), + .is_double_rd_macro_instr_o(is_double_rd_macro_instr) ); end else begin + assign instruction_zcmp = instruction_rvc; + assign is_illegal_zcmp = is_illegal_rvc; + assign is_compressed_zcmp = is_compressed_rvc; + assign stall_macro_deco_zcmp = '0; + assign is_last_macro_instr = '0; + assign is_double_rd_macro_instr = '0; + end + + if (CVA6Cfg.RVZCMT) begin + zcmt_decoder #( + .CVA6Cfg(CVA6Cfg), + .dcache_req_i_t(dcache_req_i_t), + .dcache_req_o_t(dcache_req_o_t), + .jvt_t(jvt_t), + .branchpredict_sbe_t(branchpredict_sbe_t) + ) zcmt_decoder_i ( + .instr_i (instruction_rvc[0]), + .pc_i (fetch_entry_i[0].address), + .is_zcmt_instr_i(is_zcmt_instr[0]), + .clk_i (clk_i), + .rst_ni (rst_ni), + .instr_o (instruction_zcmt), + .illegal_instr_i(is_illegal_rvc[0]), + .is_compressed_i(is_compressed_rvc[0]), + .illegal_instr_o(is_illegal_zcmt), + .is_compressed_o(is_compressed_zcmt), + .fetch_stall_o (stall_macro_deco_zcmt), + .jvt_i (jvt_i), + .req_port_i (dcache_req_ports_i), + .req_port_o (dcache_req_ports_o), + .jump_address_o (jump_address) + ); + end else begin + assign instruction_zcmt = instruction_rvc; + assign is_illegal_zcmt = is_illegal_rvc; + assign is_compressed_zcmt = is_compressed_rvc; + assign stall_macro_deco_zcmt = '0; + assign jump_address = '0; + end + + if (CVA6Cfg.RVZCMT) begin + assign instruction_cvxif_i = is_zcmt_instr[0] ? instruction_zcmt : instruction_zcmp; + assign is_illegal_cvxif_i = is_zcmt_instr[0] ? is_illegal_zcmt : is_illegal_zcmp; + assign is_compressed_cvxif_i = is_zcmt_instr[0] ? is_compressed_zcmt : is_compressed_zcmp; + assign stall_macro_deco = is_zcmt_instr[0] ? stall_macro_deco_zcmt : stall_macro_deco_zcmp; + end else begin // Do not instantiate the mux which is not optimized cross-bondaries + assign instruction_cvxif_i = instruction_zcmp; + assign is_illegal_cvxif_i = is_illegal_zcmp; + assign is_compressed_cvxif_i = is_compressed_zcmp; + assign stall_macro_deco = stall_macro_deco_zcmp; + end + + if (CVA6Cfg.CvxifEn) begin cvxif_compressed_if_driver #( .CVA6Cfg(CVA6Cfg), .x_compressed_req_t(x_compressed_req_t), .x_compressed_resp_t(x_compressed_resp_t) ) i_cvxif_compressed_if_driver_i ( - .clk_i (clk_i), - .rst_ni (rst_ni), - .hart_id_i (hart_id_i), - .is_compressed_i (is_compressed), - .is_illegal_i (is_illegal), - .instruction_valid_i(fetch_entry_valid_i), - .instruction_i (compressed_instr), - .is_compressed_o (is_compressed_cmp), - .is_illegal_o (is_illegal_cmp), - .instruction_o (instruction), - .stall_i (1'b0), - .stall_o (stall_instr_fetch), - .compressed_ready_i (compressed_ready_i), - .compressed_resp_i (compressed_resp_i), - .compressed_valid_o (compressed_valid_o), - .compressed_req_o (compressed_req_o) + .clk_i (clk_i), + .rst_ni (rst_ni), + .flush_i (flush_i), + .hart_id_i (hart_id_i), + .is_compressed_i (is_compressed_cvxif_i), + .is_illegal_i (is_illegal_cvxif_i), + .instruction_i (instruction_cvxif_i), + .is_compressed_o (is_compressed_cvxif_o), + .is_illegal_o (is_illegal_cvxif_o), + .instruction_o (instruction_cvxif_o), + .stall_i (stall_macro_deco), + .stall_o (stall_instr_fetch[0]), + .compressed_ready_i(compressed_ready_i), + .compressed_resp_i (compressed_resp_i), + .compressed_valid_o(compressed_valid_o), + .compressed_req_o (compressed_req_o) ); - assign is_last_macro_instr_o = '0; - assign is_double_rd_macro_instr_o = '0; + end else begin + assign stall_instr_fetch[0] = stall_macro_deco; end end else begin for (genvar i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin - assign instruction[i] = fetch_entry_i[i].instruction; + assign is_illegal_rvc[i] = 1'b0; + assign instruction_rvc[i] = fetch_entry_i[i].instruction; + assign is_compressed_rvc[i] = 1'b0; + assign stall_instr_fetch[i] = 1'b0; end - assign is_illegal_cmp = '0; - assign is_compressed_cmp = '0; - assign is_macro_instr_i = '0; - assign is_last_macro_instr_o = '0; - assign is_double_rd_macro_instr_o = '0; - if (CVA6Cfg.CvxifEn) begin - assign compressed_valid_o = '0; - assign compressed_req_o.instr = '0; - assign compressed_req_o.hartid = hart_id_i; - end // TODO Add else to map x_compressed_if outputs to '0 ? end - assign rvfi_is_compressed_o = is_compressed_cmp; // --------------------------------------------------------- // 2. Decode and emit instruction to issue stage // --------------------------------------------------------- + + always_comb begin + // No CVXIF, No ZCMP, No ZCMT => Connect directly compressed decoder to decoder + is_illegal_deco = is_illegal_rvc; + instruction_deco = instruction_rvc; + is_compressed_deco = is_compressed_rvc; + if (CVA6Cfg.CvxifEn) begin + is_illegal_deco[0] = is_illegal_cvxif_o; + instruction_deco[0] = instruction_cvxif_o; + is_compressed_deco[0] = is_compressed_cvxif_o; + end else if (!CVA6Cfg.CvxifEn && (CVA6Cfg.RVZCMP || CVA6Cfg.RVZCMT)) begin + is_illegal_deco[0] = is_illegal_cvxif_i; + instruction_deco[0] = instruction_cvxif_i; + is_compressed_deco[0] = is_compressed_cvxif_i; + end + end + + assign rvfi_is_compressed_o = is_compressed_rvc; + for (genvar i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin decoder #( .CVA6Cfg(CVA6Cfg), @@ -238,12 +314,14 @@ module id_stage #( .irq_ctrl_i, .irq_i, .pc_i (fetch_entry_i[i].address), - .is_compressed_i (is_compressed_cmp[i]), - .is_macro_instr_i (is_macro_instr_i[i]), - .is_last_macro_instr_i (is_last_macro_instr_o), - .is_double_rd_macro_instr_i(is_double_rd_macro_instr_o), - .is_illegal_i (is_illegal_cmp[i]), - .instruction_i (instruction[i]), + .is_compressed_i (is_compressed_deco[i]), + .is_macro_instr_i (is_macro_instr[i]), + .is_zcmt_i (is_zcmt_instr[i]), + .is_last_macro_instr_i (is_last_macro_instr), + .is_double_rd_macro_instr_i(is_double_rd_macro_instr), + .jump_address_i (jump_address), + .is_illegal_i (is_illegal_deco[i]), + .instruction_i (instruction_deco[i]), .compressed_instr_i (fetch_entry_i[i].instruction[15:0]), .branch_predict_i (fetch_entry_i[i].branch_predict), .ex_i (fetch_entry_i[i].ex), @@ -266,7 +344,7 @@ module id_stage #( end // ------------------ - // Pipeline Register + // 3. Pipeline Register // ------------------ for (genvar i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin assign issue_entry_o[i] = issue_q[i].sbe; @@ -280,6 +358,12 @@ module id_stage #( always_comb begin issue_n = issue_q; fetch_entry_ready_o = '0; + // instruction is not valid if we stall due to ZCMT or CVXIF + decoded_instruction_valid[0] = (CVA6Cfg.RVZCMT && is_zcmt_instr[0] && stall_macro_deco_zcmt) || + (CVA6Cfg.CvxifEn && is_illegal_cvxif_i && ~stall_macro_deco) && stall_instr_fetch[0] + ? 1'b0 : 1'b1; + // Instruction on port 1 are always valid. It is either 32bits or legal 16bits. + decoded_instruction_valid[1] = ~stall_instr_fetch[1]; // Clear the valid flag if issue has acknowledged the instruction if (issue_instr_ack_i[0]) begin @@ -293,21 +377,36 @@ module id_stage #( if (issue_n[1].valid) begin issue_n[0] = issue_n[1]; issue_n[1].valid = 1'b0; - end else if (fetch_entry_valid_i[0] && !stall_instr_fetch[0]) begin - fetch_entry_ready_o[0] = 1'b1; - issue_n[0] = '{1'b1, decoded_instruction[0], orig_instr[0], is_control_flow_instr[0]}; + end else if (fetch_entry_valid_i[0]) begin + fetch_entry_ready_o[0] = ~stall_instr_fetch[0]; + issue_n[0] = '{ + decoded_instruction_valid[0], + decoded_instruction[0], + orig_instr[0], + is_control_flow_instr[0] + }; end end if (!issue_n[1].valid) begin if (fetch_entry_ready_o[0]) begin - if (fetch_entry_valid_i[1] && !stall_instr_fetch[1]) begin - fetch_entry_ready_o[1] = 1'b1; - issue_n[1] = '{1'b1, decoded_instruction[1], orig_instr[1], is_control_flow_instr[1]}; + if (fetch_entry_valid_i[1]) begin + fetch_entry_ready_o[1] = ~stall_instr_fetch[1]; + issue_n[1] = '{ + decoded_instruction_valid[1], + decoded_instruction[1], + orig_instr[1], + is_control_flow_instr[1] + }; end - end else if (fetch_entry_valid_i[0] && !stall_instr_fetch[0]) begin - fetch_entry_ready_o[0] = 1'b1; - issue_n[1] = '{1'b1, decoded_instruction[0], orig_instr[0], is_control_flow_instr[0]}; + end else if (fetch_entry_valid_i[0]) begin + fetch_entry_ready_o[0] = ~stall_instr_fetch[0]; + issue_n[1] = '{ + decoded_instruction_valid[0], + decoded_instruction[0], + orig_instr[0], + is_control_flow_instr[0] + }; end end @@ -318,22 +417,27 @@ module id_stage #( end end else begin always_comb begin - issue_n = issue_q; + issue_n = issue_q; fetch_entry_ready_o = '0; - + // instruction is not valid if we stall due to ZCMT or CVXIF + decoded_instruction_valid[0] = (CVA6Cfg.RVZCMT && is_zcmt_instr[0] && stall_macro_deco_zcmt) || + (CVA6Cfg.CvxifEn && is_illegal_cvxif_i && ~stall_macro_deco && stall_instr_fetch[0]) + ? 1'b0 : 1'b1; // Clear the valid flag if issue has acknowledged the instruction if (issue_instr_ack_i[0]) issue_n[0].valid = 1'b0; + // TODO: refaire // if we have a space in the register and the fetch is valid, go get it // or the issue stage is currently acknowledging an instruction, which means that we will have space // for a new instruction - if ((!issue_q[0].valid || issue_instr_ack_i[0]) && fetch_entry_valid_i[0]) begin - if (stall_instr_fetch[0]) begin - fetch_entry_ready_o[0] = 1'b0; - end else begin - fetch_entry_ready_o[0] = 1'b1; - end - issue_n[0] = '{1'b1, decoded_instruction[0], orig_instr[0], is_control_flow_instr[0]}; + if (!issue_n[0].valid && fetch_entry_valid_i[0]) begin + fetch_entry_ready_o[0] = ~stall_instr_fetch[0]; + issue_n[0] = '{ + decoded_instruction_valid[0], + decoded_instruction[0], + orig_instr[0], + is_control_flow_instr[0] + }; end // invalidate the pipeline register on a flush @@ -350,4 +454,5 @@ module id_stage #( issue_q <= issue_n; end end + endmodule diff --git a/core/include/ariane_pkg.sv b/core/include/ariane_pkg.sv index 9e2e0aa80..e965b1e09 100644 --- a/core/include/ariane_pkg.sv +++ b/core/include/ariane_pkg.sv @@ -31,8 +31,6 @@ package ariane_pkg; // TODO: Slowly move those parameters to the new system. localparam BITS_SATURATION_COUNTER = 2; - localparam ISSUE_WIDTH = 1; - // depth of store-buffers, this needs to be a power of two localparam logic [2:0] DEPTH_SPEC = 'd4; @@ -809,4 +807,12 @@ package ariane_pkg; return gppn; endfunction : make_gppn + // ---------------------- + // Helper functions + // ---------------------- + // Avoid negative array slices when defining parametrized sizes + function automatic int unsigned avoid_neg(int n); + return (n < 0) ? 0 : n; + endfunction : avoid_neg + endpackage diff --git a/core/include/build_config_pkg.sv b/core/include/build_config_pkg.sv index 232272d0c..e40ad5c98 100644 --- a/core/include/build_config_pkg.sv +++ b/core/include/build_config_pkg.sv @@ -70,9 +70,11 @@ package build_config_pkg; cfg.RVC = CVA6Cfg.RVC; cfg.RVH = CVA6Cfg.RVH; cfg.RVZCB = CVA6Cfg.RVZCB; + cfg.RVZCMT = CVA6Cfg.RVZCMT; cfg.RVZCMP = CVA6Cfg.RVZCMP; cfg.XFVec = CVA6Cfg.XFVec; cfg.CvxifEn = CVA6Cfg.CvxifEn; + cfg.CoproType = CVA6Cfg.CoproType; cfg.RVZiCond = CVA6Cfg.RVZiCond; cfg.RVZicntr = CVA6Cfg.RVZicntr; cfg.RVZihpm = CVA6Cfg.RVZihpm; @@ -95,12 +97,15 @@ package build_config_pkg; cfg.MmuPresent = CVA6Cfg.MmuPresent; cfg.RVS = CVA6Cfg.RVS; cfg.RVU = CVA6Cfg.RVU; + cfg.SoftwareInterruptEn = CVA6Cfg.SoftwareInterruptEn; cfg.HaltAddress = CVA6Cfg.HaltAddress; cfg.ExceptionAddress = CVA6Cfg.ExceptionAddress; cfg.RASDepth = CVA6Cfg.RASDepth; cfg.BTBEntries = CVA6Cfg.BTBEntries; + cfg.BPType = CVA6Cfg.BPType; cfg.BHTEntries = CVA6Cfg.BHTEntries; + cfg.BHTHist = CVA6Cfg.BHTHist; cfg.DmBaseAddress = CVA6Cfg.DmBaseAddress; cfg.TvalEn = CVA6Cfg.TvalEn; cfg.DirectVecOnly = CVA6Cfg.DirectVecOnly; diff --git a/core/include/config_pkg.sv b/core/include/config_pkg.sv index c129c994c..c6a5f2308 100644 --- a/core/include/config_pkg.sv +++ b/core/include/config_pkg.sv @@ -35,6 +35,12 @@ package config_pkg; HPDCACHE_WT_WB = 4 } cache_type_t; + /// Branch predictor parameter + typedef enum logic { + BHT = 0, // Bimodal predictor + PH_BHT = 1 // Private History Bimodal predictor + } bp_type_t; + /// Data and Address length typedef enum logic [3:0] { ModeOff = 0, @@ -45,6 +51,12 @@ package config_pkg; ModeSv64 = 11 } vm_mode_t; + /// Coprocessor type parameter + typedef enum { + COPRO_NONE, + COPRO_EXAMPLE + } copro_type_t; + localparam NrMaxRules = 16; typedef struct packed { @@ -68,6 +80,8 @@ package config_pkg; bit RVZCB; // Zcmp RISC-V extension bit RVZCMP; + // Zcmt RISC-V extension + bit RVZCMT; // Zicond RISC-V extension bit RVZiCond; // Zicntr RISC-V extension @@ -94,6 +108,8 @@ package config_pkg; bit RVS; // User mode bit RVU; + // Software interrupts are enabled + bit SoftwareInterruptEn; // Debug support bit DebugEn; // Base address of the debug module @@ -136,6 +152,8 @@ package config_pkg; logic [NrMaxRules-1:0][63:0] CachedRegionLength; // CV-X-IF coprocessor interface enable bit CvxifEn; + // Coprocessor type + copro_type_t CoproType; // NOC bus type noc_type_e NOCType; // AXI address width @@ -202,8 +220,12 @@ package config_pkg; int unsigned RASDepth; // Branch target buffer entries int unsigned BTBEntries; + // Branch predictor type + bp_type_t BPType; // Branch history entries int unsigned BHTEntries; + // Branch history bits + int unsigned BHTHist; // MMU instruction TLB entries int unsigned InstrTlbEntries; // MMU data TLB entries @@ -256,8 +278,10 @@ package config_pkg; bit RVH; bit RVZCB; bit RVZCMP; + bit RVZCMT; bit XFVec; bit CvxifEn; + copro_type_t CoproType; bit RVZiCond; bit RVZicntr; bit RVZihpm; @@ -277,14 +301,17 @@ package config_pkg; bit EnableAccelerator; bit PerfCounterEn; bit MmuPresent; - bit RVS; //Supervisor mode - bit RVU; //User mode + bit RVS; //Supervisor mode + bit RVU; //User mode + bit SoftwareInterruptEn; logic [63:0] HaltAddress; logic [63:0] ExceptionAddress; int unsigned RASDepth; int unsigned BTBEntries; + bp_type_t BPType; int unsigned BHTEntries; + int unsigned BHTHist; int unsigned InstrTlbEntries; int unsigned DataTlbEntries; bit unsigned UseSharedTlb; @@ -386,9 +413,13 @@ package config_pkg; assert (Cfg.NrCachedRegionRules <= NrMaxRules); assert (Cfg.NrPMPEntries <= 64); assert (!(Cfg.SuperscalarEn && Cfg.RVF)); - assert (!(Cfg.SuperscalarEn && Cfg.RVZCMP)); assert (Cfg.FETCH_WIDTH == 32 || Cfg.FETCH_WIDTH == 64) else $fatal(1, "[frontend] fetch width != not supported"); + // Support for disabling MIP.MSIP and MIE.MSIE in Hypervisor and Supervisor mode is not supported + // Software Interrupt can be disabled when there is only M machine mode in CVA6. + assert (!(Cfg.RVS && !Cfg.SoftwareInterruptEn)); + assert (!(Cfg.RVH && !Cfg.SoftwareInterruptEn)); + assert (!(Cfg.RVZCMT && ~Cfg.MmuPresent)); // pragma translate_on endfunction diff --git a/core/include/cv32a60x_config_pkg.sv b/core/include/cv32a60x_config_pkg.sv index 55cd5e57f..c11553878 100644 --- a/core/include/cv32a60x_config_pkg.sv +++ b/core/include/cv32a60x_config_pkg.sv @@ -43,10 +43,12 @@ package cva6_config_pkg; RVV: bit'(0), RVC: bit'(1), RVH: bit'(0), + RVZCMT: bit'(0), RVZCB: bit'(1), - RVZCMP: bit'(1), + RVZCMP: bit'(0), XFVec: bit'(0), CvxifEn: bit'(1), + CoproType: config_pkg::COPRO_EXAMPLE, RVZiCond: bit'(0), RVZicntr: bit'(0), RVZihpm: bit'(0), @@ -55,15 +57,18 @@ package cva6_config_pkg; MmuPresent: bit'(0), RVS: bit'(0), RVU: bit'(0), + SoftwareInterruptEn: bit'(0), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(2), BTBEntries: unsigned'(0), + BPType: config_pkg::BHT, BHTEntries: unsigned'(32), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(0), DirectVecOnly: bit'(1), - NrPMPEntries: unsigned'(8), + NrPMPEntries: unsigned'(0), PMPCfgRstVal: {64{64'h0}}, PMPAddrRstVal: {64{64'h0}}, PMPEntryReadOnly: 64'd0, diff --git a/core/include/cv32a65x_config_pkg.sv b/core/include/cv32a65x_config_pkg.sv index bb0109f8c..d3c530a6c 100644 --- a/core/include/cv32a65x_config_pkg.sv +++ b/core/include/cv32a65x_config_pkg.sv @@ -43,10 +43,12 @@ package cva6_config_pkg; RVV: bit'(0), RVC: bit'(1), RVH: bit'(0), + RVZCMT: bit'(0), RVZCB: bit'(1), RVZCMP: bit'(0), XFVec: bit'(0), CvxifEn: bit'(1), + CoproType: config_pkg::COPRO_EXAMPLE, RVZiCond: bit'(0), RVZicntr: bit'(0), RVZihpm: bit'(0), @@ -55,11 +57,14 @@ package cva6_config_pkg; MmuPresent: bit'(0), RVS: bit'(0), RVU: bit'(0), + SoftwareInterruptEn: bit'(0), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(2), BTBEntries: unsigned'(0), + BPType: config_pkg::BHT, BHTEntries: unsigned'(32), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(0), DirectVecOnly: bit'(1), diff --git a/core/include/cv32a6_embedded_config_pkg_deprecated.sv b/core/include/cv32a6_embedded_config_pkg_deprecated.sv index ce5e63510..1c8088dc7 100644 --- a/core/include/cv32a6_embedded_config_pkg_deprecated.sv +++ b/core/include/cv32a6_embedded_config_pkg_deprecated.sv @@ -12,6 +12,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 32; localparam CVA6ConfigRVF = 0; + localparam CVA6ConfigRVD = 0; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -42,6 +43,9 @@ package cva6_config_pkg; localparam CVA6ConfigDcacheSetAssoc = 8; localparam CVA6ConfigDcacheLineWidth = 128; + localparam CVA6ConfigDcacheFlushOnFence = 1'b0; + localparam CVA6ConfigDcacheInvalidateOnFlush = 1'b0; + localparam CVA6ConfigDcacheIdWidth = 1; localparam CVA6ConfigMemTidWidth = 2; @@ -84,7 +88,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -97,7 +101,9 @@ package cva6_config_pkg; RVZCB: bit'(CVA6ConfigZcbExtEn), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), + RVZCMT: bit'(0), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -106,11 +112,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(0), RVU: bit'(0), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -139,6 +148,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), + DcacheFlushOnFence: bit'(CVA6ConfigDcacheFlushOnFence), + DcacheInvalidateOnFlush: bit'(CVA6ConfigDcacheInvalidateOnFlush), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv32a6_ima_sv32_fpga_config_pkg.sv b/core/include/cv32a6_ima_sv32_fpga_config_pkg.sv index f45976570..fcaa03fd2 100644 --- a/core/include/cv32a6_ima_sv32_fpga_config_pkg.sv +++ b/core/include/cv32a6_ima_sv32_fpga_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 32; localparam CVA6ConfigRVF = 0; + localparam CVA6ConfigRVD = 0; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -85,7 +86,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -96,9 +97,11 @@ package cva6_config_pkg; RVC: bit'(CVA6ConfigCExtEn), RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), + RVZCMT: bit'(0), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -107,11 +110,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: unsigned'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -140,6 +146,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), + DcacheFlushOnFence: bit'(0), + DcacheInvalidateOnFlush: bit'(0), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv32a6_imac_sv0_config_pkg.sv b/core/include/cv32a6_imac_sv0_config_pkg.sv index 6ab85d509..7ffc90f99 100644 --- a/core/include/cv32a6_imac_sv0_config_pkg.sv +++ b/core/include/cv32a6_imac_sv0_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 32; localparam CVA6ConfigRVF = 0; + localparam CVA6ConfigRVD = 0; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -85,7 +86,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -96,9 +97,11 @@ package cva6_config_pkg; RVC: bit'(CVA6ConfigCExtEn), RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), + RVZCMT: bit'(0), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -107,11 +110,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: unsigned'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -140,6 +146,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), + DcacheFlushOnFence: bit'(0), + DcacheInvalidateOnFlush: bit'(0), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv32a6_imac_sv32_config_pkg.sv b/core/include/cv32a6_imac_sv32_config_pkg.sv index 2e8d236fb..382c1afcf 100644 --- a/core/include/cv32a6_imac_sv32_config_pkg.sv +++ b/core/include/cv32a6_imac_sv32_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 32; localparam CVA6ConfigRVF = 0; + localparam CVA6ConfigRVD = 0; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -84,7 +85,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -95,9 +96,11 @@ package cva6_config_pkg; RVC: bit'(CVA6ConfigCExtEn), RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), + RVZCMT: bit'(0), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -106,11 +109,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), diff --git a/core/include/cv32a6_imafc_sv32_config_pkg.sv b/core/include/cv32a6_imafc_sv32_config_pkg.sv index 2575d7ac3..4250eac32 100644 --- a/core/include/cv32a6_imafc_sv32_config_pkg.sv +++ b/core/include/cv32a6_imafc_sv32_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 32; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 0; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -85,7 +86,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -97,8 +98,10 @@ package cva6_config_pkg; RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), RVZCMP: bit'(CVA6ConfigZcmpExtEn), + RVZCMT: bit'(0), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -107,11 +110,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -136,10 +142,12 @@ package cva6_config_pkg; IcacheByteSize: unsigned'(CVA6ConfigIcacheByteSize), IcacheSetAssoc: unsigned'(CVA6ConfigIcacheSetAssoc), IcacheLineWidth: unsigned'(CVA6ConfigIcacheLineWidth), + DCacheType: CVA6ConfigDcacheType, DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), - DCacheType: CVA6ConfigDcacheType, + DcacheFlushOnFence: bit'(0), + DcacheInvalidateOnFlush: bit'(0), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv64a60ax_config_pkg.sv b/core/include/cv64a60ax_config_pkg.sv new file mode 100644 index 000000000..474ff03c8 --- /dev/null +++ b/core/include/cv64a60ax_config_pkg.sv @@ -0,0 +1,118 @@ +// Copyright 2021 Thales DIS design services SAS +// +// Licensed under the Solderpad Hardware Licence, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0 +// You may obtain a copy of the License at https://solderpad.org/licenses/ +// +// Original Author: Jean-Roch COULON - Thales +// +// Copyright 2023 Commissariat a l'Energie Atomique et aux Energies +// Alternatives (CEA) +// +// Author: Tanuj Khandelwal - CEA +// Date: Janvary, 2025 +// Description: CVA6 configuration package using the HPDcache as cache subsystem + + +package cva6_config_pkg; + + localparam CVA6ConfigXlen = 64; + localparam CVA6ConfigRvfiTrace = 1; + + localparam CVA6ConfigAxiIdWidth = 4; + localparam CVA6ConfigAxiAddrWidth = 64; + localparam CVA6ConfigAxiDataWidth = 64; + localparam CVA6ConfigDataUserWidth = 32; + + +localparam config_pkg::cva6_user_cfg_t cva6_cfg = '{ + XLEN: unsigned'(CVA6ConfigXlen), + VLEN: unsigned'(64), + FpgaEn: bit'(0), // for Xilinx and Altera + FpgaAlteraEn: bit'(0), // for Altera (only) + TechnoCut: bit'(0), + SuperscalarEn: bit'(0), + NrCommitPorts: unsigned'(2), + AxiAddrWidth: unsigned'(CVA6ConfigAxiAddrWidth), + AxiDataWidth: unsigned'(CVA6ConfigAxiDataWidth), + AxiIdWidth: unsigned'(CVA6ConfigAxiIdWidth), + AxiUserWidth: unsigned'(CVA6ConfigDataUserWidth), + MemTidWidth: unsigned'(CVA6ConfigAxiIdWidth), + NrLoadBufEntries: unsigned'(8), + RVF: bit'(1), + RVD: bit'(1), + XF16: bit'(0), + XF16ALT: bit'(0), + XF8: bit'(0), + RVA: bit'(1), + RVB: bit'(1), + ZKN: bit'(1), + RVV: bit'(0), + RVC: bit'(1), + RVH: bit'(0), + RVZCMT: bit'(0), + RVZCB: bit'(1), + RVZCMP: bit'(0), + XFVec: bit'(0), + CvxifEn: bit'(1), + RVZiCond: bit'(1), + RVZicntr: bit'(1), + RVZihpm: bit'(1), + NrScoreboardEntries: unsigned'(8), + PerfCounterEn: bit'(1), + MmuPresent: bit'(1), + RVS: bit'(1), + RVU: bit'(1), + SoftwareInterruptEn: bit'(0), + HaltAddress: 64'h800, + ExceptionAddress: 64'h808, + RASDepth: unsigned'(4), + BTBEntries: unsigned'(16), + BPType: config_pkg::BHT, + BHTEntries: unsigned'(64), + BHTHist: unsigned'(3), + DmBaseAddress: 64'h0, + TvalEn: bit'(1), + DirectVecOnly: bit'(0), + NrPMPEntries: unsigned'(8), + PMPCfgRstVal: {64{64'h0}}, + PMPAddrRstVal: {64{64'h0}}, + PMPEntryReadOnly: 64'd0, + PMPNapotEn: bit'(1), + NOCType: config_pkg::NOC_TYPE_AXI4_ATOP, + NrNonIdempotentRules: unsigned'(2), + NonIdempotentAddrBase: 1024'({64'b0, 64'b0}), + NonIdempotentLength: 1024'({64'b0, 64'b0}), + NrExecuteRegionRules: unsigned'(3), + ExecuteRegionAddrBase: 1024'({64'h8000_0000, 64'h1_0000, 64'h0}), + ExecuteRegionLength: 1024'({64'h40000000, 64'h10000, 64'h1000}), + NrCachedRegionRules: unsigned'(1), + CachedRegionAddrBase: 1024'({64'h8000_0000}), + CachedRegionLength: 1024'({64'h40000000}), + MaxOutstandingStores: unsigned'(7), + DebugEn: bit'(1), + AxiBurstWriteEn: bit'(0), + IcacheByteSize: unsigned'(32768), + IcacheSetAssoc: unsigned'(8), + IcacheLineWidth: unsigned'(512), + DCacheType: config_pkg::HPDCACHE_WT, + DcacheByteSize: unsigned'(32768), + DcacheSetAssoc: unsigned'(8), + DcacheLineWidth: unsigned'(512), + DcacheFlushOnFence: bit'(0), + DcacheInvalidateOnFlush: bit'(0), + DataUserEn: unsigned'(0), + WtDcacheWbufDepth: int'(8), + FetchUserWidth: unsigned'(32), + FetchUserEn: unsigned'(0), + InstrTlbEntries: int'(16), + DataTlbEntries: int'(16), + UseSharedTlb: bit'(0), + SharedTlbDepth: int'(64), + NrLoadPipeRegs: int'(0), + NrStorePipeRegs: int'(0), + DcacheIdWidth: int'(3) +}; + +endpackage diff --git a/core/include/cv64a6_imadfcv_sv39_polara_config_pkg.sv b/core/include/cv64a6_imadfcv_sv39_polara_config_pkg.sv index 2622377d8..d316183a4 100644 --- a/core/include/cv64a6_imadfcv_sv39_polara_config_pkg.sv +++ b/core/include/cv64a6_imadfcv_sv39_polara_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 1; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -43,6 +44,9 @@ package cva6_config_pkg; localparam CVA6ConfigDcacheSetAssoc = 8; localparam CVA6ConfigDcacheLineWidth = 128; + localparam CVA6ConfigDcacheFlushOnFence = 1'b0; + localparam CVA6ConfigDcacheInvalidateOnFlush = 1'b0; + localparam CVA6ConfigDcacheIdWidth = 1; localparam CVA6ConfigMemTidWidth = 2; @@ -85,7 +89,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -97,8 +101,10 @@ package cva6_config_pkg; RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), RVZCMP: bit'(CVA6ConfigZcmpExtEn), + RVZCMT: bit'(0), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -107,11 +113,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -140,6 +149,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), + DcacheFlushOnFence: bit'(CVA6ConfigDcacheFlushOnFence), + DcacheInvalidateOnFlush: bit'(CVA6ConfigDcacheInvalidateOnFlush), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv64a6_imafdc_sv39_config_pkg.sv b/core/include/cv64a6_imafdc_sv39_config_pkg.sv index c8ea11d9e..46e8479ef 100644 --- a/core/include/cv64a6_imafdc_sv39_config_pkg.sv +++ b/core/include/cv64a6_imafdc_sv39_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -88,7 +89,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -99,9 +100,11 @@ package cva6_config_pkg; RVC: bit'(CVA6ConfigCExtEn), RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), + RVZCMT: bit'(0), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -110,11 +113,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), diff --git a/core/include/cv64a6_imafdc_sv39_hpdcache_config_pkg.sv b/core/include/cv64a6_imafdc_sv39_hpdcache_config_pkg.sv index d7d37a148..8bc91135b 100644 --- a/core/include/cv64a6_imafdc_sv39_hpdcache_config_pkg.sv +++ b/core/include/cv64a6_imafdc_sv39_hpdcache_config_pkg.sv @@ -20,6 +20,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -95,7 +96,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -107,8 +108,10 @@ package cva6_config_pkg; RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), RVZCMP: bit'(CVA6ConfigZcmpExtEn), + RVZCMT: bit'(0), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -117,11 +120,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), diff --git a/core/include/cv64a6_imafdc_sv39_hpdcache_wb_config_pkg.sv b/core/include/cv64a6_imafdc_sv39_hpdcache_wb_config_pkg.sv index 5e2773053..385ef9046 100644 --- a/core/include/cv64a6_imafdc_sv39_hpdcache_wb_config_pkg.sv +++ b/core/include/cv64a6_imafdc_sv39_hpdcache_wb_config_pkg.sv @@ -20,6 +20,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -56,7 +57,7 @@ package cva6_config_pkg; localparam CVA6ConfigDcacheIdWidth = 3; localparam CVA6ConfigMemTidWidth = CVA6ConfigAxiIdWidth; - localparam CVA6ConfigWtDcacheWbufDepth = 8; + localparam CVA6ConfigWtDcacheWbufDepth = 7; localparam CVA6ConfigNrScoreboardEntries = 8; @@ -95,7 +96,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -107,8 +108,10 @@ package cva6_config_pkg; RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), RVZCMP: bit'(CVA6ConfigZcmpExtEn), + RVZCMT: bit'(0), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -117,11 +120,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), diff --git a/core/include/cv64a6_imafdc_sv39_openpiton_config_pkg.sv b/core/include/cv64a6_imafdc_sv39_openpiton_config_pkg.sv index 5b785232c..c689073b0 100644 --- a/core/include/cv64a6_imafdc_sv39_openpiton_config_pkg.sv +++ b/core/include/cv64a6_imafdc_sv39_openpiton_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -43,6 +44,9 @@ package cva6_config_pkg; localparam CVA6ConfigDcacheSetAssoc = 8; localparam CVA6ConfigDcacheLineWidth = 128; + localparam CVA6ConfigDcacheFlushOnFence = 1'b0; + localparam CVA6ConfigDcacheInvalidateOnFlush = 1'b0; + localparam CVA6ConfigDcacheIdWidth = 1; localparam CVA6ConfigMemTidWidth = 2; @@ -85,7 +89,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -96,9 +100,11 @@ package cva6_config_pkg; RVC: bit'(CVA6ConfigCExtEn), RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), + RVZCMT: bit'(0), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -107,11 +113,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -140,6 +149,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), + DcacheFlushOnFence: unsigned'(CVA6ConfigDcacheFlushOnFence), + DcacheInvalidateOnFlush: unsigned'(CVA6ConfigDcacheInvalidateOnFlush), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv64a6_imafdc_sv39_wb_config_pkg.sv b/core/include/cv64a6_imafdc_sv39_wb_config_pkg.sv index fb0e9e60e..53c92fe8e 100644 --- a/core/include/cv64a6_imafdc_sv39_wb_config_pkg.sv +++ b/core/include/cv64a6_imafdc_sv39_wb_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -88,7 +89,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -99,9 +100,11 @@ package cva6_config_pkg; RVC: bit'(CVA6ConfigCExtEn), RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), + RVZCMT: bit'(0), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -110,11 +113,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), diff --git a/core/include/cv64a6_imafdch_sv39_config_pkg.sv b/core/include/cv64a6_imafdch_sv39_config_pkg.sv index dcdb20691..a3f97af2f 100644 --- a/core/include/cv64a6_imafdch_sv39_config_pkg.sv +++ b/core/include/cv64a6_imafdch_sv39_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -43,6 +44,9 @@ package cva6_config_pkg; localparam CVA6ConfigDcacheSetAssoc = 8; localparam CVA6ConfigDcacheLineWidth = 128; + localparam CVA6ConfigDcacheFlushOnFence = 1'b0; + localparam CVA6ConfigDcacheInvalidateOnFlush = 1'b0; + localparam CVA6ConfigDcacheIdWidth = 1; localparam CVA6ConfigMemTidWidth = 2; @@ -85,7 +89,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -96,9 +100,11 @@ package cva6_config_pkg; RVC: bit'(CVA6ConfigCExtEn), RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), + RVZCMT: bit'(0), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -107,11 +113,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -140,6 +149,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), + DcacheFlushOnFence: unsigned'(CVA6ConfigDcacheFlushOnFence), + DcacheInvalidateOnFlush: unsigned'(CVA6ConfigDcacheInvalidateOnFlush), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv64a6_imafdch_sv39_wb_config_pkg.sv b/core/include/cv64a6_imafdch_sv39_wb_config_pkg.sv index 8603bb192..c92bf35b6 100644 --- a/core/include/cv64a6_imafdch_sv39_wb_config_pkg.sv +++ b/core/include/cv64a6_imafdch_sv39_wb_config_pkg.sv @@ -13,6 +13,7 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -43,6 +44,9 @@ package cva6_config_pkg; localparam CVA6ConfigDcacheSetAssoc = 8; localparam CVA6ConfigDcacheLineWidth = 128; + localparam CVA6ConfigDcacheFlushOnFence = 1'b1; + localparam CVA6ConfigDcacheInvalidateOnFlush = 1'b0; + localparam CVA6ConfigDcacheIdWidth = 1; localparam CVA6ConfigMemTidWidth = 2; @@ -85,7 +89,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -96,9 +100,11 @@ package cva6_config_pkg; RVC: bit'(CVA6ConfigCExtEn), RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), + RVZCMT: bit'(0), RVZCMP: bit'(CVA6ConfigZcmpExtEn), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -107,11 +113,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -140,6 +149,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), + DcacheFlushOnFence: unsigned'(CVA6ConfigDcacheFlushOnFence), + DcacheInvalidateOnFlush: unsigned'(CVA6ConfigDcacheInvalidateOnFlush), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv64a6_imafdcv_sv39_config_pkg.sv b/core/include/cv64a6_imafdcv_sv39_config_pkg.sv index e2a9add4a..c04cd4fae 100644 --- a/core/include/cv64a6_imafdcv_sv39_config_pkg.sv +++ b/core/include/cv64a6_imafdcv_sv39_config_pkg.sv @@ -12,7 +12,10 @@ package cva6_config_pkg; localparam CVA6ConfigXlen = 64; + localparam CVA6ConfigNrCommitPorts = 2; + localparam CVA6ConfigRVF = 1; + localparam CVA6ConfigRVD = 1; localparam CVA6ConfigF16En = 0; localparam CVA6ConfigF16AltEn = 0; localparam CVA6ConfigF8En = 0; @@ -32,16 +35,19 @@ package cva6_config_pkg; localparam CVA6ConfigAxiAddrWidth = 64; localparam CVA6ConfigAxiDataWidth = 64; localparam CVA6ConfigFetchUserEn = 0; - localparam CVA6ConfigFetchUserWidth = CVA6ConfigXlen; + localparam CVA6ConfigFetchUserWidth = 1; // Just not to raise warnings localparam CVA6ConfigDataUserEn = 0; localparam CVA6ConfigDataUserWidth = CVA6ConfigXlen; - localparam CVA6ConfigIcacheByteSize = 16384; + localparam CVA6ConfigIcacheByteSize = 4096; localparam CVA6ConfigIcacheSetAssoc = 4; localparam CVA6ConfigIcacheLineWidth = 128; - localparam CVA6ConfigDcacheByteSize = 16384; + localparam CVA6ConfigDcacheByteSize = 8192; localparam CVA6ConfigDcacheSetAssoc = 4; - localparam CVA6ConfigDcacheLineWidth = 128; + localparam CVA6ConfigDcacheLineWidth = 256; + + localparam CVA6ConfigDcacheFlushOnFence = 1'b0; + localparam CVA6ConfigDcacheInvalidateOnFlush = 1'b0; localparam CVA6ConfigDcacheIdWidth = 1; localparam CVA6ConfigMemTidWidth = 2; @@ -77,7 +83,7 @@ package cva6_config_pkg; FpgaAlteraEn: bit'(0), // for Altera (only) TechnoCut: bit'(0), SuperscalarEn: bit'(0), - NrCommitPorts: unsigned'(1), + NrCommitPorts: unsigned'(CVA6ConfigNrCommitPorts), AxiAddrWidth: unsigned'(CVA6ConfigAxiAddrWidth), AxiDataWidth: unsigned'(CVA6ConfigAxiDataWidth), AxiIdWidth: unsigned'(CVA6ConfigAxiIdWidth), @@ -85,7 +91,7 @@ package cva6_config_pkg; MemTidWidth: unsigned'(CVA6ConfigMemTidWidth), NrLoadBufEntries: unsigned'(CVA6ConfigNrLoadBufEntries), RVF: bit'(CVA6ConfigRVF), - RVD: bit'(CVA6ConfigRVF), + RVD: bit'(CVA6ConfigRVD), XF16: bit'(CVA6ConfigF16En), XF16ALT: bit'(CVA6ConfigF16AltEn), XF8: bit'(CVA6ConfigF8En), @@ -97,8 +103,10 @@ package cva6_config_pkg; RVH: bit'(CVA6ConfigHExtEn), RVZCB: bit'(CVA6ConfigZcbExtEn), RVZCMP: bit'(CVA6ConfigZcmpExtEn), + RVZCMT: bit'(0), XFVec: bit'(CVA6ConfigFVecEn), CvxifEn: bit'(CVA6ConfigCvxifEn), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(CVA6ConfigRVZiCond), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -107,11 +115,14 @@ package cva6_config_pkg; MmuPresent: bit'(CVA6ConfigMmuPresent), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(CVA6ConfigRASDepth), BTBEntries: unsigned'(CVA6ConfigBTBEntries), + BPType: config_pkg::BHT, BHTEntries: unsigned'(CVA6ConfigBHTEntries), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(CVA6ConfigTvalEn), DirectVecOnly: bit'(0), @@ -139,6 +150,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(CVA6ConfigDcacheByteSize), DcacheSetAssoc: unsigned'(CVA6ConfigDcacheSetAssoc), DcacheLineWidth: unsigned'(CVA6ConfigDcacheLineWidth), + DcacheFlushOnFence: unsigned'(CVA6ConfigDcacheFlushOnFence), + DcacheInvalidateOnFlush: unsigned'(CVA6ConfigDcacheInvalidateOnFlush), DataUserEn: unsigned'(CVA6ConfigDataUserEn), WtDcacheWbufDepth: int'(CVA6ConfigWtDcacheWbufDepth), FetchUserWidth: unsigned'(CVA6ConfigFetchUserWidth), diff --git a/core/include/cv64a6_mmu_config_pkg.sv b/core/include/cv64a6_mmu_config_pkg.sv index 50e4131d4..c52f8f829 100644 --- a/core/include/cv64a6_mmu_config_pkg.sv +++ b/core/include/cv64a6_mmu_config_pkg.sv @@ -52,8 +52,10 @@ package cva6_config_pkg; RVH: bit'(0), RVZCB: bit'(1), RVZCMP: bit'(0), + RVZCMT: bit'(0), XFVec: bit'(0), CvxifEn: bit'(1), + CoproType: config_pkg::COPRO_NONE, RVZiCond: bit'(0), RVZicntr: bit'(1), RVZihpm: bit'(1), @@ -62,11 +64,14 @@ package cva6_config_pkg; MmuPresent: bit'(1), RVS: bit'(1), RVU: bit'(1), + SoftwareInterruptEn: bit'(1), HaltAddress: 64'h800, ExceptionAddress: 64'h808, RASDepth: unsigned'(2), BTBEntries: unsigned'(0), + BPType: config_pkg::BHT, BHTEntries: unsigned'(32), + BHTHist: unsigned'(3), DmBaseAddress: 64'h0, TvalEn: bit'(0), DirectVecOnly: bit'(1), @@ -95,6 +100,8 @@ package cva6_config_pkg; DcacheByteSize: unsigned'(32768), DcacheSetAssoc: unsigned'(8), DcacheLineWidth: unsigned'(128), + DcacheFlushOnFence: bit'(0), + DcacheInvalidateOnFlush: bit'(0), DataUserEn: unsigned'(0), WtDcacheWbufDepth: int'(2), FetchUserWidth: unsigned'(64), diff --git a/core/include/riscv_pkg.sv b/core/include/riscv_pkg.sv index 40499c637..e9dbc65a1 100644 --- a/core/include/riscv_pkg.sv +++ b/core/include/riscv_pkg.sv @@ -385,6 +385,8 @@ package riscv; CSR_FFLAGS = 12'h001, CSR_FRM = 12'h002, CSR_FCSR = 12'h003, + //jvt + CSR_JVT = 12'h017, CSR_FTRAN = 12'h800, // Vector CSRs CSR_VSTART = 12'h008, @@ -724,6 +726,8 @@ package riscv; localparam logic [63:0] SSTATUS_MXR = 'h00080000; localparam logic [63:0] SSTATUS_UPIE = 'h00000010; localparam logic [63:0] SSTATUS_UXL = 64'h0000000300000000; + // CSR Bit Implementation Masks + function automatic logic [63:0] sstatus_sd(logic IS_XLEN64); return {IS_XLEN64, 31'h00000000, ~IS_XLEN64, 31'h00000000}; endfunction diff --git a/core/include/rvfi_types.svh b/core/include/rvfi_types.svh index 68881bf0d..69c552e7a 100644 --- a/core/include/rvfi_types.svh +++ b/core/include/rvfi_types.svh @@ -39,6 +39,7 @@ rvfi_csr_elmt_t fflags; \ rvfi_csr_elmt_t frm; \ rvfi_csr_elmt_t fcsr; \ + rvfi_csr_elmt_t jvt; \ rvfi_csr_elmt_t ftran; \ rvfi_csr_elmt_t dcsr; \ rvfi_csr_elmt_t dpc; \ @@ -103,8 +104,8 @@ logic [Cfg.NrIssuePorts-1:0] fetch_entry_valid; \ logic [Cfg.NrIssuePorts-1:0][31:0] instruction; \ logic [Cfg.NrIssuePorts-1:0] is_compressed; \ - logic [Cfg.NrIssuePorts-1:0][Cfg.VLEN-1:0] rs1_forwarding; \ - logic [Cfg.NrIssuePorts-1:0][Cfg.VLEN-1:0] rs2_forwarding; \ + logic [Cfg.NrIssuePorts-1:0][Cfg.XLEN-1:0] rs1; \ + logic [Cfg.NrIssuePorts-1:0][Cfg.XLEN-1:0] rs2; \ logic [Cfg.NrCommitPorts-1:0][Cfg.VLEN-1:0] commit_instr_pc; \ ariane_pkg::fu_op [Cfg.NrCommitPorts-1:0] commit_instr_op; \ logic [Cfg.NrCommitPorts-1:0][ariane_pkg::REG_ADDR_SIZE-1:0] commit_instr_rs1; \ @@ -130,6 +131,7 @@ `define RVFI_PROBES_CSR_T(Cfg) struct packed { \ riscv::fcsr_t fcsr_q; \ riscv::dcsr_t dcsr_q; \ + logic [Cfg.XLEN-1:0] jvt_q; \ logic [Cfg.XLEN-1:0] dpc_q; \ logic [Cfg.XLEN-1:0] dscratch0_q; \ logic [Cfg.XLEN-1:0] dscratch1_q; \ diff --git a/core/issue_read_operands.sv b/core/issue_read_operands.sv index 8ea332dc0..8f70016f0 100644 --- a/core/issue_read_operands.sv +++ b/core/issue_read_operands.sv @@ -51,11 +51,13 @@ module issue_read_operands // FU data useful to execute instruction - EX_STAGE output fu_data_t [CVA6Cfg.NrIssuePorts-1:0] fu_data_o, // Unregistered version of fu_data_o.operanda - EX_STAGE - output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs1_forwarding_o, + output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.VLEN-1:0] rs1_forwarding_o, // Unregistered version of fu_data_o.operandb - EX_STAGE - output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs2_forwarding_o, + output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.VLEN-1:0] rs2_forwarding_o, // Program Counter - EX_STAGE output logic [CVA6Cfg.VLEN-1:0] pc_o, + // Is zcmt - EX_STAGE + output logic is_zcmt_o, // Is compressed instruction - EX_STAGE output logic is_compressed_instr_o, // Fixed Latency Unit is ready - EX_STAGE @@ -119,9 +121,13 @@ module issue_read_operands input logic [CVA6Cfg.NrCommitPorts-1:0] we_gpr_i, // FPR write enable - COMMIT_STAGE input logic [CVA6Cfg.NrCommitPorts-1:0] we_fpr_i, - // Issue stall - PERF_COUNTERS - output logic stall_issue_o + output logic stall_issue_o, + // Information dedicated to RVFI - RVFI + output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rvfi_rs1_o, + // Information dedicated to RVFI - RVFI + output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rvfi_rs2_o + ); localparam OPERANDS_PER_INSTR = CVA6Cfg.NrRgprPorts / CVA6Cfg.NrIssuePorts; @@ -141,19 +147,22 @@ module issue_read_operands rs3_len_t operand_c_fpr; // output flipflop (ID <-> EX) fu_data_t [CVA6Cfg.NrIssuePorts-1:0] fu_data_n, fu_data_q; - logic [ CVA6Cfg.XLEN-1:0] imm_forward_rs3; + logic [CVA6Cfg.VLEN-1:0] pc_n; + logic is_compressed_instr_n; + branchpredict_sbe_t branch_predict_n; + logic [CVA6Cfg.XLEN-1:0] imm_forward_rs3; - logic [CVA6Cfg.NrIssuePorts-1:0] alu_valid_q; - logic [CVA6Cfg.NrIssuePorts-1:0] mult_valid_q; - logic [CVA6Cfg.NrIssuePorts-1:0] fpu_valid_q; - logic [ 1:0] fpu_fmt_q; - logic [ 2:0] fpu_rm_q; - logic [CVA6Cfg.NrIssuePorts-1:0] alu2_valid_q; - logic [CVA6Cfg.NrIssuePorts-1:0] lsu_valid_q; - logic [CVA6Cfg.NrIssuePorts-1:0] csr_valid_q; - logic [CVA6Cfg.NrIssuePorts-1:0] branch_valid_q; - logic [CVA6Cfg.NrIssuePorts-1:0] cvxif_valid_q; - logic [ 31:0] cvxif_off_instr_q; + logic [CVA6Cfg.NrIssuePorts-1:0] alu_valid_n, alu_valid_q; + logic [CVA6Cfg.NrIssuePorts-1:0] mult_valid_n, mult_valid_q; + logic [CVA6Cfg.NrIssuePorts-1:0] fpu_valid_n, fpu_valid_q; + logic [1:0] fpu_fmt_n, fpu_fmt_q; + logic [2:0] fpu_rm_n, fpu_rm_q; + logic [CVA6Cfg.NrIssuePorts-1:0] alu2_valid_n, alu2_valid_q; + logic [CVA6Cfg.NrIssuePorts-1:0] lsu_valid_n, lsu_valid_q; + logic [CVA6Cfg.NrIssuePorts-1:0] csr_valid_n, csr_valid_q; + logic [CVA6Cfg.NrIssuePorts-1:0] branch_valid_n, branch_valid_q; + logic [CVA6Cfg.NrIssuePorts-1:0] cvxif_valid_n, cvxif_valid_q; + logic [31:0] cvxif_off_instr_n, cvxif_off_instr_q; logic cvxif_instruction_valid; //fwd logic @@ -197,7 +206,7 @@ module issue_read_operands // CVXIF Signals logic cvxif_req_allowed; - logic x_transaction_rejected; + logic x_transaction_rejected, x_transaction_rejected_n; logic [OPERANDS_PER_INSTR-1:0] rs_valid; logic [OPERANDS_PER_INSTR-1:0][CVA6Cfg.XLEN-1:0] rs; @@ -225,8 +234,7 @@ module issue_read_operands .x_off_instr_i (orig_instr_i[0]), .x_trans_id_i (issue_instr_i[0].trans_id), .register_i (rs), - .rs_valid_i (rs_valid), - .cvxif_busy_o () + .rs_valid_i (rs_valid) ); if (OPERANDS_PER_INSTR == 3) begin assign rs_valid = {~stall_rs3[0], ~stall_rs2[0], ~stall_rs1[0]}; @@ -250,6 +258,8 @@ module issue_read_operands for (genvar i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin assign rs1_forwarding_o[i] = fu_data_n[i].operand_a[CVA6Cfg.VLEN-1:0]; //forwarding or unregistered rs1 value assign rs2_forwarding_o[i] = fu_data_n[i].operand_b[CVA6Cfg.VLEN-1:0]; //forwarding or unregistered rs2 value + assign rvfi_rs1_o[i] = fu_data_n[i].operand_a; + assign rvfi_rs2_o[i] = fu_data_n[i].operand_b; end assign fu_data_o = fu_data_q; @@ -284,7 +294,7 @@ module issue_read_operands // after a multiplication was issued we can only issue another multiplication // otherwise we will get contentions on the fixed latency bus - if (mult_valid_q) begin + if (|mult_valid_q) begin fus_busy[0].alu = 1'b1; fus_busy[0].ctrl_flow = 1'b1; fus_busy[0].csr = 1'b1; @@ -310,7 +320,7 @@ module issue_read_operands fus_busy[1].cvxif = 1'b1; unique case (issue_instr_i[0].fu) - NONE: fus_busy[1].none = 1'b1; + NONE: fus_busy[1].none = 1'b1; CTRL_FLOW: begin if (CVA6Cfg.SpeculativeSb) begin // Issue speculative instruction, will be removed on BMISS @@ -350,7 +360,7 @@ module issue_read_operands // Control hazard fus_busy[1] = '1; end - MULT: fus_busy[1].mult = 1'b1; + MULT: fus_busy[1].mult = 1'b1; FPU, FPU_VEC: begin fus_busy[1].fpu = 1'b1; fus_busy[1].fpu_vec = 1'b1; @@ -360,6 +370,7 @@ module issue_read_operands fus_busy[1].store = 1'b1; end CVXIF: ; + default: ; endcase end end @@ -776,6 +787,64 @@ module issue_read_operands end end + always_comb begin + alu_valid_n = '0; + lsu_valid_n = '0; + mult_valid_n = '0; + fpu_valid_n = '0; + fpu_fmt_n = '0; + fpu_rm_n = '0; + alu2_valid_n = '0; + csr_valid_n = '0; + branch_valid_n = '0; + for (int unsigned i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin + if (!issue_instr_i[i].ex.valid && issue_instr_valid_i[i] && issue_ack_o[i]) begin + case (issue_instr_i[i].fu) + ALU: begin + if (CVA6Cfg.SuperscalarEn && !fus_busy[i].alu2) begin + alu2_valid_n[i] = 1'b1; + end else begin + alu_valid_n[i] = 1'b1; + end + end + CTRL_FLOW: begin + branch_valid_n[i] = 1'b1; + end + MULT: begin + mult_valid_n[i] = 1'b1; + end + LOAD, STORE: begin + lsu_valid_n[i] = 1'b1; + end + CSR: begin + csr_valid_n[i] = 1'b1; + end + default: begin + if (issue_instr_i[i].fu == FPU && CVA6Cfg.FpPresent) begin + fpu_valid_n[i] = 1'b1; + fpu_fmt_n = orig_instr.rftype.fmt; // fmt bits from instruction + fpu_rm_n = orig_instr.rftype.rm; // rm bits from instruction + end else if (issue_instr_i[i].fu == FPU_VEC && CVA6Cfg.FpPresent) begin + fpu_valid_n[i] = 1'b1; + fpu_fmt_n = orig_instr.rvftype.vfmt; // vfmt bits from instruction + fpu_rm_n = {2'b0, orig_instr.rvftype.repl}; // repl bit from instruction + end + end + endcase + end + end + // if we got a flush request, de-assert the valid flag, otherwise we will start this + // functional unit with the wrong inputs + if (flush_i) begin + alu_valid_n = '0; + lsu_valid_n = '0; + mult_valid_n = '0; + fpu_valid_n = '0; + alu2_valid_n = '0; + csr_valid_n = '0; + branch_valid_n = '0; + end + end // FU select, assert the correct valid out signal (in the next cycle) // This needs to be like this to make verilator happy. I know its ugly. always_ff @(posedge clk_i or negedge rst_ni) begin @@ -790,91 +859,45 @@ module issue_read_operands csr_valid_q <= '0; branch_valid_q <= '0; end else begin - alu_valid_q <= '0; - lsu_valid_q <= '0; - mult_valid_q <= '0; - fpu_valid_q <= '0; - fpu_fmt_q <= '0; - fpu_rm_q <= '0; - alu2_valid_q <= '0; - csr_valid_q <= '0; - branch_valid_q <= '0; - // Exception pass through: - // If an exception has occurred simply pass it through - // we do not want to issue this instruction - for (int unsigned i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin - if (!issue_instr_i[i].ex.valid && issue_instr_valid_i[i] && issue_ack_o[i]) begin - case (issue_instr_i[i].fu) - ALU: begin - if (CVA6Cfg.SuperscalarEn && !fus_busy[i].alu2) begin - alu2_valid_q[i] <= 1'b1; - end else begin - alu_valid_q[i] <= 1'b1; - end - end - CTRL_FLOW: begin - branch_valid_q[i] <= 1'b1; - end - MULT: begin - mult_valid_q[i] <= 1'b1; - end - LOAD, STORE: begin - lsu_valid_q[i] <= 1'b1; - end - CSR: begin - csr_valid_q[i] <= 1'b1; - end - default: begin - if (issue_instr_i[i].fu == FPU && CVA6Cfg.FpPresent) begin - fpu_valid_q[i] <= 1'b1; - fpu_fmt_q <= orig_instr.rftype.fmt; // fmt bits from instruction - fpu_rm_q <= orig_instr.rftype.rm; // rm bits from instruction - end else if (issue_instr_i[i].fu == FPU_VEC && CVA6Cfg.FpPresent) begin - fpu_valid_q[i] <= 1'b1; - fpu_fmt_q <= orig_instr.rvftype.vfmt; // vfmt bits from instruction - fpu_rm_q <= {2'b0, orig_instr.rvftype.repl}; // repl bit from instruction - end - end - endcase - end - end - // if we got a flush request, de-assert the valid flag, otherwise we will start this - // functional unit with the wrong inputs - if (flush_i) begin - alu_valid_q <= '0; - lsu_valid_q <= '0; - mult_valid_q <= '0; - fpu_valid_q <= '0; - alu2_valid_q <= '0; - csr_valid_q <= '0; - branch_valid_q <= '0; - end + alu_valid_q <= alu_valid_n; + lsu_valid_q <= lsu_valid_n; + mult_valid_q <= mult_valid_n; + fpu_valid_q <= fpu_valid_n; + fpu_fmt_q <= fpu_fmt_n; + fpu_rm_q <= fpu_rm_n; + alu2_valid_q <= alu2_valid_n; + csr_valid_q <= csr_valid_n; + branch_valid_q <= branch_valid_n; end end if (CVA6Cfg.CvxifEn) begin + always_comb begin + cvxif_valid_n = '0; + cvxif_off_instr_n = 32'b0; + for (int unsigned i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin + if (!issue_instr_i[i].ex.valid && issue_instr_valid_i[i] && issue_ack_o[i]) begin + case (issue_instr_i[i].fu) + CVXIF: begin + cvxif_valid_n[i] = 1'b1; + cvxif_off_instr_n = orig_instr[i]; + end + default: ; + endcase + end + end + if (flush_i) begin + cvxif_valid_n = '0; + cvxif_off_instr_n = 32'b0; + end + end always_ff @(posedge clk_i or negedge rst_ni) begin if (!rst_ni) begin cvxif_valid_q <= '0; cvxif_off_instr_q <= 32'b0; end else begin - cvxif_valid_q <= '0; - cvxif_off_instr_q <= 32'b0; - for (int unsigned i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin - if (!issue_instr_i[i].ex.valid && issue_instr_valid_i[i] && issue_ack_o[i]) begin - case (issue_instr_i[i].fu) - CVXIF: begin - cvxif_valid_q[i] <= 1'b1; - cvxif_off_instr_q <= orig_instr[i]; - end - default: ; - endcase - end - end - if (flush_i) begin - cvxif_valid_q <= '0; - cvxif_off_instr_q <= 32'b0; - end + cvxif_valid_q <= cvxif_valid_n; + cvxif_off_instr_q <= cvxif_off_instr_n; end end end @@ -1094,6 +1117,30 @@ module issue_read_operands // ---------------------- // Registers (ID <-> EX) // ---------------------- + + always_comb begin + pc_n = '0; + is_compressed_instr_n = 1'b0; + branch_predict_n = {cf_t'(0), {CVA6Cfg.VLEN{1'b0}}}; + if (CVA6Cfg.SuperscalarEn) begin + if (issue_instr_i[1].fu == CTRL_FLOW) begin + pc_n = issue_instr_i[1].pc; + is_compressed_instr_n = issue_instr_i[1].is_compressed; + branch_predict_n = issue_instr_i[1].bp; + end + end + if (issue_instr_i[0].fu == CTRL_FLOW) begin + pc_n = issue_instr_i[0].pc; + is_compressed_instr_n = issue_instr_i[0].is_compressed; + branch_predict_n = issue_instr_i[0].bp; + end + x_transaction_rejected_n = 1'b0; + if (issue_instr_i[0].fu == CVXIF) begin + x_transaction_rejected_n = x_transaction_rejected; + end + end + + always_ff @(posedge clk_i or negedge rst_ni) begin if (!rst_ni) begin fu_data_q <= '0; @@ -1101,6 +1148,7 @@ module issue_read_operands tinst_q <= '0; end pc_o <= '0; + is_zcmt_o <= '0; is_compressed_instr_o <= 1'b0; branch_predict_o <= {cf_t'(0), {CVA6Cfg.VLEN{1'b0}}}; x_transaction_rejected_o <= 1'b0; @@ -1120,6 +1168,8 @@ module issue_read_operands pc_o <= issue_instr_i[0].pc; is_compressed_instr_o <= issue_instr_i[0].is_compressed; branch_predict_o <= issue_instr_i[0].bp; + if (CVA6Cfg.RVZCMT) is_zcmt_o <= issue_instr_i[0].is_zcmt; + else is_zcmt_o <= '0; end x_transaction_rejected_o <= 1'b0; if (issue_instr_i[0].fu == CVXIF) begin diff --git a/core/issue_stage.sv b/core/issue_stage.sv index ea922d5ce..4ffc5382e 100644 --- a/core/issue_stage.sv +++ b/core/issue_stage.sv @@ -60,6 +60,8 @@ module issue_stage output fu_data_t [CVA6Cfg.NrIssuePorts-1:0] fu_data_o, // Program Counter - EX_STAGE output logic [CVA6Cfg.VLEN-1:0] pc_o, + // Is zcmt instruction - EX_STAGE + output logic is_zcmt_o, // Is compressed instruction - EX_STAGE output logic is_compressed_instr_o, // Transformed trap instruction - EX_STAGE @@ -157,7 +159,11 @@ module issue_stage // Information dedicated to RVFI - RVFI output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.TRANS_ID_BITS-1:0] rvfi_issue_pointer_o, // Information dedicated to RVFI - RVFI - output logic [CVA6Cfg.NrCommitPorts-1:0][CVA6Cfg.TRANS_ID_BITS-1:0] rvfi_commit_pointer_o + output logic [CVA6Cfg.NrCommitPorts-1:0][CVA6Cfg.TRANS_ID_BITS-1:0] rvfi_commit_pointer_o, + // Information dedicated to RVFI - RVFI + output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rvfi_rs1_o, + // Information dedicated to RVFI - RVFI + output logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rvfi_rs2_o ); // --------------------------------------------------- // Scoreboard (SB) <-> Issue and Read Operands (IRO) @@ -170,19 +176,11 @@ module issue_stage scoreboard_entry_t [CVA6Cfg.NR_SB_ENTRIES-1:0] sbe; } forwarding_t; - forwarding_t fwd; - scoreboard_entry_t [CVA6Cfg.NrIssuePorts-1:0] issue_instr_sb_iro; - logic [CVA6Cfg.NrIssuePorts-1:0][ 31:0] orig_instr_sb_iro; - logic [CVA6Cfg.NrIssuePorts-1:0] issue_instr_valid_sb_iro; - logic [CVA6Cfg.NrIssuePorts-1:0] issue_ack_iro_sb; - - logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs1_forwarding_xlen; - logic [CVA6Cfg.NrIssuePorts-1:0][CVA6Cfg.XLEN-1:0] rs2_forwarding_xlen; - - for (genvar i = 0; i < CVA6Cfg.NrIssuePorts; i++) begin - assign rs1_forwarding_o[i] = rs1_forwarding_xlen[i][CVA6Cfg.VLEN-1:0]; - assign rs2_forwarding_o[i] = rs2_forwarding_xlen[i][CVA6Cfg.VLEN-1:0]; - end + forwarding_t fwd; + scoreboard_entry_t [CVA6Cfg.NrIssuePorts-1:0] issue_instr_sb_iro; + logic [CVA6Cfg.NrIssuePorts-1:0][31:0] orig_instr_sb_iro; + logic [CVA6Cfg.NrIssuePorts-1:0] issue_instr_valid_sb_iro; + logic [CVA6Cfg.NrIssuePorts-1:0] issue_ack_iro_sb; assign issue_instr_o = issue_instr_sb_iro[0]; assign issue_instr_hs_o = issue_instr_valid_sb_iro[0] & issue_ack_iro_sb[0]; @@ -260,9 +258,10 @@ module issue_stage .issue_ack_o (issue_ack_iro_sb), .fwd_i (fwd), .fu_data_o (fu_data_o), - .rs1_forwarding_o (rs1_forwarding_xlen), - .rs2_forwarding_o (rs2_forwarding_xlen), + .rs1_forwarding_o (rs1_forwarding_o), + .rs2_forwarding_o (rs2_forwarding_o), .pc_o, + .is_zcmt_o, .is_compressed_instr_o, .flu_ready_i (flu_ready_i), .alu_valid_o (alu_valid_o), @@ -299,7 +298,9 @@ module issue_stage .wdata_i, .we_gpr_i, .we_fpr_i, - .stall_issue_o + .stall_issue_o, + .rvfi_rs1_o (rvfi_rs1_o), + .rvfi_rs2_o (rvfi_rs2_o) ); endmodule diff --git a/core/load_store_unit.sv b/core/load_store_unit.sv index 0fec64531..ccce63011 100644 --- a/core/load_store_unit.sv +++ b/core/load_store_unit.sv @@ -25,7 +25,9 @@ module load_store_unit parameter type icache_arsp_t = logic, parameter type icache_dreq_t = logic, parameter type icache_drsp_t = logic, - parameter type lsu_ctrl_t = logic + parameter type lsu_ctrl_t = logic, + parameter type acc_mmu_req_t = logic, + parameter type acc_mmu_resp_t = logic ) ( // Subsystem Clock - SUBSYSTEM input logic clk_i, @@ -82,6 +84,10 @@ module load_store_unit // Enable G-Stage memory translation for load/stores - TO_BE_COMPLETED input logic en_ld_st_g_translation_i, + // Accelerator request for CVA6's MMU + input acc_mmu_req_t acc_mmu_req_i, + output acc_mmu_resp_t acc_mmu_resp_o, + // Instruction cache input request - CACHES input icache_arsp_t icache_areq_i, // Instruction cache output request - CACHES @@ -148,9 +154,9 @@ module load_store_unit input amo_resp_t amo_resp_i, // PMP configuration - CSR_REGFILE - input riscv::pmpcfg_t [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0] pmpcfg_i, + input riscv::pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] pmpcfg_i, // PMP address - CSR_REGFILE - input logic [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0][CVA6Cfg.PLEN-3:0] pmpaddr_i, + input logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] pmpaddr_i, // RVFI inforamtion - RVFI output lsu_ctrl_t rvfi_lsu_ctrl_o, @@ -159,26 +165,26 @@ module load_store_unit ); // data is misaligned - logic data_misaligned; + logic data_misaligned; // -------------------------------------- // 1st register stage - (stall registers) // -------------------------------------- // those are the signals which are always correct // e.g.: they keep the value in the stall case - lsu_ctrl_t lsu_ctrl; + lsu_ctrl_t lsu_ctrl, lsu_ctrl_byp; - logic pop_st; - logic pop_ld; + logic pop_st; + logic pop_ld; // ------------------------------ // Address Generation Unit (AGU) // ------------------------------ // virtual address as calculated by the AGU in the first cycle - logic [ CVA6Cfg.VLEN-1:0] vaddr_i; - logic [ CVA6Cfg.XLEN-1:0] vaddr_xlen; - logic overflow; - logic g_overflow; - logic [(CVA6Cfg.XLEN/8)-1:0] be_i; + logic [ CVA6Cfg.VLEN-1:0] vaddr_i; + logic [ CVA6Cfg.XLEN-1:0] vaddr_xlen; + logic overflow; + logic g_overflow; + logic [(CVA6Cfg.XLEN/8)-1:0] be_i; assign vaddr_xlen = $unsigned($signed(fu_data_i.imm) + $signed(fu_data_i.operand_a)); assign vaddr_i = vaddr_xlen[CVA6Cfg.VLEN-1:0]; @@ -190,10 +196,10 @@ module load_store_unit assign g_overflow = 1'b0; end - logic st_valid_i; - logic ld_valid_i; - logic ld_translation_req; - logic st_translation_req; + logic st_valid_i; + logic ld_valid_i; + logic ld_translation_req; + logic st_translation_req, cva6_st_translation_req, acc_st_translation_req; logic [CVA6Cfg.VLEN-1:0] ld_vaddr; logic [ 31:0] ld_tinst; logic ld_hs_ld_st_inst; @@ -202,41 +208,41 @@ module load_store_unit logic [ 31:0] st_tinst; logic st_hs_ld_st_inst; logic st_hlvx_inst; - logic translation_req; - logic translation_valid; - logic [CVA6Cfg.VLEN-1:0] mmu_vaddr; - logic [CVA6Cfg.PLEN-1:0] mmu_paddr, lsu_paddr; - logic [ 31:0] mmu_tinst; - logic mmu_hs_ld_st_inst; - logic mmu_hlvx_inst; - exception_t mmu_exception; - exception_t pmp_exception; - icache_areq_t pmp_icache_areq_i; - logic pmp_translation_valid; - logic dtlb_hit; - logic [ CVA6Cfg.PPNW-1:0] dtlb_ppn; + logic translation_req, cva6_translation_req, acc_translation_req; + logic translation_valid, cva6_translation_valid, acc_translataion_valid; + logic [CVA6Cfg.VLEN-1:0] mmu_vaddr, cva6_mmu_vaddr, acc_mmu_vaddr; + logic [CVA6Cfg.PLEN-1:0] mmu_paddr, cva6_mmu_paddr, acc_mmu_paddr, lsu_paddr; + logic [31:0] mmu_tinst; + logic mmu_hs_ld_st_inst; + logic mmu_hlvx_inst; + exception_t mmu_exception, cva6_mmu_exception, acc_mmu_exception; + exception_t pmp_exception; + icache_areq_t pmp_icache_areq_i; + logic pmp_translation_valid; + logic dtlb_hit, cva6_dtlb_hit, acc_dtlb_hit; + logic [CVA6Cfg.PPNW-1:0] dtlb_ppn, cva6_dtlb_ppn, acc_dtlb_ppn; - logic ld_valid; - logic [CVA6Cfg.TRANS_ID_BITS-1:0] ld_trans_id; - logic [ CVA6Cfg.XLEN-1:0] ld_result; - logic st_valid; - logic [CVA6Cfg.TRANS_ID_BITS-1:0] st_trans_id; - logic [ CVA6Cfg.XLEN-1:0] st_result; + logic ld_valid; + logic [CVA6Cfg.TRANS_ID_BITS-1:0] ld_trans_id; + logic [ CVA6Cfg.XLEN-1:0] ld_result; + logic st_valid; + logic [CVA6Cfg.TRANS_ID_BITS-1:0] st_trans_id; + logic [ CVA6Cfg.XLEN-1:0] st_result; - logic [ 11:0] page_offset; - logic page_offset_matches; + logic [ 11:0] page_offset; + logic page_offset_matches; - exception_t misaligned_exception; - exception_t ld_ex; - exception_t st_ex; - - logic hs_ld_st_inst; - logic hlvx_inst; + exception_t misaligned_exception, cva6_misaligned_exception, acc_misaligned_exception; + exception_t ld_ex; + exception_t st_ex; + logic hs_ld_st_inst; + logic hlvx_inst; logic [1:0] sum, mxr; logic [CVA6Cfg.PPNW-1:0] satp_ppn[2:0]; logic [CVA6Cfg.ASID_WIDTH-1:0] asid[2:0], asid_to_be_flushed[1:0]; logic [CVA6Cfg.VLEN-1:0] vaddr_to_be_flushed[1:0]; + // ------------------- // MMU e.g.: TLBs/PTW // ------------------- @@ -387,6 +393,108 @@ module load_store_unit .pmpaddr_i (pmpaddr_i) ); + // ------------------ + // External MMU port + // ------------------ + + if (CVA6Cfg.EnableAccelerator) begin + // The MMU can be connected to CVA6 or the ACCELERATOR + enum logic { + CVA6, + ACC + } + mmu_state_d, mmu_state_q; + always_ff @(posedge clk_i or negedge rst_ni) begin + if (~rst_ni) begin + mmu_state_q <= CVA6; + end else begin + mmu_state_q <= mmu_state_d; + end + end + // Straightforward and slow-reactive MMU arbitration logic + // This logic can be optimized to reduce answer latency and contention + always_comb begin + // Maintain state + mmu_state_d = mmu_state_q; + // Serve CVA6 and gate the accelerator by default + // MMU input + misaligned_exception = cva6_misaligned_exception; + st_translation_req = cva6_st_translation_req; + translation_req = cva6_translation_req; + mmu_vaddr = cva6_mmu_vaddr; + // MMU output + cva6_translation_valid = translation_valid; + cva6_mmu_paddr = mmu_paddr; + cva6_mmu_exception = mmu_exception; + cva6_dtlb_hit = dtlb_hit; + cva6_dtlb_ppn = dtlb_ppn; + acc_mmu_resp_o.acc_mmu_valid = '0; + acc_mmu_resp_o.acc_mmu_paddr = '0; + acc_mmu_resp_o.acc_mmu_exception = '0; + acc_mmu_resp_o.acc_mmu_dtlb_hit = '0; + acc_mmu_resp_o.acc_mmu_dtlb_ppn = '0; + unique case (mmu_state_q) + CVA6: begin + // Only the accelerator is requesting, and the lsu bypass queue is empty. + if (acc_mmu_req_i.acc_mmu_req && !lsu_valid_i && lsu_ready_o) begin + // Lock the MMU to the accelerator. + // If the issue stage is firing a mem op in this cycle, + // the bypass queue will buffer it. + mmu_state_d = ACC; + end + // Make this a mealy FSM to cut some latency. + // It should be okay timing-wise since cva6's requests already + // depend on lsu_valid_i. Moreover, lsu_ready_o is sequentially + // generated by the bypass and, in this first implementation, + // the acc request already depends combinatorially upon acc_mmu_req_i.acc_mmu_req. + end + ACC: begin + // MMU input + misaligned_exception = acc_mmu_req_i.acc_mmu_misaligned_ex; + st_translation_req = acc_mmu_req_i.acc_mmu_is_store; + translation_req = acc_mmu_req_i.acc_mmu_req; + mmu_vaddr = acc_mmu_req_i.acc_mmu_vaddr; + // MMU output + acc_mmu_resp_o.acc_mmu_valid = translation_valid; + acc_mmu_resp_o.acc_mmu_paddr = mmu_paddr; + acc_mmu_resp_o.acc_mmu_exception = mmu_exception; + acc_mmu_resp_o.acc_mmu_dtlb_hit = dtlb_hit; + acc_mmu_resp_o.acc_mmu_dtlb_ppn = dtlb_ppn; + cva6_translation_valid = '0; + cva6_mmu_paddr = '0; + cva6_mmu_exception = '0; + cva6_dtlb_hit = '0; + cva6_dtlb_ppn = '0; + // Get back to CVA6 after the translation + if (translation_valid) mmu_state_d = CVA6; + end + default: mmu_state_d = CVA6; + endcase + end + always_comb begin + // Feed forward + lsu_ctrl = lsu_ctrl_byp; + // Mask the lsu valid so that cva6's req gets buffered in the + // bypass queue when the MMU is being used by the accelerator. + lsu_ctrl.valid = (mmu_state_q == ACC) ? 1'b0 : lsu_ctrl_byp.valid; + end + end else begin + // MMU input + assign misaligned_exception = cva6_misaligned_exception; + assign st_translation_req = cva6_st_translation_req; + assign translation_req = cva6_translation_req; + assign mmu_vaddr = cva6_mmu_vaddr; + // MMU output + assign cva6_translation_valid = translation_valid; + assign cva6_mmu_paddr = mmu_paddr; + assign cva6_mmu_exception = mmu_exception; + assign cva6_dtlb_hit = dtlb_hit; + assign cva6_dtlb_ppn = dtlb_ppn; + // No accelerator + assign acc_mmu_resp_o = '0; + // Feed forward the lsu_ctrl bypass + assign lsu_ctrl = lsu_ctrl_byp; + end logic store_buffer_empty; // ------------------ @@ -418,15 +526,15 @@ module load_store_unit .result_o (st_result), .ex_o (st_ex), // MMU port - .translation_req_o (st_translation_req), + .translation_req_o (cva6_st_translation_req), .vaddr_o (st_vaddr), .rvfi_mem_paddr_o (rvfi_mem_paddr_o), .tinst_o (st_tinst), .hs_ld_st_inst_o (st_hs_ld_st_inst), .hlvx_inst_o (st_hlvx_inst), - .paddr_i (mmu_paddr), - .ex_i (mmu_exception), - .dtlb_hit_i (dtlb_hit), + .paddr_i (cva6_mmu_paddr), + .ex_i (cva6_mmu_exception), + .dtlb_hit_i (cva6_dtlb_hit), // Load Unit .page_offset_i (page_offset), .page_offset_matches_o(page_offset_matches), @@ -465,10 +573,10 @@ module load_store_unit .tinst_o (ld_tinst), .hs_ld_st_inst_o (ld_hs_ld_st_inst), .hlvx_inst_o (ld_hlvx_inst), - .paddr_i (mmu_paddr), - .ex_i (mmu_exception), - .dtlb_hit_i (dtlb_hit), - .dtlb_ppn_i (dtlb_ppn), + .paddr_i (cva6_mmu_paddr), + .ex_i (cva6_mmu_exception), + .dtlb_hit_i (cva6_dtlb_hit), + .dtlb_ppn_i (cva6_dtlb_ppn), // to store unit .page_offset_o (page_offset), .page_offset_matches_i(page_offset_matches), @@ -510,22 +618,22 @@ module load_store_unit // determine whether this is a load or store always_comb begin : which_op - ld_valid_i = 1'b0; - st_valid_i = 1'b0; + ld_valid_i = 1'b0; + st_valid_i = 1'b0; - translation_req = 1'b0; - mmu_vaddr = {CVA6Cfg.VLEN{1'b0}}; - mmu_tinst = {32{1'b0}}; - mmu_hs_ld_st_inst = 1'b0; - mmu_hlvx_inst = 1'b0; + cva6_translation_req = 1'b0; + cva6_mmu_vaddr = {CVA6Cfg.VLEN{1'b0}}; + mmu_tinst = {32{1'b0}}; + mmu_hs_ld_st_inst = 1'b0; + mmu_hlvx_inst = 1'b0; // check the operation to activate the right functional unit accordingly unique case (lsu_ctrl.fu) // all loads go here LOAD: begin - ld_valid_i = lsu_ctrl.valid; - translation_req = ld_translation_req; - mmu_vaddr = ld_vaddr; + ld_valid_i = lsu_ctrl.valid; + cva6_translation_req = ld_translation_req; + cva6_mmu_vaddr = ld_vaddr; if (CVA6Cfg.RVH) begin mmu_tinst = ld_tinst; mmu_hs_ld_st_inst = ld_hs_ld_st_inst; @@ -534,9 +642,9 @@ module load_store_unit end // all stores go here STORE: begin - st_valid_i = lsu_ctrl.valid; - translation_req = st_translation_req; - mmu_vaddr = st_vaddr; + st_valid_i = lsu_ctrl.valid; + cva6_translation_req = st_translation_req; + cva6_mmu_vaddr = st_vaddr; if (CVA6Cfg.RVH) begin mmu_tinst = st_tinst; mmu_hs_ld_st_inst = st_hs_ld_st_inst; @@ -594,7 +702,7 @@ module load_store_unit // the misaligned exception is passed to the functional unit via the MMU, which in case // can augment the exception if other memory related exceptions like a page fault or access errors always_comb begin : data_misaligned_detection - misaligned_exception = { + cva6_misaligned_exception = { {CVA6Cfg.XLEN{1'b0}}, {CVA6Cfg.XLEN{1'b0}}, {CVA6Cfg.GPLEN{1'b0}}, {32{1'b0}}, 1'b0, 1'b0 }; data_misaligned = 1'b0; @@ -640,26 +748,26 @@ module load_store_unit if (data_misaligned) begin case (lsu_ctrl.fu) LOAD: begin - misaligned_exception.cause = riscv::LD_ADDR_MISALIGNED; - misaligned_exception.valid = 1'b1; + cva6_misaligned_exception.cause = riscv::LD_ADDR_MISALIGNED; + cva6_misaligned_exception.valid = 1'b1; if (CVA6Cfg.TvalEn) - misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; + cva6_misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; if (CVA6Cfg.RVH) begin - misaligned_exception.tval2 = '0; - misaligned_exception.tinst = lsu_ctrl.tinst; - misaligned_exception.gva = ld_st_v_i; + cva6_misaligned_exception.tval2 = '0; + cva6_misaligned_exception.tinst = lsu_ctrl.tinst; + cva6_misaligned_exception.gva = ld_st_v_i; end end STORE: begin - misaligned_exception.cause = riscv::ST_ADDR_MISALIGNED; - misaligned_exception.valid = 1'b1; + cva6_misaligned_exception.cause = riscv::ST_ADDR_MISALIGNED; + cva6_misaligned_exception.valid = 1'b1; if (CVA6Cfg.TvalEn) - misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; + cva6_misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; if (CVA6Cfg.RVH) begin - misaligned_exception.tval2 = '0; - misaligned_exception.tinst = lsu_ctrl.tinst; - misaligned_exception.gva = ld_st_v_i; + cva6_misaligned_exception.tval2 = '0; + cva6_misaligned_exception.tinst = lsu_ctrl.tinst; + cva6_misaligned_exception.gva = ld_st_v_i; end end default: ; @@ -670,25 +778,25 @@ module load_store_unit case (lsu_ctrl.fu) LOAD: begin - misaligned_exception.cause = riscv::LOAD_PAGE_FAULT; - misaligned_exception.valid = 1'b1; + cva6_misaligned_exception.cause = riscv::LOAD_PAGE_FAULT; + cva6_misaligned_exception.valid = 1'b1; if (CVA6Cfg.TvalEn) - misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; + cva6_misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; if (CVA6Cfg.RVH) begin - misaligned_exception.tval2 = '0; - misaligned_exception.tinst = lsu_ctrl.tinst; - misaligned_exception.gva = ld_st_v_i; + cva6_misaligned_exception.tval2 = '0; + cva6_misaligned_exception.tinst = lsu_ctrl.tinst; + cva6_misaligned_exception.gva = ld_st_v_i; end end STORE: begin - misaligned_exception.cause = riscv::STORE_PAGE_FAULT; - misaligned_exception.valid = 1'b1; + cva6_misaligned_exception.cause = riscv::STORE_PAGE_FAULT; + cva6_misaligned_exception.valid = 1'b1; if (CVA6Cfg.TvalEn) - misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; + cva6_misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; if (CVA6Cfg.RVH) begin - misaligned_exception.tval2 = '0; - misaligned_exception.tinst = lsu_ctrl.tinst; - misaligned_exception.gva = ld_st_v_i; + cva6_misaligned_exception.tval2 = '0; + cva6_misaligned_exception.tinst = lsu_ctrl.tinst; + cva6_misaligned_exception.gva = ld_st_v_i; end end default: ; @@ -699,25 +807,25 @@ module load_store_unit case (lsu_ctrl.fu) LOAD: begin - misaligned_exception.cause = riscv::LOAD_GUEST_PAGE_FAULT; - misaligned_exception.valid = 1'b1; + cva6_misaligned_exception.cause = riscv::LOAD_GUEST_PAGE_FAULT; + cva6_misaligned_exception.valid = 1'b1; if (CVA6Cfg.TvalEn) - misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; + cva6_misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; if (CVA6Cfg.RVH) begin - misaligned_exception.tval2 = '0; - misaligned_exception.tinst = lsu_ctrl.tinst; - misaligned_exception.gva = ld_st_v_i; + cva6_misaligned_exception.tval2 = '0; + cva6_misaligned_exception.tinst = lsu_ctrl.tinst; + cva6_misaligned_exception.gva = ld_st_v_i; end end STORE: begin - misaligned_exception.cause = riscv::STORE_GUEST_PAGE_FAULT; - misaligned_exception.valid = 1'b1; + cva6_misaligned_exception.cause = riscv::STORE_GUEST_PAGE_FAULT; + cva6_misaligned_exception.valid = 1'b1; if (CVA6Cfg.TvalEn) - misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; + cva6_misaligned_exception.tval = {{CVA6Cfg.XLEN - CVA6Cfg.VLEN{1'b0}}, lsu_ctrl.vaddr}; if (CVA6Cfg.RVH) begin - misaligned_exception.tval2 = '0; - misaligned_exception.tinst = lsu_ctrl.tinst; - misaligned_exception.gva = ld_st_v_i; + cva6_misaligned_exception.tval2 = '0; + cva6_misaligned_exception.tinst = lsu_ctrl.tinst; + cva6_misaligned_exception.gva = ld_st_v_i; end end default: ; @@ -759,12 +867,10 @@ module load_store_unit .pop_ld_i (pop_ld), .pop_st_i (pop_st), - .lsu_ctrl_o(lsu_ctrl), + .lsu_ctrl_o(lsu_ctrl_byp), .ready_o (lsu_ready_o) ); assign rvfi_lsu_ctrl_o = lsu_ctrl; endmodule - - diff --git a/core/macro_decoder.sv b/core/macro_decoder.sv index 9824e7d4f..0d695a337 100644 --- a/core/macro_decoder.sv +++ b/core/macro_decoder.sv @@ -272,9 +272,9 @@ module macro_decoder #( unique case (state_q) IDLE: begin - if (is_macro_instr_i && issue_ack_i) begin + if (is_macro_instr_i) begin reg_numbers_d = reg_numbers - 1'b1; - state_d = INIT; + state_d = issue_ack_i ? INIT : IDLE; case (macro_instr_type) PUSH: begin offset_d = 12'hFFC + 12'hFFC; @@ -423,7 +423,7 @@ module macro_decoder #( end end INIT: begin - fetch_stall_o = 1'b1; // stall inst fetch + fetch_stall_o = is_macro_instr_i; // stall inst fetch if (issue_ack_i && is_macro_instr_i && macro_instr_type == PUSH) begin if (reg_numbers_q == 4'b0001) begin if (CVA6Cfg.XLEN == 64) begin diff --git a/core/mult.sv b/core/mult.sv index 425965e40..ae4962ac8 100644 --- a/core/mult.sv +++ b/core/mult.sv @@ -67,8 +67,7 @@ module mult .result_o (mul_result), .mult_valid_i (mul_valid_op), .mult_valid_o (mul_valid), - .mult_trans_id_o(mul_trans_id), - .mult_ready_o () // this unit is unconditionally ready + .mult_trans_id_o(mul_trans_id) ); // --------------------- diff --git a/core/multiplier.sv b/core/multiplier.sv index 4a46ee671..b6c44f7f7 100644 --- a/core/multiplier.sv +++ b/core/multiplier.sv @@ -38,8 +38,6 @@ module multiplier output logic [ CVA6Cfg.XLEN-1:0] result_o, // Mutliplier result is valid - Mult output logic mult_valid_o, - // Multiplier FU is ready - Mult - output logic mult_ready_o, // Multiplier transaction ID - Mult output logic [CVA6Cfg.TRANS_ID_BITS-1:0] mult_trans_id_o ); @@ -90,7 +88,6 @@ module multiplier // control signals assign mult_valid_o = mult_valid_q; assign mult_trans_id_o = trans_id_q; - assign mult_ready_o = 1'b1; assign mult_valid = mult_valid_i && (operation_i inside {MUL, MULH, MULHU, MULHSU, MULW, CLMUL, CLMULH, CLMULR}); diff --git a/core/perf_counters.sv b/core/perf_counters.sv index fb423b67f..8ef2faf1e 100644 --- a/core/perf_counters.sv +++ b/core/perf_counters.sv @@ -29,7 +29,7 @@ module perf_counters input logic rst_ni, input logic debug_mode_i, // debug mode // SRAM like interface - input logic [11:0] addr_i, // read/write address (up to 6 counters possible) + input logic [11:0] addr_i, // read/write address (up to ariane_pkg::MHPMCounterNum counters possible) input logic we_i, // write enable input logic [CVA6Cfg.XLEN-1:0] data_i, // data to write output logic [CVA6Cfg.XLEN-1:0] data_o, // data to read @@ -68,7 +68,7 @@ module perf_counters //internal signal to keep track of exception logic read_access_exception, update_access_exception; - logic events[6:1]; + logic events[MHPMCounterNum:1]; //internal signal for MUX select line input logic [4:0] mhpmevent_d[MHPMCounterNum:1]; logic [4:0] mhpmevent_q[MHPMCounterNum:1]; @@ -146,7 +146,7 @@ module perf_counters update_access_exception = 1'b0; // Increment the non-inhibited counters with active events - for (int unsigned i = 1; i <= 6; i++) begin + for (int unsigned i = 1; i <= MHPMCounterNum; i++) begin if ((!debug_mode_i) && (!we_i)) begin if ((events[i]) == 1 && (!mcountinhibit_i[i+2])) begin generic_counter_d[i] = generic_counter_q[i] + 1'b1; diff --git a/core/pmp/src/pmp.sv b/core/pmp/src/pmp.sv index f3498711e..b6d0dbf2e 100644 --- a/core/pmp/src/pmp.sv +++ b/core/pmp/src/pmp.sv @@ -12,7 +12,9 @@ // Date: 2.10.2019 // Description: purely combinatorial PMP unit (with extraction for more complex configs such as NAPOT) -module pmp #( +module pmp + import ariane_pkg::*; +#( parameter config_pkg::cva6_cfg_t CVA6Cfg = config_pkg::cva6_cfg_empty ) ( // Input @@ -20,8 +22,8 @@ module pmp #( input riscv::pmp_access_t access_type_i, input riscv::priv_lvl_t priv_lvl_i, // Configuration - input logic [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0][CVA6Cfg.PLEN-3:0] conf_addr_i, - input riscv::pmpcfg_t [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0] conf_i, + input logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] conf_addr_i, + input riscv::pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] conf_i, // Output output logic allow_o ); diff --git a/core/pmp/src/pmp_data_if.sv b/core/pmp/src/pmp_data_if.sv index d18149fb2..fc325db26 100644 --- a/core/pmp/src/pmp_data_if.sv +++ b/core/pmp/src/pmp_data_if.sv @@ -36,8 +36,8 @@ module pmp_data_if input riscv::priv_lvl_t ld_st_priv_lvl_i, input logic ld_st_v_i, // PMP - input riscv::pmpcfg_t [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0] pmpcfg_i, - input logic [(CVA6Cfg.NrPMPEntries > 0 ? CVA6Cfg.NrPMPEntries-1 : 0):0][CVA6Cfg.PLEN-3:0] pmpaddr_i + input riscv::pmpcfg_t [avoid_neg(CVA6Cfg.NrPMPEntries-1):0] pmpcfg_i, + input logic [avoid_neg(CVA6Cfg.NrPMPEntries-1):0][CVA6Cfg.PLEN-3:0] pmpaddr_i ); // virtual address causing the exception logic [CVA6Cfg.XLEN-1:0] fetch_vaddr_xlen, lsu_vaddr_xlen; diff --git a/core/store_buffer.sv b/core/store_buffer.sv index 3c973e826..7c22a97fe 100644 --- a/core/store_buffer.sv +++ b/core/store_buffer.sv @@ -85,7 +85,6 @@ module store_buffer speculative_status_cnt = speculative_status_cnt_q; // default assignments - speculative_status_cnt_n = speculative_status_cnt_q; speculative_read_pointer_n = speculative_read_pointer_q; speculative_write_pointer_n = speculative_write_pointer_q; speculative_queue_n = speculative_queue_q; @@ -147,6 +146,7 @@ module store_buffer CVA6Cfg.DCACHE_INDEX_WIDTH-1 : CVA6Cfg.DCACHE_INDEX_WIDTH]; assign req_port_o.data_wdata = commit_queue_q[commit_read_pointer_q].data; + assign req_port_o.data_wuser = '0; assign req_port_o.data_be = commit_queue_q[commit_read_pointer_q].be; assign req_port_o.data_size = commit_queue_q[commit_read_pointer_q].data_size; diff --git a/core/zcmt_decoder.sv b/core/zcmt_decoder.sv new file mode 100644 index 000000000..c37c11fda --- /dev/null +++ b/core/zcmt_decoder.sv @@ -0,0 +1,133 @@ +// Licensed under the Solderpad Hardware Licence, Version 2.1 (the "License"); +// you may not use this file except in compliance with the License. +// SPDX-License-Identifier: Apache-2.0 WITH SHL-2.1 +// You may obtain a copy of the License at https://solderpad.org/licenses/ +// +// Author: Farhan Ali Shah, 10xEngineers +// Date: 15.11.2024 +// Description: ZCMT extension in the CVA6 core targeting the 32-bit embedded-class platforms (CV32A60x). +// ZCMT is a code-size reduction feature that utilizes compressed table jump instructions (cm.jt and cm.jalt) to +//reduce code size for embedded systems +// +module zcmt_decoder #( + parameter config_pkg::cva6_cfg_t CVA6Cfg = config_pkg::cva6_cfg_empty, + parameter type dcache_req_i_t = logic, + parameter type dcache_req_o_t = logic, + parameter type jvt_t = logic, + parameter type branchpredict_sbe_t = logic +) ( + // Subsystem Clock - SUBSYSTEM + input logic clk_i, + // Asynchronous reset active low - SUBSYSTEM + input logic rst_ni, + // Instruction input - compressed_decoder + input logic [ 31:0] instr_i, + // current PC - FRONTEND + input logic [CVA6Cfg.VLEN-1:0] pc_i, + // Intruction is of ZCMT extension - compressed_decoder + input logic is_zcmt_instr_i, + // Instruction is illegal - compressed_decoder + input logic illegal_instr_i, + // Instruction is compressed - compressed_decoder + input logic is_compressed_i, + // JVT struct input - CSR + input jvt_t jvt_i, + // Data cache request output - CACHE + input dcache_req_o_t req_port_i, + // Instruction out - cvxif_compressed_if_driver + output logic [ 31:0] instr_o, + // Instruction is illegal out - cvxif_compressed_if_driver + output logic illegal_instr_o, + // Instruction is compressed out - cvxif_compressed_if_driver + output logic is_compressed_o, + // Fetch stall - cvxif_compressed_if_driver + output logic fetch_stall_o, + // Data cache request input - CACHE + output dcache_req_i_t req_port_o, + // jump_address + output logic [CVA6Cfg.XLEN-1:0] jump_address_o +); + + // FSM States + enum logic { + IDLE, // if ZCMT instruction then request sent to fetch the entry from jump table + TABLE_JUMP // Check the valid data from jump table and Calculate the offset for jump and create jal instruction + } + state_d, state_q; + // Temporary registers + // Physical address: jvt + (index <<2) + logic [CVA6Cfg.VLEN-1:0] table_address; + + always_comb begin + state_d = state_q; + illegal_instr_o = 1'b0; + is_compressed_o = is_zcmt_instr_i || is_compressed_i; + fetch_stall_o = '0; + jump_address_o = '0; + + // cache request port + req_port_o.data_wdata = '0; + req_port_o.data_wuser = '0; + req_port_o.data_req = 1'b0; + req_port_o.data_we = 1'b0; + req_port_o.data_be = '0; + req_port_o.data_size = 2'b10; + req_port_o.data_id = 1'b1; + req_port_o.kill_req = 1'b0; + req_port_o.tag_valid = 1'b1; + + unique case (state_q) + IDLE: begin + fetch_stall_o = 1'b0; + if (is_zcmt_instr_i) begin + if (CVA6Cfg.XLEN == 32) begin //It is only target for 32 bit targets in cva6 with No MMU + table_address = {jvt_i.base, 6'b000000} + {24'h0, instr_i[7:2], 2'b00}; + req_port_o.address_index = table_address[9:0]; + req_port_o.address_tag = table_address[CVA6Cfg.VLEN-1:10]; // No MMU support + state_d = TABLE_JUMP; + req_port_o.data_req = 1'b1; + fetch_stall_o = 1'b1; + end else illegal_instr_o = 1'b1; + // Condition may be extented for 64 bits embedded targets with No MMU + end else begin + illegal_instr_o = illegal_instr_i; + instr_o = instr_i; + state_d = IDLE; + end + end + TABLE_JUMP: begin + if (req_port_i.data_rvalid) begin + // save the PC relative Xlen table jump address + jump_address_o = $unsigned($signed(req_port_i.data_rdata) - $signed(pc_i)); + if (instr_i[9:2] < 32) begin // jal pc_offset, x0 for no return stack + instr_o = { + 20'h0, 5'h0, riscv::OpcodeJal + }; // immidiate assigned here (0) will be overwrite in decode stage with jump_address_o + end else if ((instr_i[9:2] >= 32) & (instr_i[9:2] <= 255)) begin //- jal pc_offset, x1 for return stack + instr_o = { + 20'h0, 5'h1, riscv::OpcodeJal + }; // immidiate assigned here (0) will be overwrite in decode stage with jump_address_o + end else begin + illegal_instr_o = 1'b1; + instr_o = instr_i; + end + state_d = IDLE; + end else begin + state_d = TABLE_JUMP; + end + end + default: begin + state_d = IDLE; + end + endcase + end + + always_ff @(posedge clk_i or negedge rst_ni) begin + if (~rst_ni) begin + state_q <= IDLE; + + end else begin + state_q <= state_d; + end + end +endmodule diff --git a/corev_apu/altera/ip/io_pll.tcl b/corev_apu/altera/ip/io_pll.tcl index ea1e4b298..c67e16ae3 100644 --- a/corev_apu/altera/ip/io_pll.tcl +++ b/corev_apu/altera/ip/io_pll.tcl @@ -143,7 +143,7 @@ proc do_create_io_pll {} { set_instance_parameter_value iopll_0 {gui_new_mif_file_path} {~/pll.mif} set_instance_parameter_value iopll_0 {gui_number_of_clocks} {5} set_instance_parameter_value iopll_0 {gui_operation_mode} {direct} - set_instance_parameter_value iopll_0 {gui_output_clock_frequency0} {200.0} + set_instance_parameter_value iopll_0 {gui_output_clock_frequency0} {100.0} set_instance_parameter_value iopll_0 {gui_output_clock_frequency1} {125.0} set_instance_parameter_value iopll_0 {gui_output_clock_frequency10} {100.0} set_instance_parameter_value iopll_0 {gui_output_clock_frequency11} {100.0} @@ -161,7 +161,7 @@ proc do_create_io_pll {} { set_instance_parameter_value iopll_0 {gui_output_clock_frequency7} {100.0} set_instance_parameter_value iopll_0 {gui_output_clock_frequency8} {100.0} set_instance_parameter_value iopll_0 {gui_output_clock_frequency9} {100.0} - set_instance_parameter_value iopll_0 {gui_output_clock_frequency_ps0} {5000.0} + set_instance_parameter_value iopll_0 {gui_output_clock_frequency_ps0} {10000.0} set_instance_parameter_value iopll_0 {gui_output_clock_frequency_ps1} {8000.0} set_instance_parameter_value iopll_0 {gui_output_clock_frequency_ps10} {10000.0} set_instance_parameter_value iopll_0 {gui_output_clock_frequency_ps11} {10000.0} diff --git a/corev_apu/altera/src/cva6_altera.sv b/corev_apu/altera/src/cva6_altera.sv index f047c3306..36230413c 100644 --- a/corev_apu/altera/src/cva6_altera.sv +++ b/corev_apu/altera/src/cva6_altera.sv @@ -437,60 +437,60 @@ if (CVA6Cfg.XLEN==32 ) begin end else begin - assign master[ariane_soc::Debug].aw_id = master_to_dm[0].aw_id; - assign master[ariane_soc::Debug].aw_addr = master_to_dm[0].aw_addr; - assign master[ariane_soc::Debug].aw_len = master_to_dm[0].aw_len; - assign master[ariane_soc::Debug].aw_size = master_to_dm[0].aw_size; - assign master[ariane_soc::Debug].aw_burst = master_to_dm[0].aw_burst; - assign master[ariane_soc::Debug].aw_lock = master_to_dm[0].aw_lock; - assign master[ariane_soc::Debug].aw_cache = master_to_dm[0].aw_cache; - assign master[ariane_soc::Debug].aw_prot = master_to_dm[0].aw_prot; - assign master[ariane_soc::Debug].aw_qos = master_to_dm[0].aw_qos; - assign master[ariane_soc::Debug].aw_atop = master_to_dm[0].aw_atop; - assign master[ariane_soc::Debug].aw_region = master_to_dm[0].aw_region; - assign master[ariane_soc::Debug].aw_user = master_to_dm[0].aw_user; - assign master[ariane_soc::Debug].aw_valid = master_to_dm[0].aw_valid; + assign master_to_dm[0].aw_id = master[ariane_soc::Debug].aw_id; + assign master_to_dm[0].aw_addr = master[ariane_soc::Debug].aw_addr; + assign master_to_dm[0].aw_len = master[ariane_soc::Debug].aw_len; + assign master_to_dm[0].aw_size = master[ariane_soc::Debug].aw_size; + assign master_to_dm[0].aw_burst= master[ariane_soc::Debug].aw_burst; + assign master_to_dm[0].aw_lock = master[ariane_soc::Debug].aw_lock; + assign master_to_dm[0].aw_cache= master[ariane_soc::Debug].aw_cache; + assign master_to_dm[0].aw_prot = master[ariane_soc::Debug].aw_prot; + assign master_to_dm[0].aw_qos = master[ariane_soc::Debug].aw_qos; + assign master_to_dm[0].aw_atop = master[ariane_soc::Debug].aw_atop; + assign master_to_dm[0].aw_region = master[ariane_soc::Debug].aw_region; + assign master_to_dm[0].aw_user = master[ariane_soc::Debug].aw_user; + assign master_to_dm[0].aw_valid= master[ariane_soc::Debug].aw_valid; - assign master_to_dm[0].aw_ready =master[ariane_soc::Debug].aw_ready; + assign master[ariane_soc::Debug].aw_ready = master_to_dm[0].aw_ready; - assign master[ariane_soc::Debug].w_data = master_to_dm[0].w_data; - assign master[ariane_soc::Debug].w_strb = master_to_dm[0].w_strb; - assign master[ariane_soc::Debug].w_last = master_to_dm[0].w_last; - assign master[ariane_soc::Debug].w_user = master_to_dm[0].w_user; - assign master[ariane_soc::Debug].w_valid = master_to_dm[0].w_valid; + assign master_to_dm[0].w_data = master[ariane_soc::Debug].w_data; + assign master_to_dm[0].w_strb = master[ariane_soc::Debug].w_strb; + assign master_to_dm[0].w_last = master[ariane_soc::Debug].w_last; + assign master_to_dm[0].w_user = master[ariane_soc::Debug].w_user; + assign master_to_dm[0].w_valid= master[ariane_soc::Debug].w_valid; - assign master_to_dm[0].w_ready =master[ariane_soc::Debug].w_ready; + assign master[ariane_soc::Debug].w_ready = master_to_dm[0].w_ready; - assign master_to_dm[0].b_id =master[ariane_soc::Debug].b_id; - assign master_to_dm[0].b_resp =master[ariane_soc::Debug].b_resp; - assign master_to_dm[0].b_user =master[ariane_soc::Debug].b_user; - assign master_to_dm[0].b_valid =master[ariane_soc::Debug].b_valid; + assign master[ariane_soc::Debug].b_id = master_to_dm[0].b_id; + assign master[ariane_soc::Debug].b_resp = master_to_dm[0].b_resp; + assign master[ariane_soc::Debug].b_user = master_to_dm[0].b_user; + assign master[ariane_soc::Debug].b_valid= master_to_dm[0].b_valid; - assign master[ariane_soc::Debug].b_ready = master_to_dm[0].b_ready; + assign master_to_dm[0].b_ready = master[ariane_soc::Debug].b_ready; - assign master[ariane_soc::Debug].ar_id = master_to_dm[0].ar_id; - assign master[ariane_soc::Debug].ar_addr = master_to_dm[0].ar_addr; - assign master[ariane_soc::Debug].ar_len = master_to_dm[0].ar_len; - assign master[ariane_soc::Debug].ar_size = master_to_dm[0].ar_size; - assign master[ariane_soc::Debug].ar_burst = master_to_dm[0].ar_burst; - assign master[ariane_soc::Debug].ar_lock = master_to_dm[0].ar_lock; - assign master[ariane_soc::Debug].ar_cache = master_to_dm[0].ar_cache; - assign master[ariane_soc::Debug].ar_prot = master_to_dm[0].ar_prot; - assign master[ariane_soc::Debug].ar_qos = master_to_dm[0].ar_qos; - assign master[ariane_soc::Debug].ar_region = master_to_dm[0].ar_region; - assign master[ariane_soc::Debug].ar_user = master_to_dm[0].ar_user; - assign master[ariane_soc::Debug].ar_valid = master_to_dm[0].ar_valid; + assign master_to_dm[0].ar_id = master[ariane_soc::Debug].ar_id; + assign master_to_dm[0].ar_addr = master[ariane_soc::Debug].ar_addr; + assign master_to_dm[0].ar_len = master[ariane_soc::Debug].ar_len; + assign master_to_dm[0].ar_size = master[ariane_soc::Debug].ar_size; + assign master_to_dm[0].ar_burst = master[ariane_soc::Debug].ar_burst; + assign master_to_dm[0].ar_lock = master[ariane_soc::Debug].ar_lock; + assign master_to_dm[0].ar_cache = master[ariane_soc::Debug].ar_cache; + assign master_to_dm[0].ar_prot = master[ariane_soc::Debug].ar_prot; + assign master_to_dm[0].ar_qos = master[ariane_soc::Debug].ar_qos; + assign master_to_dm[0].ar_region = master[ariane_soc::Debug].ar_region; + assign master_to_dm[0].ar_user = master[ariane_soc::Debug].ar_user; + assign master_to_dm[0].ar_valid = master[ariane_soc::Debug].ar_valid; - assign master_to_dm[0].ar_ready =master[ariane_soc::Debug].ar_ready; + assign master[ariane_soc::Debug].ar_ready = master_to_dm[0].ar_ready; - assign master_to_dm[0].r_id =master[ariane_soc::Debug].r_id; - assign master_to_dm[0].r_data =master[ariane_soc::Debug].r_data; - assign master_to_dm[0].r_resp =master[ariane_soc::Debug].r_resp; - assign master_to_dm[0].r_last =master[ariane_soc::Debug].r_last; - assign master_to_dm[0].r_user =master[ariane_soc::Debug].r_user; - assign master_to_dm[0].r_valid =master[ariane_soc::Debug].r_valid; + assign master[ariane_soc::Debug].r_id = master_to_dm[0].r_id; + assign master[ariane_soc::Debug].r_data = master_to_dm[0].r_data; + assign master[ariane_soc::Debug].r_resp = master_to_dm[0].r_resp; + assign master[ariane_soc::Debug].r_last = master_to_dm[0].r_last; + assign master[ariane_soc::Debug].r_user = master_to_dm[0].r_user; + assign master[ariane_soc::Debug].r_valid = master_to_dm[0].r_valid; - assign master[ariane_soc::Debug].r_ready = master_to_dm[0].r_ready; + assign master_to_dm[0].r_ready = master[ariane_soc::Debug].r_ready; end @@ -744,19 +744,13 @@ end logic clk_200MHz_ref; -AXI_BUS #( - .AXI_ADDR_WIDTH ( AxiAddrWidth ), - .AXI_DATA_WIDTH ( AxiDataWidth ), - .AXI_ID_WIDTH ( AxiIdWidthSlaves ), - .AXI_USER_WIDTH ( AxiUserWidth ) -) uart_bus(); cva6_peripherals #( .AxiAddrWidth ( AxiAddrWidth ), .AxiDataWidth ( AxiDataWidth ), .AxiIdWidth ( AxiIdWidthSlaves ), .AxiUserWidth ( AxiUserWidth ), - .InclUART ( 1'b0 ), + .InclUART ( 1'b1 ), .InclGPIO ( 1'b1 ), .InclSPI ( 1'b0 ), .InclEthernet ( 1'b0 ) @@ -765,8 +759,7 @@ cva6_peripherals #( .clk_200MHz_i ( clk_200MHz_ref ), .rst_ni ( ndmreset_n ), .plic ( master[ariane_soc::PLIC] ), - // .uart ( master[ariane_soc::UART] ), - .uart ( uart_bus ), + .uart ( master[ariane_soc::UART] ), .spi ( master[ariane_soc::SPI] ), .gpio ( master[ariane_soc::GPIO] ), .eth_clk_i ( eth_clk ), @@ -797,84 +790,6 @@ cva6_peripherals #( -// UART Through JTAG// - -logic uart_amm_ready; -logic uart_amm_read; -logic uart_amm_write; -logic uart_amm_read_n; -logic uart_amm_write_n; -logic uart_amm_chipselect; -logic uart_amm_irq; -logic [0:0] uart_amm_address; -logic [31:0] uart_amm_rdata; -logic [31:0] uart_amm_wdata; - - -assign uart_amm_read_n = ~uart_amm_read; -assign uart_amm_write_n = ~uart_amm_write; - -cva6_intel_jtag_uart_0 uart_i ( - .clk (clk), // input, width = 1, clk.clk - .rst_n (ndmreset_n), // input, width = 1, reset.reset_n - .av_chipselect (uart_amm_chipselect), // input, width = 1, avalon_jtag_slave.chipselect - .av_address (uart_amm_address), // input, width = 1, .address - .av_read_n (uart_amm_read_n), // input, width = 1, .read_n - .av_readdata (uart_amm_rdata), // output, width = 32, .readdata - .av_write_n (uart_amm_write_n), // input, width = 1, .write_n - .av_writedata (uart_amm_wdata), // input, width = 32, .writedata - .av_waitrequest (uart_amm_ready), // output, width = 1, .waitrequest - .av_irq (uart_amm_irq) // output, width = 1, irq.irq -); - -//axi4 to avalon converter -interconnect_altera_mm_interconnect_1920_v5r556a axi_to_avalon_uart ( - .axi_bridge_1_m0_awid (master[ariane_soc::UART].aw_id), // input, width = 8, axi_bridge_1_m0.awid - .axi_bridge_1_m0_awaddr (master[ariane_soc::UART].aw_addr), // input, width = 64, .awaddr - .axi_bridge_1_m0_awlen (master[ariane_soc::UART].aw_len), // input, width = 8, .awlen - .axi_bridge_1_m0_awsize (master[ariane_soc::UART].aw_size), // input, width = 3, .awsize - .axi_bridge_1_m0_awburst (master[ariane_soc::UART].aw_burst), // input, width = 2, .awburst - .axi_bridge_1_m0_awlock (master[ariane_soc::UART].aw_lock), // input, width = 1, .awlock - .axi_bridge_1_m0_awcache (master[ariane_soc::UART].aw_cache), // input, width = 4, .awcache - .axi_bridge_1_m0_awprot (master[ariane_soc::UART].aw_prot), // input, width = 3, .awprot - .axi_bridge_1_m0_awvalid (master[ariane_soc::UART].aw_valid), // input, width = 1, .awvalid - .axi_bridge_1_m0_awready (master[ariane_soc::UART].aw_ready), // output, width = 1, .awready - .axi_bridge_1_m0_wdata (master[ariane_soc::UART].w_data), // input, width = 64, .wdata - .axi_bridge_1_m0_wstrb (master[ariane_soc::UART].w_strb), // input, width = 8, .wstrb - .axi_bridge_1_m0_wlast (master[ariane_soc::UART].w_last), // input, width = 1, .wlast - .axi_bridge_1_m0_wvalid (master[ariane_soc::UART].w_valid), // input, width = 1, .wvalid - .axi_bridge_1_m0_wready (master[ariane_soc::UART].w_ready), // output, width = 1, .wready - .axi_bridge_1_m0_bid (master[ariane_soc::UART].b_id), // output, width = 8, .bid - .axi_bridge_1_m0_bresp (master[ariane_soc::UART].b_resp), // output, width = 2, .bresp - .axi_bridge_1_m0_bvalid (master[ariane_soc::UART].b_valid), // output, width = 1, .bvalid - .axi_bridge_1_m0_bready (master[ariane_soc::UART].b_ready), // input, width = 1, .bready - .axi_bridge_1_m0_arid (master[ariane_soc::UART].ar_id), // input, width = 8, .arid - .axi_bridge_1_m0_araddr (master[ariane_soc::UART].ar_addr), // input, width = 64, .araddr - .axi_bridge_1_m0_arlen (master[ariane_soc::UART].ar_len), // input, width = 8, .arlen - .axi_bridge_1_m0_arsize (master[ariane_soc::UART].ar_size), // input, width = 3, .arsize - .axi_bridge_1_m0_arburst (master[ariane_soc::UART].ar_burst), // input, width = 2, .arburst - .axi_bridge_1_m0_arlock (master[ariane_soc::UART].ar_lock), // input, width = 1, .arlock - .axi_bridge_1_m0_arcache (master[ariane_soc::UART].ar_cache), // input, width = 4, .arcache - .axi_bridge_1_m0_arprot (master[ariane_soc::UART].ar_prot), // input, width = 3, .arprot - .axi_bridge_1_m0_arvalid (master[ariane_soc::UART].ar_valid), // input, width = 1, .arvalid - .axi_bridge_1_m0_arready (master[ariane_soc::UART].ar_ready), // output, width = 1, .arready - .axi_bridge_1_m0_rid (master[ariane_soc::UART].r_id), // output, width = 8, .rid - .axi_bridge_1_m0_rdata (master[ariane_soc::UART].r_data), // output, width = 64, .rdata - .axi_bridge_1_m0_rresp (master[ariane_soc::UART].r_resp), // output, width = 2, .rresp - .axi_bridge_1_m0_rlast (master[ariane_soc::UART].r_last), // output, width = 1, .rlast - .axi_bridge_1_m0_rvalid (master[ariane_soc::UART].r_valid), // output, width = 1, .rvalid - .axi_bridge_1_m0_rready (master[ariane_soc::UART].r_ready), // input, width = 1, .rready - .jtag_uart_0_avalon_jtag_slave_address (uart_amm_address), // output, width = 1, jtag_uart_0_avalon_jtag_slave.address - .jtag_uart_0_avalon_jtag_slave_write (uart_amm_write), // output, width = 1, .write - .jtag_uart_0_avalon_jtag_slave_read (uart_amm_read), // output, width = 1, .read - .jtag_uart_0_avalon_jtag_slave_readdata (uart_amm_rdata), // input, width = 32, .readdata - .jtag_uart_0_avalon_jtag_slave_writedata (uart_amm_wdata), // output, width = 32, .writedata - .jtag_uart_0_avalon_jtag_slave_waitrequest (uart_amm_ready), // input, width = 1, .waitrequest - .jtag_uart_0_avalon_jtag_slave_chipselect (uart_amm_chipselect), // output, width = 1, .chipselect - .axi_bridge_1_clk_reset_reset_bridge_in_reset_reset (~ndmreset_n), // input, width = 1, axi_bridge_1_clk_reset_reset_bridge_in_reset.reset - .axi_bridge_1_m0_translator_clk_reset_reset_bridge_in_reset_reset (~ndmreset_n), // input, width = 1, axi_bridge_1_m0_translator_clk_reset_reset_bridge_in_reset.reset - .emif_fm_0_emif_usr_clk_clk (clk) // input, width = 1, emif_fm_0_emif_usr_clk.clk - ); // --------------------- // Board peripherals diff --git a/corev_apu/altera/src/cva6_altera_peripherals.sv b/corev_apu/altera/src/cva6_altera_peripherals.sv index dbab741d6..1ca54a3d1 100644 --- a/corev_apu/altera/src/cva6_altera_peripherals.sv +++ b/corev_apu/altera/src/cva6_altera_peripherals.sv @@ -192,123 +192,85 @@ module cva6_peripherals #( // --------------- // 2. UART // --------------- - logic uart_penable; - logic uart_pwrite; - logic [31:0] uart_paddr; - logic uart_psel; - logic [31:0] uart_pwdata; - logic [31:0] uart_prdata; - logic uart_pready; - logic uart_pslverr; - axi2apb_64_32 #( - .AXI4_ADDRESS_WIDTH ( AxiAddrWidth ), - .AXI4_RDATA_WIDTH ( AxiDataWidth ), - .AXI4_WDATA_WIDTH ( AxiDataWidth ), - .AXI4_ID_WIDTH ( AxiIdWidth ), - .AXI4_USER_WIDTH ( AxiUserWidth ), - .BUFF_DEPTH_SLAVE ( 2 ), - .APB_ADDR_WIDTH ( 32 ) - ) i_axi2apb_64_32_uart ( - .ACLK ( clk_i ), - .ARESETn ( rst_ni ), - .test_en_i ( 1'b0 ), - .AWID_i ( uart.aw_id ), - .AWADDR_i ( uart.aw_addr ), - .AWLEN_i ( uart.aw_len ), - .AWSIZE_i ( uart.aw_size ), - .AWBURST_i ( uart.aw_burst ), - .AWLOCK_i ( uart.aw_lock ), - .AWCACHE_i ( uart.aw_cache ), - .AWPROT_i ( uart.aw_prot ), - .AWREGION_i( uart.aw_region ), - .AWUSER_i ( uart.aw_user ), - .AWQOS_i ( uart.aw_qos ), - .AWVALID_i ( uart.aw_valid ), - .AWREADY_o ( uart.aw_ready ), - .WDATA_i ( uart.w_data ), - .WSTRB_i ( uart.w_strb ), - .WLAST_i ( uart.w_last ), - .WUSER_i ( uart.w_user ), - .WVALID_i ( uart.w_valid ), - .WREADY_o ( uart.w_ready ), - .BID_o ( uart.b_id ), - .BRESP_o ( uart.b_resp ), - .BVALID_o ( uart.b_valid ), - .BUSER_o ( uart.b_user ), - .BREADY_i ( uart.b_ready ), - .ARID_i ( uart.ar_id ), - .ARADDR_i ( uart.ar_addr ), - .ARLEN_i ( uart.ar_len ), - .ARSIZE_i ( uart.ar_size ), - .ARBURST_i ( uart.ar_burst ), - .ARLOCK_i ( uart.ar_lock ), - .ARCACHE_i ( uart.ar_cache ), - .ARPROT_i ( uart.ar_prot ), - .ARREGION_i( uart.ar_region ), - .ARUSER_i ( uart.ar_user ), - .ARQOS_i ( uart.ar_qos ), - .ARVALID_i ( uart.ar_valid ), - .ARREADY_o ( uart.ar_ready ), - .RID_o ( uart.r_id ), - .RDATA_o ( uart.r_data ), - .RRESP_o ( uart.r_resp ), - .RLAST_o ( uart.r_last ), - .RUSER_o ( uart.r_user ), - .RVALID_o ( uart.r_valid ), - .RREADY_i ( uart.r_ready ), - .PENABLE ( uart_penable ), - .PWRITE ( uart_pwrite ), - .PADDR ( uart_paddr ), - .PSEL ( uart_psel ), - .PWDATA ( uart_pwdata ), - .PRDATA ( uart_prdata ), - .PREADY ( uart_pready ), - .PSLVERR ( uart_pslverr ) - ); + // UART Through JTAG// - if (InclUART) begin : gen_uart - apb_uart i_apb_uart ( - .CLK ( clk_i ), - .RSTN ( rst_ni ), - .PSEL ( uart_psel ), - .PENABLE ( uart_penable ), - .PWRITE ( uart_pwrite ), - .PADDR ( uart_paddr[4:2] ), - .PWDATA ( uart_pwdata ), - .PRDATA ( uart_prdata ), - .PREADY ( uart_pready ), - .PSLVERR ( uart_pslverr ), - .INT ( irq_sources[0] ), - .OUT1N ( ), // keep open - .OUT2N ( ), // keep open - .RTSN ( ), // no flow control - .DTRN ( ), // no flow control - .CTSN ( 1'b0 ), - .DSRN ( 1'b0 ), - .DCDN ( 1'b0 ), - .RIN ( 1'b0 ), - .SIN ( rx_i ), - .SOUT ( tx_o ) - ); - end else begin - /* pragma translate_off */ - `ifndef VERILATOR - mock_uart i_mock_uart ( - .clk_i ( clk_i ), - .rst_ni ( rst_ni ), - .penable_i ( uart_penable ), - .pwrite_i ( uart_pwrite ), - .paddr_i ( uart_paddr ), - .psel_i ( uart_psel ), - .pwdata_i ( uart_pwdata ), - .prdata_o ( uart_prdata ), - .pready_o ( uart_pready ), - .pslverr_o ( uart_pslverr ) - ); - `endif - /* pragma translate_on */ - end +logic uart_amm_ready; +logic uart_amm_read; +logic uart_amm_write; +logic uart_amm_read_n; +logic uart_amm_write_n; +logic uart_amm_chipselect; +logic uart_amm_irq; +logic [0:0] uart_amm_address; +logic [31:0] uart_amm_rdata; +logic [31:0] uart_amm_wdata; + + +assign uart_amm_read_n = ~uart_amm_read; +assign uart_amm_write_n = ~uart_amm_write; + +cva6_intel_jtag_uart_0 uart_i ( + .clk (clk_i), // input, width = 1, clk.clk + .rst_n (rst_ni), + .av_chipselect (uart_amm_chipselect), // input, width = 1, avalon_jtag_slave.chipselect + .av_address (uart_amm_address), // input, width = 1, .address + .av_read_n (uart_amm_read_n), // input, width = 1, .read_n + .av_readdata (uart_amm_rdata), // output, width = 32, .readdata + .av_write_n (uart_amm_write_n), // input, width = 1, .write_n + .av_writedata (uart_amm_wdata), // input, width = 32, .writedata + .av_waitrequest (uart_amm_ready), // output, width = 1, .waitrequest + .av_irq (irq_sources[0]) // output, width = 1, irq.irq +); + +//axi4 to avalon converter +interconnect_altera_mm_interconnect_1920_v5r556a axi_to_avalon_uart ( + .axi_bridge_1_m0_awid (uart.aw_id), // input, width = 8, axi_bridge_1_m0.awid + .axi_bridge_1_m0_awaddr (uart.aw_addr), // input, width = 64, .awaddr + .axi_bridge_1_m0_awlen (uart.aw_len), // input, width = 8, .awlen + .axi_bridge_1_m0_awsize (uart.aw_size), // input, width = 3, .awsize + .axi_bridge_1_m0_awburst (uart.aw_burst), // input, width = 2, .awburst + .axi_bridge_1_m0_awlock (uart.aw_lock), // input, width = 1, .awlock + .axi_bridge_1_m0_awcache (uart.aw_cache), // input, width = 4, .awcache + .axi_bridge_1_m0_awprot (uart.aw_prot), // input, width = 3, .awprot + .axi_bridge_1_m0_awvalid (uart.aw_valid), // input, width = 1, .awvalid + .axi_bridge_1_m0_awready (uart.aw_ready), // output, width = 1, .awready + .axi_bridge_1_m0_wdata (uart.w_data), // input, width = 64, .wdata + .axi_bridge_1_m0_wstrb (uart.w_strb), // input, width = 8, .wstrb + .axi_bridge_1_m0_wlast (uart.w_last), // input, width = 1, .wlast + .axi_bridge_1_m0_wvalid (uart.w_valid), // input, width = 1, .wvalid + .axi_bridge_1_m0_wready (uart.w_ready), // output, width = 1, .wready + .axi_bridge_1_m0_bid (uart.b_id), // output, width = 8, .bid + .axi_bridge_1_m0_bresp (uart.b_resp), // output, width = 2, .bresp + .axi_bridge_1_m0_bvalid (uart.b_valid), // output, width = 1, .bvalid + .axi_bridge_1_m0_bready (uart.b_ready), // input, width = 1, .bready + .axi_bridge_1_m0_arid (uart.ar_id), // input, width = 8, .arid + .axi_bridge_1_m0_araddr (uart.ar_addr), // input, width = 64, .araddr + .axi_bridge_1_m0_arlen (uart.ar_len), // input, width = 8, .arlen + .axi_bridge_1_m0_arsize (uart.ar_size), // input, width = 3, .arsize + .axi_bridge_1_m0_arburst (uart.ar_burst), // input, width = 2, .arburst + .axi_bridge_1_m0_arlock (uart.ar_lock), // input, width = 1, .arlock + .axi_bridge_1_m0_arcache (uart.ar_cache), // input, width = 4, .arcache + .axi_bridge_1_m0_arprot (uart.ar_prot), // input, width = 3, .arprot + .axi_bridge_1_m0_arvalid (uart.ar_valid), // input, width = 1, .arvalid + .axi_bridge_1_m0_arready (uart.ar_ready), // output, width = 1, .arready + .axi_bridge_1_m0_rid (uart.r_id), // output, width = 8, .rid + .axi_bridge_1_m0_rdata (uart.r_data), // output, width = 64, .rdata + .axi_bridge_1_m0_rresp (uart.r_resp), // output, width = 2, .rresp + .axi_bridge_1_m0_rlast (uart.r_last), // output, width = 1, .rlast + .axi_bridge_1_m0_rvalid (uart.r_valid), // output, width = 1, .rvalid + .axi_bridge_1_m0_rready (uart.r_ready), // input, width = 1, .rready + .jtag_uart_0_avalon_jtag_slave_address (uart_amm_address), // output, width = 1, jtag_uart_0_avalon_jtag_slave.address + .jtag_uart_0_avalon_jtag_slave_write (uart_amm_write), // output, width = 1, .write + .jtag_uart_0_avalon_jtag_slave_read (uart_amm_read), // output, width = 1, .read + .jtag_uart_0_avalon_jtag_slave_readdata (uart_amm_rdata), // input, width = 32, .readdata + .jtag_uart_0_avalon_jtag_slave_writedata (uart_amm_wdata), // output, width = 32, .writedata + .jtag_uart_0_avalon_jtag_slave_waitrequest (uart_amm_ready), // input, width = 1, .waitrequest + .jtag_uart_0_avalon_jtag_slave_chipselect (uart_amm_chipselect), // output, width = 1, .chipselect + .axi_bridge_1_clk_reset_reset_bridge_in_reset_reset (~rst_ni), // input, width = 1, axi_bridge_1_clk_reset_reset_bridge_in_reset.reset + .axi_bridge_1_m0_translator_clk_reset_reset_bridge_in_reset_reset (~rst_ni), // input, width = 1, axi_bridge_1_m0_translator_clk_reset_reset_bridge_in_reset.reset + .emif_fm_0_emif_usr_clk_clk (clk_i) // input, width = 1, emif_fm_0_emif_usr_clk.clk + ); // --------------- // 3. SPI diff --git a/corev_apu/fpga/src/bootrom/src/uart.c b/corev_apu/fpga/src/bootrom/src/uart.c index 79a4ee8b7..6ef84862c 100644 --- a/corev_apu/fpga/src/bootrom/src/uart.c +++ b/corev_apu/fpga/src/bootrom/src/uart.c @@ -22,7 +22,7 @@ int is_transmit_empty() char is_transmit_empty_altera() { - return read_reg_u8(UART_THR+6); + return ((read_reg_u8(UART_THR+7) << 8 ) + read_reg_u8(UART_THR+6)); } int is_receive_empty() @@ -30,7 +30,7 @@ int is_receive_empty() #ifndef PLAT_AGILEX return !(read_reg_u8(UART_LINE_STATUS) & 0x1); #else - return !(read_reg_u8(UART_THR+1) & 0x8); + return (read_reg_u8(UART_THR) == 0); #endif } diff --git a/corev_apu/src/ariane.sv b/corev_apu/src/ariane.sv index 866c6d636..c66d12250 100644 --- a/corev_apu/src/ariane.sv +++ b/corev_apu/src/ariane.sv @@ -108,38 +108,36 @@ module ariane import ariane_pkg::*; #( .noc_resp_i ( noc_resp_i ) ); - if (CVA6Cfg.CvxifEn) begin : gen_example_coprocessor - cvxif_example_coprocessor #( - .NrRgprPorts (CVA6Cfg.NrRgprPorts), - .XLEN (CVA6Cfg.XLEN), - .readregflags_t (readregflags_t), - .writeregflags_t (writeregflags_t), - .id_t (id_t), - .hartid_t (hartid_t), - .x_compressed_req_t (x_compressed_req_t), - .x_compressed_resp_t (x_compressed_resp_t), - .x_issue_req_t (x_issue_req_t), - .x_issue_resp_t (x_issue_resp_t), - .x_register_t (x_register_t), - .x_commit_t (x_commit_t), - .x_result_t (x_result_t), - .cvxif_req_t (cvxif_req_t), - .cvxif_resp_t (cvxif_resp_t) - ) i_cvxif_coprocessor ( - .clk_i ( clk_i ), - .rst_ni ( rst_ni ), - .cvxif_req_i ( cvxif_req ), - .cvxif_resp_o ( cvxif_resp ) - ); - end else begin - always_comb begin - cvxif_resp = '0; - cvxif_resp.compressed_ready = 1'b1; - cvxif_resp.issue_ready = 1'b1; - cvxif_resp.register_ready = 1'b1; + if (CVA6Cfg.CvxifEn) begin: gen_cvxif + if (CVA6Cfg.CoproType == config_pkg::COPRO_EXAMPLE) begin: gen_COPRO_EXAMPLE + cvxif_example_coprocessor #( + .NrRgprPorts (CVA6Cfg.NrRgprPorts), + .XLEN (CVA6Cfg.XLEN), + .readregflags_t (readregflags_t), + .writeregflags_t (writeregflags_t), + .id_t (id_t), + .hartid_t (hartid_t), + .x_compressed_req_t (x_compressed_req_t), + .x_compressed_resp_t (x_compressed_resp_t), + .x_issue_req_t (x_issue_req_t), + .x_issue_resp_t (x_issue_resp_t), + .x_register_t (x_register_t), + .x_commit_t (x_commit_t), + .x_result_t (x_result_t), + .cvxif_req_t (cvxif_req_t), + .cvxif_resp_t (cvxif_resp_t) + ) i_cvxif_coprocessor ( + .clk_i ( clk_i ), + .rst_ni ( rst_ni ), + .cvxif_req_i ( cvxif_req ), + .cvxif_resp_o ( cvxif_resp ) + ); + end else begin: gen_COPRO_NONE + assign cvxif_resp = '{compressed_ready: 1'b1, issue_ready: 1'b1, register_ready: 1'b1, default: '0}; end + end else begin: gen_no_cvxif + assign cvxif_resp = '0; end - endmodule // ariane diff --git a/corev_apu/tb/rvfi_tracer.sv b/corev_apu/tb/rvfi_tracer.sv index b48a4836d..13d7183fa 100644 --- a/corev_apu/tb/rvfi_tracer.sv +++ b/corev_apu/tb/rvfi_tracer.sv @@ -78,8 +78,14 @@ module rvfi_tracer #( // print the instruction information if the instruction is valid or a trap is taken if (rvfi_i[i].valid) begin // Instruction information - $fwrite(f, "core 0: 0x%h (0x%h) DASM(%h)\n", - pc64, rvfi_i[i].insn, rvfi_i[i].insn); + if (rvfi_i[i].intr[2]) begin + $fwrite(f, "core INTERRUPT 0: 0x%h (0x%h) DASM(%h)\n", + pc64, rvfi_i[i].insn, rvfi_i[i].insn); + end + else begin + $fwrite(f, "core 0: 0x%h (0x%h) DASM(%h)\n", + pc64, rvfi_i[i].insn, rvfi_i[i].insn); + end // Destination register information if (rvfi_i[i].insn[1:0] != 2'b11) begin $fwrite(f, "%h 0x%h (0x%h)", @@ -129,8 +135,13 @@ module rvfi_tracer #( 32'h5: cause = "LD_ACCESS_FAULT"; 32'h6: cause = "ST_ADDR_MISALIGNED"; 32'h7: cause = "ST_ACCESS_FAULT"; + 32'hb: cause = "ENV_CALL_MMODE"; endcase; - $fwrite(f, "%s exception @ 0x%h\n", cause, pc64); + if (rvfi_i[i].insn[1:0] != 2'b11) begin + $fwrite(f, "%s exception @ 0x%h (0x%h)\n", cause, pc64, rvfi_i[i].insn[15:0]); + end else begin + $fwrite(f, "%s exception @ 0x%h (0x%h)\n", cause, pc64, rvfi_i[i].insn); + end end end end diff --git a/docs/03_cva6_design/_static/bht2lvl.png b/docs/03_cva6_design/_static/bht2lvl.png new file mode 100644 index 000000000..60f53c6cb Binary files /dev/null and b/docs/03_cva6_design/_static/bht2lvl.png differ diff --git a/docs/07_cv32a60x/index.rst b/docs/07_cv32a60x/index.rst new file mode 100644 index 000000000..0d0669c01 --- /dev/null +++ b/docs/07_cv32a60x/index.rst @@ -0,0 +1,17 @@ +CV32A60X documentation +====================== + +.. toctree:: + :maxdepth: 1 + +.. + riscv/unpriv.rst + riscv/priv.rst + +Below are links to RISC-V ISA documents tailored for the CV32A60X and to CV32A60X-specific design documentation. +Only those CSRs and Instructions that are supported by the CV32A60X are documented here. + +| `Unprivileged RISC-V ISA `_ +| `Privileged RISC-V ISA `_ +| `Design Documentation for CV32A60X `_ + diff --git a/docs/07_cv32a60x/riscv/Makefile b/docs/07_cv32a60x/riscv/Makefile new file mode 100644 index 000000000..85540807b --- /dev/null +++ b/docs/07_cv32a60x/riscv/Makefile @@ -0,0 +1,10 @@ +# Copyright 2025 Thales DIS France SAS +# Licensed under the Solderpad Hardware License, Version 2.1 (the "License"); +# you may not use this file except in compliance with the License. +# SPDX-License-Identifier: Apache-2.0 WITH SHL-2.1 +# You may obtain a copy of the License at https://solderpad.org/licenses/ +# +# Original Author: André Sintzoff - Thales DIS + +CONFIG := cv32a60x +include ../../riscv-isa/build.mk diff --git a/docs/07_cv32a60x/riscv/priv.rst b/docs/07_cv32a60x/riscv/priv.rst new file mode 100644 index 000000000..b6e0a8d8c --- /dev/null +++ b/docs/07_cv32a60x/riscv/priv.rst @@ -0,0 +1,14 @@ +.. + Copyright (c) 2025 Thales DIS France SAS + Licensed under the Solderpad Hardware Licence, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0 + You may obtain a copy of the License at https://solderpad.org/licenses/ + + Original Author: André Sintzoff - Thales DIS + +Privileged RISC-V ISA +===================== + +.. raw:: html + :file: priv-isa-cv32a60x.html diff --git a/docs/07_cv32a60x/riscv/unpriv.rst b/docs/07_cv32a60x/riscv/unpriv.rst new file mode 100644 index 000000000..ed4ce5447 --- /dev/null +++ b/docs/07_cv32a60x/riscv/unpriv.rst @@ -0,0 +1,14 @@ +.. + Copyright (c) 2025 Thales DIS France SAS + Licensed under the Solderpad Hardware Licence, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0 + You may obtain a copy of the License at https://solderpad.org/licenses/ + + Original Author: André Sintzoff - Thales DIS + +Unprivileged RISC-V ISA +======================= + +.. raw:: html + :file: unpriv-isa-cv32a60x.html diff --git a/docs/Makefile b/docs/Makefile index 0e7527e70..567c13ceb 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -6,6 +6,8 @@ prepare: make -C 06_cv64a6_mmu/riscv priv-html unpriv-html + make -C 07_cv32a60x/riscv priv-html unpriv-html + sphinx: sphinx-build . _build diff --git a/docs/common/config_define.adoc b/docs/common/config_define.adoc index 3d7952b36..6003998f7 100644 --- a/docs/common/config_define.adoc +++ b/docs/common/config_define.adoc @@ -1,12 +1,21 @@ +ifeval::["{ohg-config}"=="CV32A60X"] +:archi-CVA6: +:archi-CV32A60X: +// specify that it is a custom architecture +:archi-not-default: +endif::[] + ifeval::["{ohg-config}"=="CV32A65X"] :archi-CVA6: +:archi-CV32A65X: // specify that it is a custom architecture :archi-not-default: endif::[] ifeval::["{ohg-config}"=="CV64A6_MMU"] :archi-CVA6: +:archi-CV64A6_MMU: // specify that it is a custom architecture :archi-not-default: endif::[] diff --git a/docs/design/design-manual/source/CVX_Interface_Coprocessor.adoc b/docs/design/design-manual/source/CVX_Interface_Coprocessor.adoc index 4290a1372..cfdfdf860 100644 --- a/docs/design/design-manual/source/CVX_Interface_Coprocessor.adoc +++ b/docs/design/design-manual/source/CVX_Interface_Coprocessor.adoc @@ -61,57 +61,71 @@ Supported Parameters The following table presents CVXIF parameters supported by CVA6. -[cols=",,",options="header",] +[cols=",a,a",options="header",] |============================================= |Signal |Value |Description -|*X_NUM_RS* |int: 2 or 3 (configurable) a| +|*X_NUM_RS* | +int: 2 or 3 (configurable) + + +* CV32A60X: 2 +* CV32A65X: 2 +| [verse] -- Number of register file read ports that can be used by the eXtension interface -- - | -|*X_ID_WIDTH* |int: 3 a| +|*X_ID_WIDTH* | +int: 1 to 32 + + +* CV32A60X: 2 +* CV32A65X: 3 +| [verse] -- Identification width for the eXtension interface -- - | -|*X_MEM_WIDTH* |n/a (feature not supported) a| +|*X_MEM_WIDTH* |n/a (feature not supported) | [verse] -- Memory access width for loads/stores via the eXtension interface -- - | -|*X_RFR_WIDTH* |int: `XLEN` (32 or 64) a| +|*X_RFR_WIDTH* | +int: `XLEN` (32 or 64) + + +* CV32A60X: 32 +* CV32A65X: 32 +| [verse] -- Register file read access width for the eXtension interface -- - | -|*X_RFW_WIDTH* |int: `XLEN` (32 or 64) a| +|*X_RFW_WIDTH* | +int: `XLEN` (32 or 64) + + +* CV32A60X: 32 +* CV32A65X: 32 +| [verse] -- Register file write access width for the eXtension interface -- - | -|*X_MISA* |logic[31:0]: 0x0000_0000 a| +|*X_MISA* |logic[31:0]: 0x0000_0000 | [verse] -- MISA extensions implemented on the eXtension interface -- - | |============================================= [[cv-x-if-enabling]] diff --git a/docs/index.rst b/docs/index.rst index ce38770a9..e7dff50f3 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -69,5 +69,6 @@ The :doc:`CVA6 APU <05_cva6_apu/index>` describes an Application Processor Unit 01_cva6_user/index.rst 03_cva6_design/index.rst 04_cv32a65x/index.rst + 07_cv32a60x/index.rst 06_cv64a6_mmu/index.rst 05_cva6_apu/index.rst diff --git a/docs/requirements.txt b/docs/requirements.txt index a77aa8cf7..d9cbc647a 100644 --- a/docs/requirements.txt +++ b/docs/requirements.txt @@ -3,3 +3,9 @@ sphinx-rtd-theme recommonmark sphinxcontrib-svg2pdfconverter sphinx_github_changelog + +# for gen_from_riscv_config +mako +mdutils +pyyaml +rstcloth diff --git a/docs/riscv-isa/riscv-isa-manual b/docs/riscv-isa/riscv-isa-manual index 2c07aa2bc..4f277ff8e 160000 --- a/docs/riscv-isa/riscv-isa-manual +++ b/docs/riscv-isa/riscv-isa-manual @@ -1 +1 @@ -Subproject commit 2c07aa2bcc02fd5fb2e53e42a32dc62a3eb0aa62 +Subproject commit 4f277ff8ea8c0fc9394dfccd1da0ace34b1aef68 diff --git a/docs/riscv-isa/src/colophon.adoc b/docs/riscv-isa/src/colophon.adoc index d05ee78be..d5d1e07c4 100644 --- a/docs/riscv-isa/src/colophon.adoc +++ b/docs/riscv-isa/src/colophon.adoc @@ -7,7 +7,7 @@ This document describes the RISC-V unprivileged architecture tailored for OpenHW Group {ohg-config}. -[.big]*_Preface to Document Version 20241017_* +[.big]*_Preface to Document Version 20241101_* This document describes the RISC-V unprivileged architecture. diff --git a/docs/riscv-isa/src/machine.adoc b/docs/riscv-isa/src/machine.adoc index ceb8e904a..06246d1aa 100644 --- a/docs/riscv-isa/src/machine.adoc +++ b/docs/riscv-isa/src/machine.adoc @@ -226,10 +226,17 @@ supervisor modes respectively. The "X" bit will be set if there are any non-standard extensions. -When "B" bit is 1, the implementation supports the instructions provided by the -Zba, Zbb, and Zbs extensions. When "B" bit is 0, it indicates that the +When the "B" bit is 1, the implementation supports the instructions provided by the +Zba, Zbb, and Zbs extensions. When the "B" bit is 0, it indicates that the implementation may not support one or more of the Zba, Zbb, or Zbs extensions. +When the "M" bit is 1, the implementation supports all multiply and +division instructions defined by the M extension. When the "M" bit +is 0, it indicates that the implementation may not support those +instructions. However if the Zmmul extension is supported then +the multiply instructions it specifies are supported irrespective +of the value of the "M" bit. + ifeval::[{note} == true] [NOTE] ==== @@ -391,7 +398,7 @@ field is not implemented. The Implementation value should reflect the design of the RISC-V processor itself and not any surrounding system. endif::[] -ifeval::["{ohg-config}" == "CV32A65X"] +ifdef::archi-CV32A60X,archi-CV32A65X[] The `mimpid` CSR provides a unique encoding of the version of the processor implementation. @@ -501,7 +508,7 @@ For RV32 only, `mstatush` is a 32-bit read/write register formatted as shown in <>. Bits 30:4 of `mstatush` generally contain the same fields found in bits 62:36 of `mstatus` for RV64. Fields SD, SXL, and UXL do not exist in `mstatush`. endif::[] -ifeval::["{ohg-config}" == "CV32A65X"] +ifdef::archi-CV32A60X,archi-CV32A65X[] [{ohg-config}] `mstatush` is a 32-bit read/write register formatted as shown in <>. endif::[] @@ -1242,7 +1249,7 @@ different encoding than XS. ==== endif::[] -ifeval::["{ohg-config}" == "CV32A65X"] +ifdef::archi-CV32A60X,archi-CV32A65X[] [{ohg-config}] The FS[1:0] and VS[1:0] *WARL* fields and the XS[1:0] read-only field are used to reduce the cost of context save and restore by setting and tracking the current state of the floating-point unit and any other user-mode @@ -1554,7 +1561,7 @@ additional microarchitectural bits might be maintained in the extension to further reduce context save and restore overhead. The SD bit is read-only and is set when either the FS, VS, or XS bits -encode a Dirty state (i.e., SD=((FS==11) OR (XS==11) OR (VS==11))). This +encode a Dirty state (i.e., `SD=(FS==0b11 OR XS==0b11 OR VS==0b11)`). This allows privileged code to quickly determine when no additional context save is required beyond the integer register set and `pc`. @@ -2108,7 +2115,7 @@ ifdef::archi-CVA6[] As the Sscofpmf extension is not implemented, `mip`.LCOFIP and `mie`.LCOFIE are read-only zeros. endif::[] -ifeval::["{ohg-config}" == "CV32A65X"] +ifdef::archi-CV32A60X,archi-CV32A65X[] [{ohg-config}] Multiple simultaneous interrupts destined for M-mode are handled in the following decreasing priority order: MEI, MSI, MTI. @@ -2211,7 +2218,7 @@ As XLEN=64, `mcycleh`, `minstreth`, and `mhpmcounter__n__h` do not exist. endif::[] -ifeval::["{ohg-config}" == "CV32A65X"] +ifdef::archi-CV32A60X,archi-CV32A65X[] As the Sscofpmf extension is not implemented, the `mhpmevent__n__h` CSRs are not provided. endif::[] @@ -3502,7 +3509,7 @@ As "{ohg-config}" does not distinguished different reset conditions, The `mcause` returns 0 after reset. endif::[] -ifeval::["{ohg-config}" == "CV32A65X"] +ifdef::archi-CV32A60X,archi-CV32A65X[] [{ohg-config}] Privilege mode is always M. As little-endian memory accesses are supported, the `mstatus`/`mstatush` field MBE is reset to 0. @@ -3865,7 +3872,9 @@ and I/O regions may be accessed with either _relaxed_ or _strong_ ordering. Accesses to an I/O region with relaxed ordering are generally observed by other harts and bus mastering devices in a manner similar to the ordering of accesses to an RVWMO memory region, as discussed in -Section A.4.2 in Volume I of this specification. By contrast, accesses +the I/O Ordering section in the RVWMO Explanatory Material appendix +of Volume I of this specification. +By contrast, accesses to an I/O region with strong ordering are generally observed by other harts and bus mastering devices in program order. @@ -4059,6 +4068,13 @@ endif::[] [[pmp]] === Physical Memory Protection +ifeval::[{NrPMPEntries} == 0] +[{ohg-config}] There is no optional physical memory protection (PMP) +unit. +endif::[] + +ifeval::[{NrPMPEntries} != 0] + To support secure processing and contain faults, it is desirable to limit the physical addresses accessible by software running on a hart. An optional physical memory protection (PMP) unit provides per-hart @@ -4482,3 +4498,5 @@ ifeval::["{ohg-config}" == "CV32A65X"] [{ohg-config}] As page-based virtual memory systems is not implemented, memory accesses check the PMP settings synchronously. endif::[] + +endif::[] diff --git a/docs/riscv-isa/src/mm-formal.adoc b/docs/riscv-isa/src/mm-formal.adoc new file mode 100644 index 000000000..87832d341 --- /dev/null +++ b/docs/riscv-isa/src/mm-formal.adoc @@ -0,0 +1,7 @@ +[appendix] +== Formal Memory Model Specifications, Version 0.1 +[[mm-formal]] + +ifdef::archi-CV32A60X,archi-CV32A65X[] +{ohg-config}: No RVWMO memory model. +endif::[] diff --git a/docs/riscv-isa/src/priv-csrs.adoc b/docs/riscv-isa/src/priv-csrs.adoc new file mode 100644 index 000000000..3bca7dcc6 --- /dev/null +++ b/docs/riscv-isa/src/priv-csrs.adoc @@ -0,0 +1,1039 @@ +[[priv-csrs]] +== Control and Status Registers (CSRs) + +The SYSTEM major opcode is used to encode all privileged instructions in +the RISC-V ISA. These can be divided into two main classes: those that +atomically read-modify-write control and status registers (CSRs), which +are defined in the Zicsr extension, and all other privileged +instructions. The privileged architecture requires the Zicsr extension; +which other privileged instructions are required depends on the +privileged-architecture feature set. + +In addition to the unprivileged state described in Volume I of this +manual, an implementation may contain additional CSRs, accessible by +some subset of the privilege levels using the CSR instructions described +in Volume I. In this chapter, we map out the CSR address space. The +following chapters describe the function of each of the CSRs according +to privilege level, as well as the other privileged instructions which +are generally closely associated with a particular privilege level. Note +that although CSRs and instructions are associated with one privilege +level, they are also accessible at all higher privilege levels. + +Standard CSRs do not have side effects on reads but may have side +effects on writes. + +=== CSR Address Mapping Conventions + +The standard RISC-V ISA sets aside a 12-bit encoding space (csr[11:0]) +for up to 4,096 CSRs. By convention, the upper 4 bits of the CSR address +(csr[11:8]) are used to encode the read and write accessibility of the +CSRs according to privilege level as shown in <>. The top two bits (csr[11:10]) indicate whether the register is read/write (`00`,`01`, or `10`) or read-only (`11`). The next two bits (csr[9:8]) encode the lowest privilege level that can access the CSR. + +[NOTE] +==== +The CSR address convention uses the upper bits of the CSR address to +encode default access privileges. This simplifies error checking in the +hardware and provides a larger CSR space, but does constrain the mapping +of CSRs into the address space. + +Implementations might allow a more-privileged level to trap otherwise +permitted CSR accesses by a less-privileged level to allow these +accesses to be intercepted. This change should be transparent to the +less-privileged software. +==== + +Instructions that access a non-existent CSR are reserved. +Attempts to access a CSR without appropriate privilege level +raise illegal-instruction exceptions or, as described in +<>, virtual-instruction exceptions. +Attempts to write a read-only register raise illegal-instruction exceptions. +A read/write register might also contain some bits that are +read-only, in which case writes to the read-only bits are ignored. + +<> also indicates the convention to +allocate CSR addresses between standard and custom uses. The CSR +addresses designated for custom uses will not be redefined by future +standard extensions. + +Machine-mode standard read-write CSRs `0x7A0`-`0x7BF` are reserved for +use by the debug system. Of these CSRs, `0x7A0`-`0x7AF` are accessible +to machine mode, whereas `0x7B0`-`0x7BF` are only visible to debug mode. +Implementations should raise illegal-instruction exceptions on +machine-mode access to the latter set of registers. + +[NOTE] +==== +Effective virtualization requires that as many instructions run natively +as possible inside a virtualized environment, while any privileged +accesses trap to the virtual machine monitor. cite:[goldbergvm] CSRs that are read-only +at some lower privilege level are shadowed into separate CSR addresses +if they are made read-write at a higher privilege level. This avoids +trapping permitted lower-privilege accesses while still causing traps on +illegal accesses. Currently, the counters are the only shadowed CSRs. +==== + +=== CSR Listing + +<>-<> list the CSRs that +have currently been allocated CSR addresses. The timers, counters, and +floating-point CSRs are standard unprivileged CSRs. The other registers +are used by privileged code, as described in the following chapters. +Note that not all registers are required on all implementations. + +[[csrrwpriv]] +.Allocation of RISC-V CSR address ranges. +[%autowidth,float="center",align="center",cols="^,^,^,^,<,<,<,<"] +[.monofont] +|=== +3+^|CSR Address 2.2+|Hex 3.2+|Use and Accessibility +|[11:10] |[9:8] |[7:4] +8+|Unprivileged and User-Level CSRs +m|00 m|00 m|XXXX 2+m| 0x000-0x0FF 3+|Standard read/write +|`01` |`00` |`XXXX` 2+| `0x400-0x4FF` 3+|Standard read/write +|`10` |`00` |`XXXX` 2+| `0x800-0x8FF` 3+|Custom read/write +|`11` |`00` |`0XXX` 2+| `0xC00-0xC7F` 3+|Standard read-only +|`11` |`00` |`10XX` 2+| `0xC80-0xCBF` 3+|Standard read-only +|`11` |`00` |`11XX` 2+| `0xCC0-0xCFF` 3+|Custom read-only +8+|Supervisor-Level CSRs +|`00` |`01` |`XXXX` 2+| `0x100-0x1FF` 3+|Standard read/write +|`01` |`01` |`0XXX` 2+| `0x500-0x57F` 3+|Standard read/write +|`01` |`01` |`10XX` 2+| `0x580-0x5BF` 3+|Standard read/write +|`01` |`01` |`11XX` 2+| `0x5C0-0x5FF` 3+|Custom read/write +|`10` |`01` |`0XXX` 2+| `0x900-0x97F` 3+|Standard read/write +|`10` |`01` |`10XX` 2+| `0x980-0x9BF` 3+|Standard read/write +|`10` |`01` |`11XX` 2+| `0x9C0-0x9FF` 3+|Custom read/write +|`11` |`01` |`0XXX` 2+| `0xD00-0xD7F` 3+|Standard read-only +|`11` |`01` |`10XX` 2+| `0xD80-0xDBF` 3+|Standard read-only +|`11` |`01` |`11XX` 2+| `0xDC0-0xDFF` 3+|Custom read-only +8+|Hypervisor and VS CSRs +|`00` |`10` |`XXXX` 2+| `0x200-0x2FF` 3+|Standard read/write +|`01` |`10` |`0XXX` 2+| `0x600-0x67F` 3+|Standard read/write +|`01` |`10` |`10XX` 2+| `0x680-0x6BF` 3+|Standard read/write +|`01` |`10` |`11XX` 2+| `0x6C0-0x6FF` 3+|Custom read/write +|`10` |`10` |`0XXX` 2+| `0xA00-0xA7F` 3+|Standard read/write +|`10` |`10` |`10XX` 2+| `0xA80-0xABF` 3+|Standard read/write +|`10` |`10` |`11XX` 2+| `0xAC0-0xAFF` 3+|Custom read/write +|`11` |`10` |`0XXX` 2+| `0xE00-0xE7F` 3+|Standard read-only +|`11` |`10` |`10XX` 2+| `0xE80-0xEBF` 3+|Standard read-only +|`11` |`10` |`11XX` 2+| `0xEC0-0xEFF` 3+|Custom read-only +8+|Machine-Level CSRs +|`00` |`11` |`XXXX` 2+|`0x300-0x3FF` 3+|Standard read/write +|`01` |`11` |`0XXX` 2+|`0x700-0x77F` 3+|Standard read/write +|`01` |`11` |`100X` 2+|`0x780-0x79F` 3+|Standard read/write +|`01` |`11` |`1010` 2+|`0x7A0-0x7AF` 3+|Standard read/write debug CSRs +|`01` |`11` |`1011` 2+|`0x7B0-0x7BF` 3+|Debug-mode-only CSRs +|`01` |`11` |`11XX` 2+|`0x7C0-0x7FF` 3+|Custom read/write +|`10` |`11` |`0XXX` 2+|`0xB00-0xB7F` 3+|Standard read/write +|`10` |`11` |`10XX` 2+|`0xB80-0xBBF` 3+|Standard read/write +|`10` |`11` |`11XX` 2+|`0xBC0-0xBFF` 3+|Custom read/write +|`11` |`11` |`0XXX` 2+|`0xF00-0xF7F` 3+|Standard read-only +|`11` |`11` |`10XX` 2+|`0xF80-0xFBF` 3+|Standard read-only +|`11` |`11` |`11XX` 2+|`0xFC0-0xFFF` 3+|Custom read-only +|=== + +<<< + +[[ucsrnames]] +.Currently allocated RISC-V unprivileged CSR addresses. +[float="center",align="center",cols="<10%,<10%,<20%,<60%",options="header"] +|=== +|Number |Privilege |Name |Description +4+^|Unprivileged Floating-Point CSRs + +|`0x001` + +`0x002` + +`0x003` +|URW + +URW + +URW +|`fflags` + +`frm` + +`fcsr` +|Floating-Point Accrued Exceptions. + +Floating-Point Dynamic Rounding Mode. + +Floating-Point Control and Status Register (`frm` +`fflags`). + +4+^|Unprivileged Vector CSRs + +|`0x008` + +`0x009` + +`0x00A` + +`0x00F` + +`0xC20` + +`0xC21` + +`0xC22` +|URW + +URW + +URW + +URW + +URO + +URO + +URO +|`vstart` + +`vxsat` + +`vxrm` + +`vcsr` + +`vl` + +`vtype` + +`vlenb` +|Vector start position. + +Fixed-point accrued saturation flag. + +Fixed-point rounding mode. + +Vector control and status register. + +Vector length. + +Vector data type register. + +Vector register length in bytes. + +4+^|Unprivileged Zicfiss extension CSR +|`0x011` + +|URW + +|`ssp` + +|Shadow Stack Pointer. + + +4+^|Unprivileged Entropy Source Extension CSR +|`0x015` + +|URW + +|`seed` + +|Seed for cryptographic random bit generators. + + +4+^|Unprivileged Zcmt Extension CSR +|`0x017` + +|URW + +|`jvt` + +|Table jump base vector and control register. + + +4+^|Unprivileged Counter/Timers + +|`0xC00` + +`0xC01` + +`0xC02` + +`0xC03` + +`0xC04` + +   + +`0xC1F` + +`0xC80` + +`0xC81` + +`0xC82` + +`0xC83` + +`0xC84` + +  + +`0xC9F` +|URO + +URO + +URO + +URO + +URO + +  + +URO + +URO + +URO + +URO + +URO + +URO + +  + +URO +|`cycle` + +`time` + +`instret` + +`hpmcounter3` + +`hpmcounter4` + +⋮ + +`hpmcounter31` + +`cycleh` + +`timeh` + +`instreth` + +`hpmcounter3h` + +`hpmcounter4h` + +⋮ + +`hpmcounter31h` +|Cycle counter for RDCYCLE instruction. + +Timer for RDTIME instruction. + +Instructions-retired counter for RDINSTRET instruction. + +Performance-monitoring counter. + +Performance-monitoring counter. + +  + +Performance-monitoring counter. + +Upper 32 bits of `cycle`, RV32 only. + +Upper 32 bits of `time`, RV32 only. + +Upper 32 bits of `instret`, RV32 only. + +Upper 32 bits of `hpmcounter3`, RV32 only. + +Upper 32 bits of `hpmcounter4`, RV32 only. + +  + +Upper 32 bits of `hpmcounter31`, RV32 only. +|=== + +<<< + +[[scsrnames]] +.Currently allocated RISC-V supervisor-level CSR addresses. +[%autowidth,float="center",align="center",cols="<,<,<,<",options="header"] +|=== +|Number |Privilege |Name |Description +4+^|Supervisor Trap Setup + +|`0x100` + +`0x104` + +`0x105` + +`0x106` +|SRW + +SRW + +SRW + +SRW +|`sstatus` + +`sie` + +`stvec` + +`scounteren` +|Supervisor status register. + +Supervisor interrupt-enable register. + +Supervisor trap handler base address. + +Supervisor counter enable. + +4+^|Supervisor Configuration + +|`0x10A` |SRW |`senvcfg` |Supervisor environment configuration register. + +4+^|Supervisor Counter Setup + +|`0x120` |SRW |`scountinhibit` |Supervisor counter-inhibit register. + +4+^|Supervisor Trap Handling + +|`0x140` + +`0x141` + +`0x142` + +`0x143` + +`0x144` + +`0xDA0` +|SRW + +SRW + +SRW + +SRW + +SRW + +SRO +|`sscratch` + +`sepc` + +`scause` + +`stval` + +`sip` + +`scountovf` +|Supervisor scratch register. + +Supervisor exception program counter. + +Supervisor trap cause. + +Supervisor trap value. + +Supervisor interrupt pending. + +Supervisor count overflow. + +4+^|Supervisor Protection and Translation + +|`0x180` |SRW |`satp` |Supervisor address translation and protection. + +4+^|Debug/Trace Registers + +|`0x5A8` |SRW |`scontext` |Supervisor-mode context register. + +//4+^|Supervisor Resource Management Configuration +//|`0x181` |SRW |`srmcfg` |Supervisor Resource Management Configuration. + +4+^|Supervisor State Enable Registers +|`0x10C` + + `0x10D` + + `0x10E` + + `0x10F` +|SRW + + SRW + + SRW + + SRW +|`sstateen0` + + `sstateen1` + + `sstateen2` + + `sstateen3` +|Supervisor State Enable 0 Register. + + Supervisor State Enable 1 Register. + + Supervisor State Enable 2 Register. + + Supervisor State Enable 3 Register. + +|=== + +<<< + +[[hcsrnames]] +.Currently allocated RISC-V hypervisor and VS CSR addresses. +[%autowidth,float="center",align="center",cols="<,<,<,<",options="header"] +|=== +|Number |Privilege |Name |Description +4+^|Hypervisor Trap Setup + +|`0x600` + +`0x602` + +`0x603` + +`0x604` + +`0x606` + +`0x607` + +`0x612` +|HRW + +HRW + +HRW + +HRW + +HRW + +HRW + +HRW +|`hstatus` + +`hedeleg` + +`hideleg` + +`hie` + +`hcounteren` + +`hgeie` + +`hedelegh` +|Hypervisor status register. + +Hypervisor exception delegation register. + +Hypervisor interrupt delegation register. + +Hypervisor interrupt-enable register. + +Hypervisor counter enable. + +Hypervisor guest external interrupt-enable register. + +Upper 32 bits of `hedeleg`, RV32 only. + +4+^|Hypervisor Trap Handling + +|`0x643` + +`0x644` + +`0x645` + +`0x64A` + +`0xE12` +|HRW + +HRW + +HRW + +HRW + +HRO +|`htval` + +`hip` + +`hvip` + +`htinst` + +`hgeip` +|Hypervisor trap value. + +Hypervisor interrupt pending. + +Hypervisor virtual interrupt pending. + +Hypervisor trap instruction (transformed). + +Hypervisor guest external interrupt pending. + +4+^|Hypervisor Configuration + +|`0x60A` + +`0x61A` +|HRW + +HRM +|`henvcfg` + +`henvcfgh` +|Hypervisor environment configuration register. + +Upper 32 bits of `henvcfg`, RV32 only. + +4+^|Hypervisor Protection and Translation + +|`0x680` |HRW |`hgatp` |Hypervisor guest address translation and protection. + +4+^|Debug/Trace Registers + +|`0x6A8` |HRW |`hcontext` |Hypervisor-mode context register. + +4+^|Hypervisor Counter/Timer Virtualization Registers + +|`0x605` + +`0x615` +|HRW + +HRW +|`htimedelta` + +`htimedeltah` +|Delta for VS/VU-mode timer. + +Upper 32 bits of `htimedelta`, RV32 only. + +4+^|Hypervisor State Enable Registers +|`0x60C` + + `0x60D` + + `0x60E` + + `0x60F` + + `0x61C` + + `0x61D` + + `0x61E` + + `0x61F` +|HRW + + HRW + + HRW + + HRW + + HRW + + HRW + + HRW + + HRW +|`hstateen0` + + `hstateen1` + + `hstateen2` + + `hstateen3` + + `hstateen0h` + + `hstateen1h` + + `hstateen2h` + + `hstateen3h` +|Hypervisor State Enable 0 Register. + + Hypervisor State Enable 1 Register. + + Hypervisor State Enable 2 Register. + + Hypervisor State Enable 3 Register. + + Upper 32 bits of Hypervisor State Enable 0 Register, RV32 only. + + Upper 32 bits of Hypervisor State Enable 1 Register, RV32 only. + + Upper 32 bits of Hypervisor State Enable 2 Register, RV32 only. + + Upper 32 bits of Hypervisor State Enable 3 Register, RV32 only. + +4+^|Virtual Supervisor Registers + +|`0x200` + +`0x204` + +`0x205` + +`0x240` + +`0x241` + +`0x242` + +`0x243` + +`0x244` + +`0x280` +|HRW + +HRW + +HRW + +HRW + +HRW + +HRW + +HRW + +HRW + +HRW +|`vsstatus` + +`vsie` + +`vstvec` + +`vsscratch` + +`vsepc` + +`vscause` + +`vstval` + +`vsip` + +`vsatp` +|Virtual supervisor status register. + +Virtual supervisor interrupt-enable register. + +Virtual supervisor trap handler base address. + +Virtual supervisor scratch register. + +Virtual supervisor exception program counter. + +Virtual supervisor trap cause. + +Virtual supervisor trap value. + +Virtual supervisor interrupt pending. + +Virtual supervisor address translation and protection. + +|=== + +<<< + +[[mcsrnames0]] +[.monocell] +.Currently allocated RISC-V machine-level CSR addresses. +[%autowidth,float="center",align="center",cols="<,<,<,<",options="header"] +|=== +|Number |Privilege |Name |Description +4+^|Machine Information Registers + +|`0xF11` + +`0xF12` + +`0xF13` + +`0xF14` + +`0xF15` +|MRO + +MRO + +MRO + +MRO + +MRO +|`mvendorid` + +`marchid` + +`mimpid` + +`mhartid` + +`mconfigptr` +|Vendor ID. + +Architecture ID. + +Implementation ID. + +Hardware thread ID. + +Pointer to configuration data structure. + +4+^|Machine Trap Setup + +|`0x300` + +`0x301` + +`0x302` + +`0x303` + +`0x304` + +`0x305` + +`0x306` + +`0x310` + +`0x312` +|MRW + +MRW + +MRW + +MRW + +MRW + +MRW + +MRW + +MRW + +MRW +|`mstatus` + +`misa` + +`medeleg` + +`mideleg` + +`mie` + +`mtvec` + +`mcounteren` + +`mstatush` + +`medelegh` +|Machine status register. + +ISA and extensions + +Machine exception delegation register. + +Machine interrupt delegation register. + +Machine interrupt-enable register. + +Machine trap-handler base address. + +Machine counter enable. + +Additional machine status register, RV32 only. + +Upper 32 bits of `medeleg`, RV32 only. + +4+^|Machine Trap Handling + +|`0x340` + +`0x341` + +`0x342` + +`0x343` + +`0x344` + +`0x34A` + +`0x34B` +|MRW + +MRW + +MRW + +MRW + +MRW + +MRW + +MRW +|`mscratch` + +`mepc` + +`mcause` + +`mtval` + +`mip` + +`mtinst` + +`mtval2` +|Machine scratch register. + +Machine exception program counter. + +Machine trap cause. + +Machine trap value. + +Machine interrupt pending. + +Machine trap instruction (transformed). + +Machine second trap value. + +4+^|Machine Configuration + +|`0x30A` + +`0x31A` + +`0x747` + +`0x757` +|MRW + +MRW + +MRW + +MRW +|`menvcfg` + +`menvcfgh` + +`mseccfg` + +`mseccfgh` +|Machine environment configuration register. + +Upper 32 bits of `menvcfg`, RV32 only. + +Machine security configuration register. + +Upper 32 bits of `mseccfg`, RV32 only. + +4+^|Machine Memory Protection + +|`0x3A0` + +`0x3A1` + +`0x3A2` + +`0x3A3` + +  + +`0x3AE` + +`0x3AF` + +`0x3B0` + +`0x3B1` + +  + +`0x3EF` +|MRW + +MRW + +MRW + +MRW + +  + +MRW + +MRW + +MRW + +MRW + +  + +MRW +|`pmpcfg0` + +`pmpcfg1` + +`pmpcfg2` + +`pmpcfg3` + +⋯ + +`pmpcfg14` + +`pmpcfg15` + +`pmpaddr0` + +`pmpaddr1` + +⋯ + +`pmpaddr63` +|Physical memory protection configuration. + +Physical memory protection configuration, RV32 only. + +Physical memory protection configuration. + +Physical memory protection configuration, RV32 only. + +  + +Physical memory protection configuration. + +Physical memory protection configuration, RV32 only. + +Physical memory protection address register. + +Physical memory protection address register. + +  + +Physical memory protection address register. + +4+^|Machine State Enable Registers +|`0x30C` + + `0x30D` + + `0x30E` + + `0x30F` + + `0x31C` + + `0x31D` + + `0x31E` + + `0x31F` +|MRW + + MRW + + MRW + + MRW + + MRW + + MRW + + MRW + + MRW +|`mstateen0` + + `mstateen1` + + `mstateen2` + + `mstateen3` + + `mstateen0h` + + `mstateen1h` + + `mstateen2h` + + `mstateen3h` +|Machine State Enable 0 Register. + + Machine State Enable 1 Register. + + Machine State Enable 2 Register. + + Machine State Enable 3 Register. + + Upper 32 bits of Machine State Enable 0 Register, RV32 only. + + Upper 32 bits of Machine State Enable 1 Register, RV32 only. + + Upper 32 bits of Machine State Enable 2 Register, RV32 only. + + Upper 32 bits of Machine State Enable 3 Register, RV32 only. +|=== + +<<< + +[[mcsrnames1]] +.Currently allocated RISC-V machine-level CSR addresses. +[%autowidth,float="center",align="center",cols="<,<,<,<",options="header"] +|=== +|Number |Privilege |Name |Description +4+^|Machine Non-Maskable Interrupt Handling + +|`0x740` + +`0x741` + +`0x742` + +`0x744` +|MRW + +MRW + +MRW + +MRW +|`mnscratch` + +`mnepc` + +`mncause` + +`mnstatus` +|Resumable NMI scratch register. + +Resumable NMI program counter. + +Resumable NMI cause. + +Resumable NMI status. + +4+^|Machine Counter/Timers + +|`0xB00` + +`0xB02` + +`0xB03` + +`0xB04` + +  + +`0xB1F` + +`0xB80` + +`0xB82` + +`0xB83` + +`0xB84` + +  + +`0xB9F` +|MRW + +MRW + +MRW + +MRW + +  + +MRW + +MRW + +MRW + +MRW + +MRW + +  + +MRW + +|`mcycle` + +`minstret` + +`mhpmcounter3` + +`mhpmcounter4` + +⋮ + +`mhpmcounter31` + +`mcycleh` + +`minstreth` + +`mhpmcounter3h` + +`mhpmcounter4h` + +⋮ +`mhpmcounter31h` +|Machine cycle counter. + +Machine instructions-retired counter. + +Machine performance-monitoring counter. + +Machine performance-monitoring counter. + +  + +Machine performance-monitoring counter. + +Upper 32 bits of `mcycle`, RV32 only. + +Upper 32 bits of `minstret`, RV32 only. + +Upper 32 bits of `mhpmcounter3`, RV32 only. + +Upper 32 bits of `mhpmcounter4`, RV32 only. + +  + +Upper 32 bits of `mhpmcounter31`, RV32 only. + +4+^|Machine Counter Setup + +|`0x320` + +`0x323` + +`0x324` + +  + +`0x33F` + +`0x723` + +`0x724` + +  + +`0x73F` +|MRW + +MRW + +MRW + +  + +MRW + +MRW + +MRW + +  + +MRW +|`mcountinhibit` + +`mhpmevent3` + +`mhpmevent4` + +⋮ + +`mhpmevent31` + +`mhpmevent3h` + +`mhpmevent4h` + +⋮ + +`mhpmevent31h` +|Machine counter-inhibit register. + +Machine performance-monitoring event selector. + +Machine performance-monitoring event selector. + +  + +Machine performance-monitoring event selector. + +Upper 32 bits of `mhpmevent3`, RV32 only. + +Upper 32 bits of `mhpmevent4`, RV32 only. + +  + +Upper 32 bits of `mhpmevent31`, RV32 only. + + +4+^|Debug/Trace Registers (shared with Debug Mode) + +|`0x7A0` + +`0x7A1` + +`0x7A2` + +`0x7A3` + +`0x7A8` +|MRW + +MRW + +MRW + +MRW + +MRW +|`tselect` + +`tdata1` + +`tdata2` + +`tdata3` + +`mcontext` + +|Debug/Trace trigger register select. + +First Debug/Trace trigger data register. + +Second Debug/Trace trigger data register. + +Third Debug/Trace trigger data register. + +Machine-mode context register. + +4+^|Debug Mode Registers + +|`0x7B0` + +`0x7B1` + +`0x7B2` + +`0x7B3` +|DRW + +DRW + +DRW + +DRW + +|`dcsr` + +`dpc` + +`dscratch0` + +`dscratch1` +|Debug control and status register. + +Debug program counter. + +Debug scratch register 0. + +Debug scratch register 1. +|=== + +=== CSR Field Specifications + +The following definitions and abbreviations are used in specifying the +behavior of fields within the CSRs. + +==== Reserved Writes Preserve Values, Reads Ignore Values (WPRI) + +Some whole read/write fields are reserved for future use. Software +should ignore the values read from these fields, and should preserve the +values held in these fields when writing values to other fields of the +same register. For forward compatibility, implementations that do not +furnish these fields must make them read-only zero. These fields are +labeled *WPRI* in the register descriptions. + +[NOTE] +==== +To simplify the software model, any backward-compatible future +definition of previously reserved fields within a CSR must cope with the +possibility that a non-atomic read/modify/write sequence is used to +update other fields in the CSR. Alternatively, the original CSR +definition must specify that subfields can only be updated atomically, +which may require a two-instruction clear bit/set bit sequence in +general that can be problematic if intermediate values are not legal. +==== + +==== Write/Read Only Legal Values (WLRL) + +Some read/write CSR fields specify behavior for only a subset of +possible bit encodings, with other bit encodings reserved. Software +should not write anything other than legal values to such a field, and +should not assume a read will return a legal value unless the last write +was of a legal value, or the register has not been written since another +operation (e.g., reset) set the register to a legal value. These fields +are labeled *WLRL* in the register descriptions. + +[NOTE] +==== +Hardware implementations need only implement enough state bits to +differentiate between the supported values, but must always return the +complete specified bit-encoding of any supported value when read. +==== + +ifdef::archi-default[] +Implementations are permitted but not required to raise an +illegal-instruction exception if an instruction attempts to write a +non-supported value to a *WLRL* field. Implementations can return arbitrary +bit patterns on the read of a *WLRL* field when the last write was of an +illegal value, but the value returned should deterministically depend on +the illegal written value and the value of the field prior to the write. +endif::[] + +ifdef::archi-CVA6[] +[CVA6] CVA6 does not raise an +illegal-instruction exception if an instruction attempts to write a +non-supported value to a *WLRL* field. CVA6 returns the last written +legal value on the read of a *WLRL* filed. +endif::[] + +==== Write Any Values, Reads Legal Values (WARL) + +Some read/write CSR fields are only defined for a subset of bit +encodings, but allow any value to be written while guaranteeing to +return a legal value whenever read. Assuming that writing the CSR has no +other side effects, the range of supported values can be determined by +attempting to write a desired setting then reading to see if the value +was retained. These fields are labeled *WARL* in the register descriptions. + +Implementations will not raise an exception on writes of unsupported +values to a *WARL* field. Implementations can return any legal value on the +read of a *WARL* field when the last write was of an illegal value, but the +legal value returned should deterministically depend on the illegal +written value and the architectural state of the hart. + +=== CSR Field Modulation + +If a write to one CSR changes the set of legal values allowed for a +field of a second CSR, then unless specified otherwise, the second CSR's +field immediately gets an `UNSPECIFIED` value from among its new legal values. This +is true even if the field's value before the write remains legal after +the write; the value of the field may be changed in consequence of the +write to the controlling CSR. + +[NOTE] +==== +As a special case of this rule, the value written to one CSR may control +whether a field of a second CSR is writable (with multiple legal values) +or is read-only. When a write to the controlling CSR causes the second +CSR's field to change from previously read-only to now writable, that +field immediately gets an `UNSPECIFIED` but legal value, unless specified otherwise. + +*** +Some CSR fields are, when writable, defined as aliases of other CSR +fields. Let _x_ be such a CSR field, and let _y_ be the CSR field it aliases when writable. If a write to a controlling CSR causes field _x_ to change from previously read-only to now writable, the new value of _x_ is not `UNSPECIFIED` but instead immediately reflects the existing value of its alias _y_, as required. +==== + +A change to the value of a CSR for this reason is not a write to the +affected CSR and thus does not trigger any side effects specified for +that CSR. + +=== Implicit Reads of CSRs + +Implementations sometimes perform _implicit_ reads of CSRs. (For +example, all S-mode instruction fetches implicitly read the `satp` CSR.) +Unless otherwise specified, the value returned by an implicit read of a +CSR is the same value that would have been returned by an explicit read +of the CSR, using a CSR-access instruction in a sufficient privilege +mode. + +[[csrwidthmodulation]] +=== CSR Width Modulation + +If the width of a CSR is changed (for example, by changing SXLEN or +UXLEN, as described in <>), the +values of the _writable_ fields and bits of the new-width CSR are, +unless specified otherwise, determined from the previous-width CSR as +though by this algorithm: + +. The value of the previous-width CSR is copied to a temporary register +of the same width. +. For the read-only bits of the previous-width CSR, the bits at the same +positions in the temporary register are set to zeros. +. The width of the temporary register is changed to the new width. If +the new width _W_ is narrower than the previous width, the +least-significant _W_ bits of the temporary register are +retained and the more-significant bits are discarded. If the new width +is wider than the previous width, the temporary register is +zero-extended to the wider width. +. Each writable field of the new-width CSR takes the value of the bits +at the same positions in the temporary register. + +Changing the width of a CSR is not a read or write of the CSR and thus +does not trigger any side effects. + +=== Explicit Accesses to CSRs Wider than XLEN + +If a standard CSR is wider than XLEN bits, then an explicit read +of the CSR returns the register's least-significant XLEN bits, +and an explicit write to the CSR modifies only the register's +least-significant XLEN bits, leaving the upper bits unchanged. + +Some standard CSRs, such as the counter CSRs of extension +Zicntr, are always 64 bits, even when XLEN=32 (RV32). +For each such 64-bit CSR (for example, counter `time`), +a corresponding 32-bit _high-half CSR_ is usually defined with +the same name but with the letter '`h`' appended at the end (`timeh`). +The high-half CSR aliases bits 63:32 of its namesake +64-bit CSR, thus providing a way for RV32 software +to read and modify the otherwise-unreachable 32 bits. + +Standard high-half CSRs are accessible only when +the base RISC-V instruction set is RV32 (XLEN=32). +For RV64 (when XLEN=64), the addresses of all standard high-half CSRs +are reserved, so an attempt to access a high-half CSR +typically raises an illegal-instruction exception. diff --git a/docs/riscv-isa/src/priv-preface.adoc b/docs/riscv-isa/src/priv-preface.adoc index c971911fb..38dc7ce81 100644 --- a/docs/riscv-isa/src/priv-preface.adoc +++ b/docs/riscv-isa/src/priv-preface.adoc @@ -6,6 +6,98 @@ This document describes the RISC-V privileged architecture tailored for OpenHW Group {ohg-config}. +[.big]*_Preface to Version 20241101_* + +This document describes the RISC-V privileged architecture. This +release, version 20241101, contains the following versions of the RISC-V ISA +modules: + +[%autowidth,float="center",align="center",cols="^,<,^",options="header",] +|=== +|Module |Version |Status +|_Machine ISA_ + +*Smstateen Extension* + +*Smcsrind/Sscsrind Extension* + +*Smepmp Extension* + +*Smcntrpmf Extension* + +*Smrnmi Extension* + +*Smcdeleg Extension* + +*Smdbltrp Extension* + +_Supervisor ISA_ + +*Svade Extension* + +*Svnapot Extension* + +*Svpbmt Extension* + +*Svinval Extension* + +*Svadu Extension* + +*Sstc Extension* + +*Sscofpmf Extension* + +*Ssdbltrp Extension* + +*Ssqosid Extension* + +*Hypervisor ISA* + +*Shlcofideleg Extension* + +*Svvptc Extension* + +|_1.14_ + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +_1.14_ + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +*1.0* + +|_Draft_ + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +_Draft_ + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* + +*Ratified* +|=== + +The following changes have been made since version 1.13 of the Machine and +Supervisor ISAs, which, while not strictly backwards compatible, are not +anticipated to cause software portability problems in practice: + +* (None yet) + +Additionally, the following compatible changes have been +made to the Machine and Supervisor ISAs since version 1.13: + +* Defined the `mstateen0` P1P14 field. + +Finally, the following clarifications and document improvements have been made +since the last document release: + +* (None yet) + [.big]*_Preface to Version 20241017_* This document describes the RISC-V privileged architecture. This diff --git a/docs/riscv-isa/src/riscv-privileged.adoc b/docs/riscv-isa/src/riscv-privileged.adoc index bc8d53217..07b28a33b 100644 --- a/docs/riscv-isa/src/riscv-privileged.adoc +++ b/docs/riscv-isa/src/riscv-privileged.adoc @@ -4,8 +4,8 @@ include::config.adoc[] = The RISC-V Instruction Set Manual for {ohg-config}: Volume II: Privileged Architecture include::../docs-resources/global-config.adoc[] :description: Volume II - Privileged Architecture -:revnumber: 20241017 -:revremark: This document is in Ratified state. +:revnumber: 20241101 +//:revremark: This document is in Ratified state. //development: assume everything can change //stable: assume everything could change //frozen: of you implement this version you assume the risk that something might change because of the public review cycle but we expect little to no change. @@ -22,7 +22,7 @@ include::../docs-resources/global-config.adoc[] // Settings: :experimental: :reproducible: -:imagesoutdir: images +:imagesoutdir: {docdir}/../build/images-out :bibtex-file: src/resources/riscv-spec.bib :bibtex-order: alphabetical :bibtex-style: apa @@ -100,6 +100,7 @@ include::smcntrpmf.adoc[] include::rnmi.adoc[] include::smcdeleg.adoc[] include::smdbltrp.adoc[] +include::smctr.adoc[] include::supervisor.adoc[] include::sstc.adoc[] include::sscofpmf.adoc[] diff --git a/docs/riscv-isa/src/riscv-unprivileged.adoc b/docs/riscv-isa/src/riscv-unprivileged.adoc index c9c5bb886..01e7c3770 100644 --- a/docs/riscv-isa/src/riscv-unprivileged.adoc +++ b/docs/riscv-isa/src/riscv-unprivileged.adoc @@ -4,7 +4,7 @@ include::config.adoc[] = The RISC-V Instruction Set Manual for {ohg-config}: Volume I - Unprivileged Architecture include::../docs-resources/global-config.adoc[] :description: Unprivileged Architecture -:revnumber: 20241017 +:revnumber: 20241101 //:revremark: Pre-release version :colophon: :preface-title: Preamble @@ -19,7 +19,7 @@ include::../docs-resources/global-config.adoc[] // Settings: :experimental: :reproducible: -:imagesoutdir: images +:imagesoutdir: {docdir}/../build/images-out :bibtex-file: src/resources/riscv-spec.bib :bibtex-order: alphabetical :bibtex-style: apa diff --git a/docs/riscv-isa/src/rv-32-64g.adoc b/docs/riscv-isa/src/rv-32-64g.adoc index b23abfab4..4f2e8f262 100644 --- a/docs/riscv-isa/src/rv-32-64g.adoc +++ b/docs/riscv-isa/src/rv-32-64g.adoc @@ -16,6 +16,39 @@ ifdef::archi-CVA6[] listings for {ohg-config}. endif::[] +ifeval::[{RVA} == true] +:AMO: AMO +endif::[] +ifeval::[{RVA} == false] +:AMO: not used +endif::[] +ifeval::[{RVF} == true] +:LOAD-FP: LOAD-FP +:STORE-FP: STORE-FP +:MADD: MADD +:MSUB: MSUB +:NMSUB: NMSUB +:NMADD: NMADD +:OP-FP: OP-FP +endif::[] +ifeval::[{RVF} == false] +:LOAD-FP: _not-used_ +:STORE-FP: not used +:MADD: not used +:MSUB: not used +:NMSUB: not used +:NMADD: not used +:OP-FP: not used +endif::[] +ifeval::[{RVV} == true] +:OP-V: OP-V +:OP-VE: OP-VE +endif::[] +ifeval::[{RVV} == false] +:OP-V: not used +:OP-VE: not used +endif::[] + // note: ≥ is unicode for >= [[opcodemap]] .RISC-V base opcode map, inst[1:0]=11 @@ -23,10 +56,10 @@ endif::[] |=== |inst[4:2] .2+|000 .2+|001 .2+|010 .2+|011 .2+|100 .2+|101 .2+|110 .2+|111 (>32b) |inst[6:5] -|00 |LOAD |LOAD-FP |_custom-0_ |MISC-MEM |OP-IMM |AUIPC |OP-IMM-32 |48b -|01 |STORE |STORE-FP |_custom-1_ |AMO |OP |LUI |OP-32 |64b -|10 |MADD |MSUB |NMSUB |NMADD |OP-FP |OP-V |_custom-2/rv128_|48b -|11 |BRANCH |JALR |_reserved_ |JAL |SYSTEM |OP-VE |_custom-3/rv128_|≥80b +|00 |LOAD |{LOAD-FP}|_custom-0_ |MISC-MEM |OP-IMM |AUIPC |OP-IMM-32 |48b +|01 |STORE |{STORE-FP}|_custom-1_|{AMO} |OP |LUI |OP-32 |64b +|10 |{MADD} |{MSUB} |{NMSUB} |{NMADD} |{OP-FP}|{OP-V} |_custom-2/rv128_|48b +|11 |BRANCH |JALR |_reserved_ |JAL |SYSTEM |{OP-VE} |_custom-3/rv128_|≥80b |=== <> shows a map of the major opcodes for diff --git a/docs/riscv-isa/src/rv64.adoc b/docs/riscv-isa/src/rv64.adoc index 38c52e66c..06d844396 100644 --- a/docs/riscv-isa/src/rv64.adoc +++ b/docs/riscv-isa/src/rv64.adoc @@ -205,6 +205,10 @@ no standard HINTs will ever be defined in this subspace. (_rs2_=_x4_) NTL.S1 + (_rs2_=_x5_) NTL.ALL +|SLLI |_rd_=`x0`, _rs1_=`x0`, _shamt_=31 |1|Semihosting entry marker + +|SRAI |_rd_=`x0`, _rs1_=`x0`, _shamt_=7 |1|Semihosting exit marker + |SUB |_rd_=_x0_ |latexmath:[$2^{10}$] .16+.^| _Designated for future standard use_ |AND |_rd_=_x0_ |latexmath:[$2^{10}$] @@ -243,11 +247,11 @@ no standard HINTs will ever be defined in this subspace. |SLTIU |_rd_=_x0_ |latexmath:[$2^{17}$] -|SLLI |_rd_=_x0_ |latexmath:[$2^{11}$] +|SLLI |_rd_=`x0`, and either _rs1_≠``x0`` or _shamt_≠31 |latexmath:[$2^{11}-1$] -|SRLI |_rd_=_x0_ |latexmath:[$2^{11}$] +|SRLI |_rd_=`x0` |latexmath:[$2^{11}$] -|SRAI |_rd_=_x0_ |latexmath:[$2^{11}$] +|SRAI |_rd_=`x0`, and either _rs1_≠``x0`` or _shamt_≠7 |latexmath:[$2^{11}-1$] |SLLIW |_rd_=_x0_ |latexmath:[$2^{10}$] diff --git a/docs/riscv-isa/src/scalar-crypto.adoc b/docs/riscv-isa/src/scalar-crypto.adoc index a62f39cac..32f1bd463 100644 --- a/docs/riscv-isa/src/scalar-crypto.adoc +++ b/docs/riscv-isa/src/scalar-crypto.adoc @@ -1,4 +1,4 @@ -[[scalar-crypto]] +[[crypto_scalar_instructions]] == Cryptography Extensions: Scalar & Entropy Source Instructions, Version 1.0.1 ifeval::[{RVZk} == false] diff --git a/docs/riscv-isa/src/smctr.adoc b/docs/riscv-isa/src/smctr.adoc new file mode 100644 index 000000000..36407608d --- /dev/null +++ b/docs/riscv-isa/src/smctr.adoc @@ -0,0 +1,7 @@ +[[smctr]] + +== "Smctr" Control Transfer Records Extension, Version 1.0 + +ifeval::[{RVZsmctr} == false] +{ohg-config}: This extension is not supported. +endif::[] diff --git a/docs/riscv-isa/src/supervisor.adoc b/docs/riscv-isa/src/supervisor.adoc index 697cbf541..cbb545405 100644 --- a/docs/riscv-isa/src/supervisor.adoc +++ b/docs/riscv-isa/src/supervisor.adoc @@ -45,7 +45,7 @@ supervisor-level CSR descriptions. endif::[] [[sstatus]] -==== Supervisor Status (`sstatus`) Register +==== Supervisor Status (`sstatus`) Register ifdef::archi-default[] The `sstatus` register is an SXLEN-bit read/write register formatted as @@ -360,7 +360,7 @@ ifndef::archi-default,RVZssdbltrp-true[] SDT field is read-only 0. endif::[] -==== Supervisor Trap Vector Base Address (`stvec`) Register +==== Supervisor Trap Vector Base Address (`stvec`) Register The `stvec` register is an SXLEN-bit read/write register that holds trap vector configuration, consisting of a vector base address (BASE) and a @@ -382,7 +382,7 @@ field. |Value |Name |Description |0 + 1 + -≥2 +≥2 |Direct + Vectored |All exceptions set `pc` to BASE. + @@ -401,7 +401,7 @@ supervisor-mode timer interrupt (see <>) causes the `pc` to be set to BASE+`0x14`. Setting MODE=Vectored may impose a stricter alignment constraint on BASE. -==== Supervisor Interrupt (`sip` and `sie`) Registers +==== Supervisor Interrupt (`sip` and `sie`) Registers The `sip` register is an SXLEN-bit read/write register containing information on pending interrupts, while `sie` is the corresponding @@ -528,7 +528,7 @@ the counter values. The implementation must provide a facility for scheduling timer interrupts in terms of the real-time counter, `time`. -==== Counter-Enable (`scounteren`) Register +==== Counter-Enable (`scounteren`) Register .Counter-enable (`scounteren`) register include::images/bytefield/scounteren.edn[] @@ -560,13 +560,15 @@ access a counter if the corresponding bits in `scounteren` and ==== endif::[] -==== Supervisor Scratch (`sscratch`) Register +==== Supervisor Scratch (`sscratch`) Register The `sscratch` CSR is an SXLEN-bit read/write register, dedicated for use by the supervisor. Typically, `sscratch` is used to hold a pointer to the hart-local supervisor context while the hart is executing -user code. At the beginning of a trap handler, `sscratch` is swapped -with a user register to provide an initial working register. +user code. +At the beginning of a trap handler, software normally uses a CSRRW +instruction to swap `sscratch` with an integer register to obtain an +initial working register. .Supervisor Scratch Register include::images/bytefield/sscratch.edn[] @@ -600,7 +602,7 @@ though it may be explicitly written by software. include::images/bytefield/epcreg.edn[] [[scause]] -==== Supervisor Cause (`scause`) Register +==== Supervisor Cause (`scause`) Register The `scause` CSR is an SXLEN-bit read-write register formatted as shown in <>. When a trap is taken into @@ -654,7 +656,7 @@ Supervisor external interrupt + _Reserved_ + Counter-overflow interrupt + _Reserved_ + -_Designated for platform use_ +_Designated for platform use_ |0 + 0 + @@ -721,7 +723,7 @@ _Reserved_ + _Designated for custom use_ + _Reserved_ + _Designated for custom use_ + -_Reserved_ +_Reserved_ |=== ==== Supervisor Trap Value (`stval`) Register @@ -795,7 +797,7 @@ ifndef::archi-default,MTvalEn-true[] endif::[] [[sec:senvcfg]] -==== Supervisor Environment Configuration (`senvcfg`) Register +==== Supervisor Environment Configuration (`senvcfg`) Register The `senvcfg` CSR is an SXLEN-bit read/write register, formatted as shown in <>, that controls certain @@ -1736,14 +1738,24 @@ A virtual address _va_ is translated into a physical address _pa_ as follows: . Let _a_ be ``satp``.__ppn__×PAGESIZE, and let __i__=LEVELS-1. (For Sv32, PAGESIZE=2^12^ and LEVELS=2.) The `satp` register must be _active_, i.e., the effective privilege mode must be S-mode or U-mode. + . Let _pte_ be the value of the PTE at address __a__+__va__.__vpn__[__i__]×PTESIZE. (For Sv32, PTESIZE=4.) If accessing _pte_ violates a PMA or PMP check, raise an access-fault exception corresponding to the original access type. + . If _pte_._v_=0, or if _pte_._r_=0 and _pte_._w_=1, or if any bits or encodings that are reserved for future standard use are set within _pte_, stop and raise a page-fault exception corresponding to the original access type. + . Otherwise, the PTE is valid. If __pte__.__r__=1 or __pte__.__x__=1, go to step 5. Otherwise, this PTE is a pointer to the next level of the page table. Let __i=i__-1. If __i__<0, stop and raise a page-fault exception corresponding to the original access type. Otherwise, let __a__=__pte__.__ppn__×PAGESIZE and go to step 2. -. A leaf PTE has been found. Determine if the requested memory access is -allowed by the _pte_._r_, _pte_._w_, _pte_._x_, and _pte_._u_ bits, given the current privilege mode and the value of the SUM and MXR fields of the `mstatus` register. If not, stop and raise a page-fault exception corresponding to the original access type. -. If _i>0_ and _pte_._ppn_[__i__-1:0] ≠ 0, this is a misaligned superpage; stop and raise a page-fault exception corresponding to the original access type. + +. A leaf PTE has been reached. If _i>0_ and _pte_._ppn_[__i__-1:0] ≠ 0, this is a misaligned superpage; stop and raise a page-fault exception corresponding to the original access type. + +. Determine if the requested memory access is allowed by the _pte_._u_ bit, given the current privilege mode and the value of the SUM and MXR fields of the *mstatus* register. If not, stop and raise a page-fault exception corresponding to the original access type. + +. Determine if the requested memory access is allowed by the _pte_._r_, _pte_._w_, and _pte_._x_ bits, given the Shadow Stack Memory Protection rules. If not, stop and raise an access-fault exception. + +. Determine if the requested memory access is allowed by the _pte_._r_, _pte_._w_, and _pte_._x_ bits. If not, stop and raise a page-fault exception corresponding to the original access type. + . If _pte_._a_=0, or if the original memory access is a store and _pte_._d_=0: + * If the Svade extension is implemented, stop and raise a page-fault exception corresponding to the original access type. * If a store to _pte_ would violate a PMA or PMP check, raise an access-fault exception corresponding to the original access @@ -1753,6 +1765,7 @@ type. ** If the values match, set _pte_._a_ to 1 and, if the original memory access is a store, also set _pte_._d_ to 1. ** If the comparison fails, return to step 2. + . The translation is successful. The translated physical address is given as follows: * _pa.pgoff_ = _va.pgoff_. @@ -2224,7 +2237,7 @@ __vpn__[__i__][__pte__.__napot_bits__-1:0]. If the encoding in _pte_ is reserved <>, then a page-fault exception must be raised. * Implicit reads of NAPOT page table entries may create address-translation cache entries mapping -_a_ + _j_×PTESIZE to a copy of _pte_ in which _pte_._ppn_[_i_][_pte_.__napot_bits__-1:0] +_a_ + _j_×PTESIZE to a copy of _pte_ in which _pte_._ppn_[_i_][_pte_.__napot_bits__-1:0] is replaced by _vpn[i][pte.napot_bits_-1:0], for any or all _j_ such that __j__ >> __napot_bits__ = __vpn__[__i__] >> __napot_bits__, all for the address space identified in _satp_ as loaded by step 1. endif::[] @@ -2322,7 +2335,7 @@ __ 1 + 2 + ... -|=== +|=== In such a case, an implementation may or may not support all options. The discoverability mechanism for this extension would be extended to @@ -2625,8 +2638,7 @@ coherent with store instructions that modify PTEs. ==== endif::[] -//// -[[sec:ssqosid]] +[[ssqosid]] == "Ssqosid" Extension for Quality-of-Service (QoS) Identifiers, Version 1.0 Quality of Service (QoS) is defined as the minimal end-to-end performance @@ -2708,11 +2720,11 @@ modes of software execution on that hart by default, but this behavior may be overridden by future extensions. If extension Smstateen is implemented together with Ssqosid, then Ssqosid also -requires the bit 55 in `mstateen0` introduced by Priv 1.14 to be implemented. If -bit 55 of `mstateen0` is 0, attempts to access `srmcfg` in privilege modes less -privileged than M-mode raise an illegal-instruction exception. If bit 55 of -`mstateen0` is 1 or if extension Smstateen is not implemented, attempts to -access `srmcfg` when `V=1` raise a virtual-instruction exception. +requires the P1P14 bit in `mstateen0` to be implemented. +If P1P14 of `mstateen0` is 0, attempts to access `srmcfg` in privilege modes +less privileged than M-mode raise an illegal-instruction exception. +If P1P14 bit of `mstateen0` is 1 or if extension Smstateen is not implemented, +attempts to access `srmcfg` when `V=1` raise a virtual-instruction exception. [NOTE] ==== @@ -2748,6 +2760,4 @@ the new context, it switches to the new VM's `srmcfg`. The supervisor can also use a separate configuration for execution not to be attributed to either contexts. ==== -//// - endif::[] diff --git a/docs/riscv-isa/src/zimop.adoc b/docs/riscv-isa/src/zimop.adoc index b66c83641..98ba3b2a0 100644 --- a/docs/riscv-isa/src/zimop.adoc +++ b/docs/riscv-isa/src/zimop.adoc @@ -7,6 +7,6 @@ endif::[] === "Zcmop" Compressed May-Be-Operations Extension, Version 1.0 -ifeval::[{RVZimop} == false] +ifeval::[{RVZcmop} == false] {ohg-config}: This extension is not supported. endif::[] diff --git a/docs/scripts/spec_builder.py b/docs/scripts/spec_builder.py index b76e0fd75..261e2d243 100755 --- a/docs/scripts/spec_builder.py +++ b/docs/scripts/spec_builder.py @@ -51,13 +51,24 @@ DEFAULT_PARAMS = { 'RVZabha': False, 'RVZacas': False, 'RVZawrs': False, + 'RVZcmop': False, 'RVZfa': False, 'RVZfbf-RZvfbf': False, 'RVZfh': False, 'RVZfinx': False, 'RVZicbo': False, 'RVZicfilp': False, + 'RVZifencei': False, + 'RVZihintntl': False, + 'RVZihintpause': False, + 'RVZimop': False, + 'RVZk': False, 'RVZpm': False, + 'RVZsmcdeleg': False, + 'RVZsmcntrpmf': False, + 'RVZsmcsrind-RVZsscsrind': False, + 'RVZsmctr': False, + 'RVZsmdbltrp': False, 'RVZsmepmp': False, 'RVZsmmpm': False, 'RVZsmrnmi': False, @@ -180,6 +191,7 @@ def main(): file.append("../core/cva6.sv") file.append("../core/frontend/frontend.sv") file.append("../core/frontend/bht.sv") + file.append("../core/frontend/bht2lvl.sv") file.append("../core/frontend/btb.sv") file.append("../core/frontend/ras.sv") file.append("../core/frontend/instr_queue.sv") diff --git a/perf-model/README.md b/perf-model/README.md new file mode 100644 index 000000000..77ba8575a --- /dev/null +++ b/perf-model/README.md @@ -0,0 +1,79 @@ +# CVA6 cycle-accurate performance model + +This repository contains a cycle-accurate performance model of CVA6 control-path. + +It was developed to explore microarchitecture changes in CVA6 before implementing them. + +To cite this model, please head to the end of this document. + + +## Getting started + +### Adapt RVFI trace generation + +The regular expression expects the cycle number to be in the RVFI trace. +The value is not used by the model but it is used to compare the model and CVA6. + +To emit cycle number in RVFI trace, modify `corev_apu/tb/rvfi_tracer.sv` in CVA6 repository as below. + +```diff +- $fwrite(f, "core 0: 0x%h (0x%h) DASM(%h)\n", +- pc64, rvfi_i[i].insn, rvfi_i[i].insn); ++ $fwrite(f, "core 0: 0x%h (0x%h) @%d DASM(%h)\n", ++ pc64, rvfi_i[i].insn, cycles, rvfi_i[i].insn); +``` + + +### Generate an RVFI trace + +To generate an RVFI trace, follow the instructions in the CVA6 repository to run a simulation. +The RVFI trace will be in `verif/sim/out_//.log`. + + +### Running the model + +```bash +python3 model.py verif/sim/out_//.log +``` + + +### Exploring design space + +In `model.py`, the `main` function runs the model with arguments which override default values. +Generic parameters are available in `Model.__init__`. +You can add new parameters to explore here. + +To perform exploration, run the model in a loop, like `issue_commit_graph` does. +The `display_scores` function is meant to print a 3D plot if you have `matplotlib`. +`issue_commit_graph` prints the scores so that you can store it and display the figure without re-running the model. + + +## Files + +| Name | Description | +| :--- | :--- | +| `cycle_diff.py` | Calculates duration of each instruction in an RVFI trace | +| `isa.py` | Module to create Python objects from RISC-V instructions | +| `model.py` | The CVA6 performance model | + + +## Citing + +```bibtex +@inproceedings{cf24, + author = {Allart, C\^{o}me and Coulon, Jean-Roch and Sintzoff, Andr\'{e} and Potin, Olivier and Rigaud, Jean-Baptiste}, + title = {Using a Performance Model to Implement a Superscalar CVA6}, + year = {2024}, + isbn = {9798400704925}, + publisher = {Association for Computing Machinery}, + url = {https://doi.org/10.1145/3637543.3652871}, + doi = {10.1145/3637543.3652871}, + abstract = {A performance model of CVA6 RISC-V processor is built to evaluate performance-related modifications before implementing them in RTL. Its accuracy is 99.2\% on CoreMark. This model is used to evaluate a superscalar feature for CVA6. During design phase, the model helped detecting and fixing performance bugs. The superscalar feature resulted in a CVA6 performance improvement of 40\% on CoreMark.}, + booktitle = {Proceedings of the 21st ACM International Conference on Computing Frontiers: Workshops and Special Sessions}, + pages = {43–46}, + numpages = {4}, + keywords = {CVA6, Cycle-Based Model, Multi-Issue, Performance, RISC-V, Superscalar}, + location = {Ischia, Italy}, + series = {CF '24 Companion} +} +``` diff --git a/perf-model/cycle_diff.py b/perf-model/cycle_diff.py new file mode 100644 index 000000000..f9b67bd4c --- /dev/null +++ b/perf-model/cycle_diff.py @@ -0,0 +1,80 @@ +# Copyright 2024 Thales Silicon Security +# +# Licensed under the Solderpad Hardware Licence, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0 +# You may obtain a copy of the License at https://solderpad.org/licenses/ +# +# Original Author: Côme ALLART - Thales + +import re +import sys + +re_csrr_minstret = re.compile(r"^csrr\s+\w+,\s*minstret$") +re_full = re.compile( + r"([a-z]+)\s+0:\s*0x00000000([0-9a-f]+)\s*\(([0-9a-fx]+)\)\s*(\S*)@\s*([0-9]+)\s*(.*)" +) + +class Trace: + def __init__(self, addr, cycle, mnemo, flags): + self.addr = addr + self.cycle = cycle + self.mnemo = mnemo + self.flags = flags + self.delta = None + + def report(self): + """True if the instruction is a loading instruction""" + return f"+{self.delta} {self.flags} 0x{self.addr}: {self.mnemo}" + +def print_data(name, value): + "Prints 'name = data' with alignment of the '='" + spaces = ' ' * (24 - len(name)) + print(f"{name}{spaces} = {value}") + +def read_traces(input_file): + "Collect stage traces from file" + l = [] + def filter_add(trace): + if not hasattr(filter_add, "accepting"): + filter_add.accepting = False + if re_csrr_minstret.search(trace.mnemo): + filter_add.accepting = not filter_add.accepting + return + if filter_add.accepting: + l.append(trace) + with open(input_file, "r", encoding="utf8") as f: + for line in [l.strip() for l in f]: + found = re_full.search(line) + if found: + addr = found.group(2) + flags = found.group(4) + cycle = int(found.group(5)) + mnemo = found.group(6) + filter_add(Trace(addr, cycle, mnemo, flags)) + #l.append(Trace(addr, cycle, mnemo, flags)) + return l + +def write_traces(outfile, traces): + "Write all instructions to output file" + print("output file:", outfile) + with open(outfile, "w", encoding="utf8") as f: + for trace in traces: + f.write(trace.report() + "\n") + +def main(input_file: str): + "Main function" + traces = read_traces(input_file) + cycle = traces[0].cycle + cycle_number = traces[-1].cycle - cycle + 1 + for trace in traces: + trace.delta = trace.cycle - cycle + cycle = trace.cycle + print_data("cycle number", cycle_number) + print_data("Coremark/MHz", 1000000 / cycle_number) + print_data("instruction number", len(traces)) + print_data("IPC", len(traces) / cycle_number) + write_traces("traceout.log", traces) + +if __name__ == "__main__": + main(sys.argv[1]) diff --git a/perf-model/isa.py b/perf-model/isa.py new file mode 100644 index 000000000..90cd772a4 --- /dev/null +++ b/perf-model/isa.py @@ -0,0 +1,574 @@ +# Copyright 2024 Thales Silicon Security +# +# Licensed under the Solderpad Hardware Licence, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0 +# You may obtain a copy of the License at https://solderpad.org/licenses/ +# +# Original Author: Côme ALLART - Thales + +""" +Represents the instruction set +""" + +from dataclasses import dataclass + +class Reg: + """Constants to represent registers""" + # ABI names + zero = 0 + ra = 1 + sp = 2 + gp = 3 + tp = 4 + t0 = 5 + t1 = 6 + t2 = 7 + s0 = 8 + fp = 8 + s1 = 9 + a0 = 10 + a1 = 11 + a2 = 12 + a3 = 13 + a4 = 14 + a5 = 15 + a6 = 16 + a7 = 17 + s2 = 18 + s3 = 19 + s4 = 20 + s5 = 21 + s6 = 22 + s7 = 23 + s8 = 24 + s9 = 25 + s10 = 26 + s11 = 27 + t3 = 28 + t4 = 29 + t5 = 30 + t6 = 31 + # Register names + x0 = 0 + x1 = 1 + x2 = 2 + x3 = 3 + x4 = 4 + x5 = 5 + x6 = 6 + x7 = 7 + x8 = 8 + x9 = 9 + x10 = 10 + x11 = 11 + x12 = 12 + x13 = 13 + x14 = 14 + x15 = 15 + x16 = 16 + x17 = 17 + x18 = 18 + x19 = 19 + x20 = 20 + x21 = 21 + x22 = 22 + x23 = 23 + x24 = 24 + x25 = 25 + x26 = 26 + x27 = 27 + x28 = 28 + x29 = 29 + x30 = 30 + x31 = 31 + +def sign_ext(imm, index, xlen=32): + """ + Sign extends a value + imm: value to sign extend + index: index of the sign bit of the value + len: target len for sign extended value + """ + imm_bits = index + 1 + assert (imm >> imm_bits) == 0 + neg = imm >> index + sext_bits = xlen - imm_bits + sext_ones = (1 << sext_bits) - 1 + sext = neg * sext_ones << imm_bits + return sext | imm + +@dataclass +class AddrFields: + """Represents the data used to build a memory address""" + base_reg: int + offset: int + +class Rtype: + """R-type instructions""" + def __init__(self, instr): + self.funct7 = instr.bin >> 25 + self.rs2 = (instr.bin >> 20) & 31 + self.rs1 = (instr.bin >> 15) & 31 + self.funct3 = (instr.bin >> 12) & 7 + self.rd = (instr.bin >> 7) & 31 + self.opcode = instr.bin & 63 + +class Itype: + """I-type instructions""" + def __init__(self, instr): + self.rs1 = (instr.bin >> 15) & 31 + self.funct3 = (instr.bin >> 12) & 7 + self.rd = (instr.bin >> 7) & 31 + self.opcode = instr.bin & 63 + self.imm = sign_ext(instr.bin >> 20, 11) + +class Stype: + """S-type instructions""" + def __init__(self, instr): + self.rs2 = (instr.bin >> 20) & 31 + self.rs1 = (instr.bin >> 15) & 31 + self.funct3 = (instr.bin >> 12) & 7 + self.opcode = instr.bin & 63 + self.imm = sign_ext( + ((instr.bin >> 25) << 5) \ + | ((instr.bin >> 7) & 31) + , 11) + +class Btype: + """B-type instructions""" + def __init__(self, instr): + self.rs2 = (instr.bin >> 20) & 31 + self.rs1 = (instr.bin >> 15) & 31 + self.funct3 = (instr.bin >> 12) & 7 + self.opcode = instr.bin & 63 + self.imm = sign_ext( + ((instr.bin >> 31) << 12) \ + | (((instr.bin >> 7) & 1) << 11) \ + | (((instr.bin >> 25) & 0x3f) << 5) \ + | (((instr.bin >> 8) & 15) << 1) + , 12) + +class Utype: + """U-type instructions""" + def __init__(self, instr): + self.imm_31_12 = instr.bin >> 12 + self.imm_4_0 = (instr.bin >> 7) & 31 + self.rd = (instr.bin >> 7) & 31 + self.opcode = instr.bin & 63 + self.imm = self.imm_31_12 << 12 + +class Jtype: + """J-type instructions""" + def __init__(self, instr): + self.rd = (instr.bin >> 7) & 31 + self.opcode = instr.bin & 63 + self.imm = sign_ext( + ((instr.bin >> 31) << 20) \ + | (((instr.bin >> 12) & 0xff) << 12) \ + | (((instr.bin >> 20) & 1) << 11) \ + | (((instr.bin >> 21) & 0x3ff) << 1) + , 20) + +class MOItype: + """Memory ordering instructions""" + def __init__(self, instr): + self.fm = instr.bin >> 28 + self.PI = (instr.bin >> 27) & 1 + self.PO = (instr.bin >> 26) & 1 + self.PR = (instr.bin >> 25) & 1 + self.PW = (instr.bin >> 24) & 1 + self.SI = (instr.bin >> 23) & 1 + self.SO = (instr.bin >> 22) & 1 + self.SR = (instr.bin >> 21) & 1 + self.SW = (instr.bin >> 20) & 1 + self.rs1 = (instr.bin >> 15) & 31 + self.funct3 = (instr.bin >> 12) & 7 + self.rd = (instr.bin >> 7) & 31 + self.opcode = instr.bin & 63 + +class CRtype: + """Compressed register""" + def __init__(self, instr): + self.funct4 = instr.bin >> 12 + r = (instr.bin >> 7) & 31 + self.rs2 = (instr.bin >> 2) & 31 + self.op = instr.bin & 3 + self.rs1 = r + base = instr.base() + if base == 'C.J[AL]R/C.MV/C.ADD': + if self.funct4 & 1: + if self.rs2 == 0: + if r == 0: + base = 'C.EBREAK' + else: + base = 'C.JALR' + else: + base = 'C.ADD' + else: + if self.rs2 == 0: + base = 'C.JR' + else: + base = 'C.MV' + if base in CRtype.regreg: + self.rd = r + self.name = base + + control = ['C.JR', 'C.JALR'] + regreg = ['C.MV', 'C.ADD'] + +class CItype: + """Compressed immediate""" + def __init__(self, instr): + self.funct3 = instr.bin >> 13 + r = (instr.bin >> 7) & 31 + self.op = instr.bin & 3 + base = instr.base() + if base == 'C.LUI/C.ADDI16SP': + if r == Reg.sp: + base = 'C.ADDI16SP' + else: + base = 'C.LUI' + if base in CItype.SPload + CItype.constgen: + self.rd = r + if base in CItype.SPload: + self.rs1 = Reg.sp + self.offset = CItype.offset[base](instr.bin) + # zero-extended offset + if base == 'C.LI': + self.imm = sign_ext(CItype.imm(instr.bin), 5) + if base == 'C.LUI': + self.nzimm = sign_ext(CItype.imm(instr.bin) << 12, 17) + if base in CItype.regimm: + self.rd = r + self.rs1 = r + if base == 'C.ADDI': + self.nzimm = sign_ext(CItype.imm(instr.bin), 5) + if base == 'C.ADDIW': + self.imm = sign_ext(CItype.imm(instr.bin), 5) + if base == 'C.ADDI16SP': + self.nzimm = sign_ext(CItype.immsp(instr.bin), 9) + if base == 'C.SLLI': + self.shamt = CItype.imm(instr.bin) + + SPload = ['C.LWSP', 'C.LDSP', 'C.LQSP', 'C.FLWSP', 'C.FLDSP'] + constgen = ['C.LI', 'C.LUI'] + regimm = ['C.ADDI', 'C.ADDIW', 'C.ADDI16SP', 'C.SLLI'] + + Woffset = lambda i: (((i >> 12) & 1) << 5) | (((i >> 4) & 7) << 2) \ + | (((i >> 2) & 3) << 6) + Doffset = lambda i: (((i >> 12) & 1) << 5) | (((i >> 5) & 3) << 3) \ + | (((i >> 2) & 7) << 6) + Qoffset = lambda i: (((i >> 12) & 1) << 5) | (((i >> 6) & 1) << 4) \ + | (((i >> 2) & 15) << 6) + imm = lambda i: (((i >> 12) & 1) << 5) | ((i >> 2) & 31) + immsp = lambda i: (((i >> 12) & 1) << 9) | (((i >> 6) & 1) << 4) \ + | (((i >> 5) & 1) << 6) | (((i >> 3) & 3) << 7) \ + | (((i >> 2) & 1) << 5) + + offset = { + 'C.LWSP': Woffset, + 'C.LDSP': Doffset, + 'C.LQSP': Qoffset, + 'C.FLWSP': Woffset, + 'C.FLDSP': Doffset, + } + +class CSStype: + """Compressed stack-relative store""" + def __init__(self, instr): + self.funct3 = instr.bin >> 13 + self.rs1 = Reg.sp + self.rs2 = (instr.bin >> 2) & 31 + self.op = instr.bin & 3 + self.offset = CSStype.offset[instr.base()](instr.bin) + # zero-extended offset + + Woffset = lambda i: (((i >> 9) & 15) << 2) | (((i >> 7) & 3) << 6) + Doffset = lambda i: (((i >> 10) & 7) << 3) | (((i >> 7) & 7) << 6) + Qoffset = lambda i: (((i >> 11) & 3) << 4) | (((i >> 7) & 15) << 6) + + offset = { + 'C.SWSP': Woffset, + 'C.SDSP': Doffset, + 'C.SQSP': Qoffset, + 'C.FSWSP': Woffset, + 'C.FSDSP': Doffset, + } + +class CIWtype: + """Compressed wide immediate""" + def __init__(self, instr): + i = instr.bin + self.funct3 = i >> 13 + rd_ = (i >> 2) & 7 + self.rd = rd_ + 8 + self.op = i & 3 + self.nzuimm = (((i >> 11) & 3) << 4) | (((i >> 7) & 15) << 6) \ + | (((i >> 6) & 1) << 2) | (((i >> 5) & 1) << 3) + # zero-extended (unsigned) non-zero immediate + if instr.base() == 'C.ADDI4SPN': + self.rs1 = Reg.sp + +CLS_Woffset = lambda i: (((i >> 10) & 7) << 3) | (((i >> 6) & 1) << 2) \ + | (((i >> 5) & 1) << 6) +CLS_Doffset = lambda i: (((i >> 10) & 7) << 3) | (((i >> 5) & 3) << 6) +CLS_Qoffset = lambda i: (((i >> 11) & 3) << 4) | (((i >> 10) & 1) << 8) \ + | (((i >> 5) & 3) << 6) + +class CLtype: + """Compressed load""" + def __init__(self, instr): + self.funct3 = instr.bin >> 13 + rs1_ = (instr.bin >> 7) & 7 + rd_ = (instr.bin >> 2) & 7 + self.rs1 = rs1_ + 8 + self.rd = rd_ + 8 + self.op = instr.bin & 3 + self.offset = CLtype.offset[instr.base()](instr.bin) + # zero-extended offset + + offset = { + 'C.LW': CLS_Woffset, + 'C.LD': CLS_Doffset, + 'C.LQ': CLS_Qoffset, + 'C.FLW': CLS_Woffset, + 'C.FLD': CLS_Doffset, + } + +class CStype: + """Compressed store""" + def __init__(self, instr): + self.funct3 = instr.bin >> 13 + rs1_ = (instr.bin >> 7) & 7 + rs2_ = (instr.bin >> 2) & 7 + self.rs1 = rs1_ + 8 + self.rs2 = rs2_ + 8 + self.op = instr.bin & 3 + self.offset = CStype.offset[instr.base()](instr.bin) + # zero-extended offset + + offset = { + 'C.SW': CLS_Woffset, + 'C.SD': CLS_Doffset, + 'C.SQ': CLS_Qoffset, + 'C.FSW': CLS_Woffset, + 'C.FSD': CLS_Doffset, + } + +class CAtype: + """Compressed arithmetic""" + def __init__(self, instr): + self.funct6 = instr.bin >> 10 + r = (instr.bin >> 7) & 7 + self.rd = r + 8 + self.rs1 = r + 8 + self.funct2 = (instr.bin >> 5) & 3 + self.rs2 = ((instr.bin >> 2) & 7) + 8 + self.op = instr.bin & 3 + +class CBtype: + """Compressed branch""" + def __init__(self, instr): + i = instr.bin + base = instr.base() + self.funct3 = i >> 13 + self.offset = (i >> 10) & 7 + rs1_ = (i >> 7) & 7 + self.rs1 = rs1_ + 8 + self.op = instr.bin & 3 + if base in CBtype.branch: + self.offset = sign_ext( + (((i >> 12) & 1) << 8) \ + | (((i >> 10) & 3) << 3) \ + | (((i >> 5) & 3) << 6) \ + | (((i >> 3) & 3) << 1) \ + | (((i >> 2) & 1) << 5) + , 8) + if base in CBtype.regimm: + if base == 'C.ANDI': + self.shamt = sign_ext(CItype.imm(i), 5) + else: + self.shamt = CItype.imm(i) + self.rd = self.rs1 + + branch = ['C.BEQZ', 'C.BNEZ'] + regimm = ['C.SRLI', 'C.SRAI', 'C.ANDI'] + +class CJtype: + """Compressed jump""" + def __init__(self, instr): + self.funct3 = instr.bin >> 13 + assert instr.base() in ['C.J', 'C.JAL'] + self.offset = sign_ext(CJtype.offset(instr.bin), 11) + self.jump_target = (instr.bin >> 2) & 0x7ff + self.op = instr.bin & 3 + + offset = lambda i: (((i >> 12) & 1) << 11) | (((i << 11) & 1) << 4) \ + | (((i >> 9) & 3) << 8) | (((i >> 8) & 1) << 10) \ + | (((i >> 7) & 1) << 6) | (((i >> 6) & 1) << 7) \ + | (((i >> 3) & 1) << 1) | (((i >> 2) & 1) << 5) + +class Instr: + """Instructions""" + + table_16_4_RV32 = [ + ['C.ADDI4SPN', 'C.FLD', 'C.LW', 'C.FLW', + 'Reserved', 'C.FSD', 'C.SW', 'C.FSW'], + ['C.ADDI', 'C.JAL', 'C.LI', 'C.LUI/C.ADDI16SP', + 'MISC-ALU', 'C.J', 'C.BEQZ', 'C.BNEZ'], + ['C.SLLI', 'C.FLDSP', 'C.LWSP', 'C.FLWSP', + 'C.J[AL]R/C.MV/C.ADD', 'C.FSDSP', 'C.SWSP', 'C.FSWSP'], + ] + + table_24_1 = [ + ['LOAD', 'LOAD-FP', 'custom-0', 'MISC-MEM', 'OP-IMM', 'AUIPC', 'OP-IMM-32', '48b'], + ['STORE', 'STORE-FP', 'custom-1', 'AMO', 'OP', 'LUI', 'OP-32', '64b'], + ['MADD', 'MSUB', 'NMSUB', 'NMADD', 'OP-FP', 'reserved', 'custom-2/rv128', '48b'], + ['BRANCH', 'JALR', 'reserved', 'JAL', 'SYSTEM', 'reserved', 'custom-3/rv128', '80b'], + ] + type_of_base = { + 'OP-IMM': Itype, + 'LUI': Utype, + 'AUIPC': Utype, + 'OP': Rtype, + 'OP-32': Rtype, + 'JAL': Jtype, + 'JALR': Itype, + 'BRANCH': Btype, + 'LOAD': Itype, + 'STORE': Stype, + 'SYSTEM': Itype, + 'C.LWSP': CItype, + 'C.LDSP': CItype, + 'C.LQSP': CItype, + 'C.FLWSP': CItype, + 'C.FLDSP': CItype, + 'C.SWSP': CSStype, + 'C.SDSP': CSStype, + 'C.SQSP': CSStype, + 'C.FSWSP': CSStype, + 'C.FSDSP': CSStype, + 'C.LW': CLtype, + 'C.LD': CLtype, + 'C.LQ': CLtype, + 'C.FLW': CLtype, + 'C.FLD': CLtype, + 'C.SW': CStype, + 'C.SD': CStype, + 'C.SQ': CStype, + 'C.FSW': CStype, + 'C.FSD': CStype, + 'C.J': CJtype, + 'C.JAL': CJtype, + 'C.J[AL]R/C.MV/C.ADD': CRtype, + 'C.BEQZ': CBtype, + 'C.BNEZ': CBtype, + 'C.LI': CItype, + 'C.LUI/C.ADDI16SP': CItype, + 'C.ADDI': CItype, + 'C.ADDIW': CItype, + 'C.ADDI4SPN': CIWtype, + 'C.SLLI': CItype, + 'MISC-ALU': CAtype, + } + iloads = ['C.LW', 'C.LWSP', 'LOAD'] + floads = ['C.FLD', 'C.FLW', 'C.FLDSP', 'C.FLWSP', 'LOAD-FP'] + istores = ['C.SW', 'C.SWSP', 'STORE'] + fstores = ['C.FSD', 'C.FSW', 'C.FSDSP', 'C.FSWSP', 'STORE-FP'] + loads = iloads + floads + stores = istores + fstores + + def __init__(self, bincode): + self.bin = bincode + self.inst_1_0 = self.bin & 3 + + def base(self): + """Get the name of the base instruction""" + result = "" + if self.is_compressed(): + line = self.bin & 3 + col = (self.bin >> 13) & 7 + result = Instr.table_16_4_RV32[line][col] + else: + line = (self.bin >> 5) & 3 + col = (self.bin >> 2) & 7 + result = Instr.table_24_1[line][col] + return result + + def fields(self): + """Get an object with the fields of the instruction""" + return Instr.type_of_base[self.base()](self) + + def is_compressed(self): + """Is the instruction from the C extension?""" + return (self.bin & 3) < 3 + + def size(self): + """Size of the instruction in bytes""" + return 2 if self.is_compressed() else 4 + + def is_load(self): + """Is the instruction a load?""" + return self.base() in Instr.loads + + def is_store(self): + """Is the instruction a store?""" + return self.base() in Instr.stores + + def is_branch(self): + """Is it a taken/not taken branch?""" + return self.base() in ['C.BEQZ', 'C.BNEZ', 'BRANCH'] + + def is_regjump(self): + """Is it a register jump?""" + if self.base() in ['JALR']: + return True + if self.base() == 'C.J[AL]R/C.MV/C.ADD': + return self.fields().name in ['C.JALR', 'C.JR'] + return False + + def is_jump(self): + """Is it an immediate jump?""" + return self.base() in ['JAL', 'C.JAL', 'C.J'] + + def is_muldiv(self): + """Is it a muldiv instruction?""" + return self.base() in ['OP', 'OP-32'] and self.fields().funct7 == 1 + + def offset(self): + """Get offset from instr (sometimes it is just 'imm' in RISCV spec)""" + fields = self.fields() + return fields.offset if hasattr(fields, 'offset') else fields.imm + + def addr_fields(self): + """Get the register and offset to build an address""" + return AddrFields(self.fields().rs1, self.offset()) + + def has_WAW_from(self, other): + """b.has_WAW_from(a) if a.rd == b.rd""" + a = other.fields() + b = self.fields() + if not (hasattr(a, 'rd') and hasattr(b, 'rd')): + return False + return a.rd == b.rd and a.rd != Reg.zero + + def has_RAW_from(self, other): + """b.has_RAW_from(a) if b.rsX == a.rd""" + a = other.fields() + b = self.fields() + if not hasattr(a, 'rd') or a.rd == Reg.zero: + return False + if hasattr(b, 'rs1') and a.rd == b.rs1: + return True + return hasattr(b, 'rs2') and a.rd == b.rs2 + + def has_WAR_from(self, other): + """b.has_WAR_from(a) if b.rd == a.rsX""" + a = other.fields() + b = self.fields() + if not hasattr(b, 'rd') or b.rd == Reg.zero: + return False + if hasattr(a, 'rs1') and a.rs1 == b.rd: + return True + return hasattr(a, 'rs2') and a.rs2 == b.rd diff --git a/perf-model/model.py b/perf-model/model.py new file mode 100644 index 000000000..736298a89 --- /dev/null +++ b/perf-model/model.py @@ -0,0 +1,666 @@ +# Copyright 2024 Thales Silicon Security +# +# Licensed under the Solderpad Hardware Licence, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0 +# You may obtain a copy of the License at https://solderpad.org/licenses/ +# +# Original Author: Côme ALLART - Thales + +""" +Performance model of the cva6 +""" + +import sys +import re + +from dataclasses import dataclass +from enum import Enum +from collections import defaultdict + +#from matplotlib import pyplot as plt + +from isa import Instr, Reg + +EventKind = Enum('EventKind', [ + 'WAW', 'WAR', 'RAW', + 'BMISS', 'BHIT', + 'STRUCT', + 'issue', 'done', 'commit', +]) + +def to_signed(value, xlen=32): + signed = value + if signed >> (xlen - 1): + signed -= 1 << xlen + return signed + +class Event: + """Represents an event on an instruction""" + def __init__(self, kind, cycle): + self.kind = kind + self.cycle = cycle + + def __repr__(self): + return f"@{self.cycle}: {self.kind}" + +class Instruction(Instr): + """Represents a RISC-V instruction with annotations""" + + def __init__(self, line, address, hex_code, mnemo): + Instr.__init__(self, int(hex_code, base=16)) + self.line = line + self.address = int(address, base=16) + self.hex_code = hex_code + self.mnemo = mnemo + self.events = [] + + def mnemo_name(self): + """The name of the instruction (fisrt word of the mnemo)""" + return self.mnemo.split()[0] + + def next_addr(self): + """Address of next instruction""" + return self.address + self.size() + + _ret_regs = [Reg.ra, Reg.t0] + + def is_ret(self): + "Does CVA6 consider this instruction as a ret?" + f = self.fields() + # Strange conditions, no imm check, no rd-discard check + return self.is_regjump() \ + and f.rs1 in Instruction._ret_regs \ + and (self.is_compressed() or f.rs1 != f.rd) + + def is_call(self): + "Does CVA6 consider this instruction as a ret?" + base = self.base() + f = self.fields() + return base == 'C.JAL' \ + or base == 'C.J[AL]R/C.MV/C.ADD' and f.name == 'C.JALR' \ + or base in ['JAL', 'JALR'] and f.rd in Instruction._ret_regs + + def __repr__(self): + return self.mnemo + +@dataclass +class Entry: + """A scoreboard entry""" + instr: Instruction + cycles_since_issue = 0 + done: bool = False + + def __repr__(self): + status = "DONE" if self.done else "WIP " + addr = f"0x{self.instr.address:08X}" + return f"{status} {addr}:`{self.instr}` for {self.cycles_since_issue}" + +@dataclass +class LastIssue: + """To store the last issued instruction""" + instr: Instruction + issue_cycle: int + +class IqLen: + """Model of the instruction queue with only a size counter""" + def __init__(self, fetch_size, debug=False): + self.fetch_size = 4 + while self.fetch_size < fetch_size: + self.fetch_size <<= 1 + self.debug = debug + self.len = self.fetch_size + self.new_fetch = True + + def fetch(self): + """Fetch bytes""" + self.len += self.fetch_size + self._debug(f"fetched {self.fetch_size}, got {self.len}") + self.new_fetch = True + + def flush(self): + """Flush instruction queue (bmiss or exception)""" + self.len = 0 + self._debug(f"flushed, got {self.len}") + self.new_fetch = False + + def jump(self): + """Loose a fetch cycle and truncate (jump, branch hit taken)""" + if self.new_fetch: + self.len -= self.fetch_size + self._debug(f"jumping, removed {self.fetch_size}, got {self.len}") + self.new_fetch = False + self._truncate() + self._debug(f"jumped, got {self.len}") + + def has(self, instr): + """Does the instruction queue have this instruction?""" + length = self.len + if self._is_crossword(instr): + length -= (self.fetch_size - 2) + self._debug(f"comparing {length} to {instr.size()} ({instr})") + return length >= instr.size() + + def remove(self, instr): + """Remove instruction from queue""" + self.len -= instr.size() + self._debug(f"removed {instr.size()}, got {self.len}") + self._truncate(self._addr_index(instr.next_addr())) + if instr.is_jump(): + self.jump() + + def _addr_index(self, addr): + return addr & (self.fetch_size - 1) + + def _is_crossword(self, instr): + is_last = self._addr_index(instr.address) == self.fetch_size - 2 + return is_last and not instr.is_compressed() + + def _truncate(self, index=0): + occupancy = self.fetch_size - self._addr_index(self.len) + to_remove = index - occupancy + if to_remove < 0: + to_remove += self.fetch_size + self.len -= to_remove + self._debug(f"truncated, removed {to_remove}, got {self.len}") + + def _debug(self, message): + if self.debug: + print(f"iq: {message}") + +class Ras: + "Return Address Stack" + def __init__(self, depth=2, debug=False): + self.depth = depth - 1 + self.stack = [] + self.debug = debug + self.last_dropped = None + + def push(self, addr): + "Push an address on the stack, forget oldest entry if full" + self.stack.append(addr) + self._debug(f"pushed 0x{addr:08X}") + if len(self.stack) > self.depth: + self.stack.pop(0) + self._debug("overflown") + + def drop(self): + "Drop an address from the stack" + self._debug("dropping") + if len(self.stack) > 0: + self.last_dropped = self.stack.pop() + else: + self.last_dropped = None + self._debug("was already empty") + + def read(self): + "Read the top of the stack without modifying it" + self._debug("reading") + if self.last_dropped is not None: + addr = self.last_dropped + self._debug(f"read 0x{addr:08X}") + return addr + self._debug("was empty") + return None + + def resolve(self, instr): + "Push or pop depending on the instruction" + self._debug(f"issuing {instr}") + if instr.is_ret(): + self._debug("detected ret") + self.drop() + if instr.is_call(): + self._debug("detected call") + self.push(instr.next_addr()) + + def _debug(self, message): + if self.debug: + print(f"RAS: {message}") + +class Bht: + "Branch History Table" + + @dataclass + class Entry: + "A BTB entry" + valid: bool = False + sat_counter: int = 0 + + def __init__(self, entries=128): + self.contents = [Bht.Entry() for _ in range(entries)] + + def predict(self, addr): + "Is the branch taken? None if don't know" + entry = self.contents[self._index(addr)] + if entry.valid: + return entry.sat_counter >= 2 + return None + + def resolve(self, addr, taken): + "Update branch prediction" + index = self._index(addr) + entry = self.contents[index] + entry.valid = True + if taken: + if entry.sat_counter < 3: + entry.sat_counter += 1 + else: + if entry.sat_counter > 0: + entry.sat_counter -= 1 + + def _index(self, addr): + return (addr >> 1) % len(self.contents) + +Fu = Enum('Fu', ['ALU', 'MUL', 'BRANCH', 'LDU', 'STU']) + +# We have +# - FLU gathering ALU + BRANCH (+ CSR, not significant in CoreMark) +# - LSU for loads and stores +# - FP gathering MUL + second ALU (+ Floating, unused in CoreMark) +# This way we do not have more write-back ports than currently with F + +def to_fu(instr): + if instr.is_branch() or instr.is_regjump(): + return Fu.BRANCH + if instr.is_muldiv(): + return Fu.MUL + if instr.is_load(): + return Fu.LDU + if instr.is_store(): + return Fu.STU + return Fu.ALU + +class FusBusy: + "Is each functional unit busy" + def __init__(self, has_alu2 = False): + self.has_alu2 = has_alu2 + + self.alu = False + self.mul = False + self.branch = False + self.ldu = False + self.stu = False + self.alu2 = False + + self.issued_mul = False + + def _alu2_ready(self): + return self.has_alu2 and not self.alu2 + + def is_ready(self, fu): + return { + Fu.ALU: self._alu2_ready() or not self.alu, + Fu.MUL: not self.mul, + Fu.BRANCH: not self.branch, + Fu.LDU: not self.ldu, + Fu.STU: not self.stu, + }[fu] + + def is_ready_for(self, instr): + return self.is_ready(to_fu(instr)) + + def issue(self, instr): + return { + Fu.ALU: FusBusy.issue_alu, + Fu.MUL: FusBusy.issue_mul, + Fu.BRANCH: FusBusy.issue_branch, + Fu.LDU: FusBusy.issue_ldu, + Fu.STU: FusBusy.issue_stu, + }[to_fu(instr)](self) + + def issue_mul(self): + self.mul = True + self.issued_mul = True + + def issue_alu(self): + if not self._alu2_ready(): + assert not self.alu + self.alu = True + self.branch = True + else: + self.alu2 = True + + def issue_branch(self): + self.alu = True + self.branch = True + # Stores are not allowed yet + self.stu = True + + def issue_ldu(self): + self.ldu = True + self.stu = True + + def issue_stu(self): + self.stu = True + self.ldu = True + + def cycle(self): + self.alu = self.issued_mul + self.mul = False + self.branch = self.issued_mul + self.ldu = False + self.stu = False + self.alu2 = False + self.issued_mul = False + +class Model: + """Models the scheduling of CVA6""" + + re_instr = re.compile( + r"([a-z]+)\s+0:\s*0x00000000([0-9a-f]+)\s*\(([0-9a-fx]+)\)\s*@\s*([0-9]+)\s*(.*)" + ) + + def __init__( + self, + debug=False, + issue=1, + commit=2, + sb_len=8, + fetch_size=None, + has_forwarding=True, + has_renaming=True): + self.ras = Ras(debug=debug) + self.bht = Bht() + self.instr_queue = [] + self.scoreboard = [] + self.fus = FusBusy(issue > 1) + self.last_issued = None + self.last_committed = None + self.retired = [] + self.sb_len = sb_len + self.debug = debug + self.iqlen = IqLen(fetch_size or 4 * issue, debug) + self.issue_width = issue + self.commit_width = commit + self.has_forwarding = has_forwarding + self.has_renaming = has_renaming + self.log = [] + + def log_event_on(self, instr, kind, cycle): + """Log an event on the instruction""" + if self.debug: + print(f"{instr}: {kind}") + event = Event(kind, cycle) + instr.events.append(event) + self.log.append((event, instr)) + + def predict_branch(self, instr): + """Predict if branch is taken or not""" + pred = self.bht.predict(instr.address) + if pred is not None: + return pred + return instr.offset() >> 31 != 0 + + def predict_regjump(self, instr): + """Predict destination address of indirect jump""" + if instr.is_ret(): + return self.ras.read() or 0 + return 0 # always miss, as there is no btb yet + + def predict_pc(self, last): + """Predict next program counter depending on last issued instruction""" + if last.is_branch(): + taken = self.predict_branch(last) + offset = to_signed(last.offset()) if taken else last.size() + return last.address + offset + if last.is_regjump(): + return self.predict_regjump(last) + return None + + def issue_manage_last_branch(self, instr, cycle): + """Flush IQ if branch miss, jump if branch hit""" + if self.last_issued is not None: + last = self.last_issued.instr + pred = self.predict_pc(last) + if pred is not None: + bmiss = pred != instr.address + resolved = cycle >= self.last_issued.issue_cycle + 6 + if bmiss and not resolved: + self.iqlen.flush() + branch = EventKind.BMISS if bmiss else EventKind.BHIT + if branch not in [e.kind for e in instr.events]: + self.log_event_on(instr, branch, cycle) + taken = instr.address != last.next_addr() + if taken and not bmiss: + # last (not instr) was like a jump + self.iqlen.jump() + + def commit_manage_last_branch(self, instr, cycle): + "Resolve branch prediction" + if self.last_committed is not None: + last = self.last_committed + if last.is_branch(): + taken = instr.address != last.next_addr() + self.bht.resolve(last.address, taken) + self.last_committed = instr + + def find_data_hazards(self, instr, cycle): + """Detect and log data hazards""" + found = False + for entry in self.scoreboard: + if instr.has_WAW_from(entry.instr) and not self.has_renaming: + self.log_event_on(instr, EventKind.WAW, cycle) + found = True + can_forward = self.has_forwarding and entry.done + if instr.has_RAW_from(entry.instr) and not can_forward: + self.log_event_on(instr, EventKind.RAW, cycle) + found = True + return found + + def find_structural_hazard(self, instr, cycle): + """Detect and log structural hazards""" + if not self.fus.is_ready_for(instr): + self.log_event_on(instr, EventKind.STRUCT, cycle) + return True + return False + + def try_issue(self, cycle): + """Try to issue an instruction""" + if len(self.instr_queue) == 0 or len(self.scoreboard) >= self.sb_len: + return + can_issue = True + instr = self.instr_queue[0] + if self.find_data_hazards(instr, cycle): + can_issue = False + if self.find_structural_hazard(instr, cycle): + can_issue = False + self.issue_manage_last_branch(instr, cycle) + if not self.iqlen.has(instr): + can_issue = False + if can_issue: + self.iqlen.remove(instr) + instr = self.instr_queue.pop(0) + self.log_event_on(instr, EventKind.issue, cycle) + entry = Entry(instr) + self.scoreboard.append(entry) + self.fus.issue(instr) + self.last_issued = LastIssue(instr, cycle) + self.ras.resolve(instr) + + def try_execute(self, cycle): + """Try to execute instructions""" + for entry in self.scoreboard: + entry.cycles_since_issue += 1 + instr = entry.instr + duration = 1 + if instr.is_load() or instr.is_store(): + duration = 2 + if instr.is_muldiv(): + duration = 2 + if entry.cycles_since_issue == duration: + self.log_event_on(instr, EventKind.done, cycle) + entry.done = True + + def try_commit(self, cycle, commit_port): + """Try to commit an instruction""" + if len(self.scoreboard) == 0: + return + entry = self.scoreboard[0] + can_commit = True + if commit_port > 0: + if entry.instr.is_store(): + can_commit = False + if not entry.done: + can_commit = False + if can_commit: + instr = self.scoreboard.pop(0).instr + self.log_event_on(instr, EventKind.commit, cycle) + self.retired.append(instr) + self.commit_manage_last_branch(instr, cycle) + + def run_cycle(self, cycle): + """Runs a cycle""" + self.fus.cycle() + for commit_port in range(self.commit_width): + self.try_commit(cycle, commit_port) + self.try_execute(cycle) + for _ in range(self.issue_width): + self.try_issue(cycle) + self.iqlen.fetch() + + def load_file(self, path): + """Fill a model from a trace file""" + with open(path, "r", encoding="utf8") as file: + for line in [l.strip() for l in file]: + found = Model.re_instr.search(line) + if found: + address = found.group(2) + hex_code = found.group(3) + mnemo = found.group(5) + instr = Instruction(line, address, hex_code, mnemo) + self.instr_queue.append(instr) + + def run(self, cycles=None): + """Run until completion""" + cycle = 0 + while len(self.instr_queue) > 0 or len(self.scoreboard) > 0: + self.run_cycle(cycle) + if self.debug: + print(f"Scoreboard @{cycle}") + for entry in self.scoreboard: + print(f" {entry}") + print(f"iqlen = {self.iqlen.len}") + print() + cycle += 1 + + if cycles is not None and cycle > cycles: + break + return cycle + +def write_trace(output_file, instructions): + """Write cycle-annotated trace""" + pattern = re.compile(r"@\s*[0-9]+") + + lines = [] + for instr in instructions: + commit_event = instr.events[-1] + assert commit_event.kind == EventKind.commit + cycle = commit_event.cycle + annotated = re.sub(pattern, f"@ {cycle}", instr.line) + #if EventKind.STRUCT in [e.kind for e in instr.events]: + # annotated += " #STRUCT" + #if EventKind.RAW in [e.kind for e in instr.events]: + # annotated += " #RAW" + lines.append(f"{annotated}\n") + + with open(output_file, 'w') as f: + f.writelines(lines) + +def print_data(name, value, ts=24, sep='='): + "Prints 'name = data' with alignment of the '='" + + spaces = ' ' * (ts - len(name)) + print(f"{name}{spaces} {sep} {value}") + +def display_scores(scores): + """Display a 3D graph of scores against commit/issue-wide""" + bars = [] + for x, l in enumerate(scores): + for y, z in enumerate(l): + bars.append((x, y, z)) + + x, y, z, dx, dy, dz = [], [], [], [], [], [] + for bx, by, bz in bars: + x.append(bx) + y.append(by) + z.append(0) + dx.append(.5) + dy.append(.5) + dz.append(bz) + + #fig = plt.figure() + #ax1 = fig.add_subplot(111, projection='3d') + #ax1.bar3d(x, y, z, dx, dy, dz) + #ax1.set_xlabel("issue") + #ax1.set_ylabel("commit") + #ax1.set_zlabel("CoreMark/MHz") + #plt.show() + +def issue_commit_graph(input_file, n = 3): + """Plot the issue/commit graph""" + + r = range(n + 1) + scores = [[0 for _ in r] for _ in r] + + if input_file is None: + scores = [[0, 0, 0, 0, 0, 0], [0, 2.651936045910317, 2.651936045910317, 2.651936045910317, 2.651936045910317, 2.651936045910317], [0, 3.212779150348426, 3.6292766488711137, 3.6292766488711137, 3.6292766488711137, 3.6292766488711137], [0, 3.2550388000624966, 3.900216852056974, 3.914997572701505, 3.914997572701505, 3.914997572701505], [0, 3.2596436557555526, 3.9257869239889134, 3.9420984578510834, 3.9421606193922765, 3.9421606193922765], [0, 3.260695897718491, 3.944757614368385, 3.9623576027736505, 3.9625460150656, 3.9625460150656]] # pylint: disable=line-too-long + else: + r = range(1, n + 1) + for issue in r: + for commit in r: + print("running", issue, commit) + model = Model(issue=issue, commit=commit) + model.load_file(input_file) + model.run() + n_cycles = count_cycles(filter_timed_part(model.retired)) + score = 1000000 / n_cycles + scores[issue][commit] = score + print(scores) + display_scores(scores) + +def filter_timed_part(all_instructions): + "Keep only timed part from a trace" + filtered = [] + re_csrr_minstret = re.compile(r"^csrr\s+\w\w,\s*minstret$") + accepting = False + for instr in all_instructions: + if re_csrr_minstret.search(instr.mnemo): + accepting = not accepting + continue + if accepting: + filtered.append(instr) + return filtered + +def count_cycles(retired): + start = min(e.cycle for e in retired[0].events) + end = max(e.cycle for e in retired[-1].events) + return end - start + +def print_stats(instructions): + ecount = defaultdict(lambda: 0) + + for instr in instructions: + for e in instr.events: + ecount[e.kind] += 1 + cycle = e.cycle + n_instr = len(instructions) + n_cycles = count_cycles(instructions) + + print_data("cycle number", n_cycles) + print_data("Coremark/MHz", 1000000 / n_cycles) + print_data("instruction number", n_instr) + for ek, count in ecount.items(): + print_data(f"{ek}/instr", f"{100 * count / n_instr:.2f}%") + +def main(input_file: str): + "Entry point" + + model = Model(debug=True, issue=2, commit=2) + model.load_file(input_file) + model.run() + + write_trace('annotated.log', model.retired) + print_stats(filter_timed_part(model.retired)) + +if __name__ == "__main__": + main(sys.argv[1]) diff --git a/spyglass/reference_summary.rpt b/spyglass/reference_summary.rpt index 8cd2eeaab..21af934a3 100644 --- a/spyglass/reference_summary.rpt +++ b/spyglass/reference_summary.rpt @@ -3,9 +3,9 @@ # # This file has been generated by SpyGlass: # Report Name : summary -# Report Created by: asintzoff -# Report Created on: Mon Sep 9 16:12:42 2024 -# Working Directory: /home/asintzoff/git-repo/tss/cva6/spyglass +# Report Created by: gchauvon +# Report Created on: Wed Jan 15 17:25:40 2025 +# Working Directory: /home/gchauvon/rhel8/github_issue/issue_2280/cva6/spyglass # SpyGlass Version : SpyGlass_vS-2021.09-SP2-3 # Policy Name : SpyGlass(SpyGlass_vS-2021.09-SP2-03) # erc(SpyGlass_vS-2021.09-SP2-03) @@ -17,9 +17,9 @@ # starc(SpyGlass_vS-2021.09-SP2-03) # starc2005(SpyGlass_vS-2021.09-SP2-03) # -# Total Number of Generated Messages : 1023 -# Number of Waived Messages : 327 -# Number of Reported Messages : 696 +# Total Number of Generated Messages : 977 +# Number of Waived Messages : 885 +# Number of Reported Messages : 92 # Number of Overlimit Messages : 0 # # @@ -54,17 +54,9 @@ INFO HdlLibDuCheck_03 1 Reports that 'hdllibdu' is not required +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Severity Rule Name Count Short Help =============================================================================== -WARNING SYNTH_12605 5 Used Priority/Unique Type case/if - statement but all the conditions are - not covered -WARNING SYNTH_12608 1 The logic of the always block - mismatches with the type of Always - Block -WARNING SYNTH_12611 2 Property blocks will be ignored for - synthesis -WARNING SYNTH_5064 38 Non-synthesizable statements are +WARNING SYNTH_5064 12 Non-synthesizable statements are ignored for synthesis. -WARNING SYNTH_5143 11 Initial block is ignored for synthesis +WARNING SYNTH_5143 1 Initial block is ignored for synthesis WARNING SYNTH_89 4 Initial Assignment at Declaration is ignored by synthesis. WARNING WRN_27 1 Bit-select should not be out-of-range. @@ -80,46 +72,21 @@ INFO ElabSummary 1 Generates Elaborated design units +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Severity Rule Name Count Short Help =============================================================================== -ERROR InferLatch 2 Latch inferred -ERROR UndrivenInTerm-ML 1 Undriven but loaded input terminal of - an instance detected -ERROR W123 11 A signal or variable has been read but +ERROR W123 12 A signal or variable has been read but is not set ERROR W416 1 Width of return type and return value of a function should be same (Verilog) Range of return type and return value of a function should be same (VHDL) -WARNING FlopEConst 19 Flip-flop enable pin is permanently - disabled or enabled -WARNING ParamWidthMismatch-ML 1 Parameter width does not match with the - value assigned -WARNING STARC05-1.3.1.3 1 Asynchronous reset/preset signals must - not be used as non-reset/preset or - synchronous reset/preset signals -WARNING STARC05-2.1.3.1 2 Bit-width of function arguments must - match bit-width of the corresponding - function inputs. -WARNING STARC05-2.1.4.5 1 Bit-wise operators must be used instead - of logic operators in multi-bit - operations. -WARNING STARC05-2.1.5.3 2 Conditional expressions should evaluate - to a scalar. -WARNING STARC05-2.2.3.3 14 Do not assign over the same signal in +WARNING STARC05-2.2.3.3 2 Do not assign over the same signal in an always construct for sequential circuits -WARNING W224 2 Multi-bit expression found when one-bit - expression expected WARNING W263 4 A case expression width does not match case select expression width -WARNING W287b 36 Output port of an instance is not +WARNING W287b 17 Output port of an instance is not connected -WARNING W415a 45 Signal may be multiply assigned (beside +WARNING W415a 33 Signal may be multiply assigned (beside initialization) in the same scope. -WARNING W480 3 Loop index is not of type integer -WARNING W486 2 Shift overflow - some bits may be lost -WARNING W528 482 A signal or variable is set but never - read -INFO W528 1 A signal or variable is set but never - read +WARNING W486 1 Shift overflow - some bits may be lost +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ diff --git a/spyglass/sg_setup/cva6/cva6_waiver.awl b/spyglass/sg_setup/cva6/cva6_waiver.awl index 44ca18666..7327998b3 100644 --- a/spyglass/sg_setup/cva6/cva6_waiver.awl +++ b/spyglass/sg_setup/cva6/cva6_waiver.awl @@ -6,9 +6,13 @@ ## Modified by : Asmaa Kassimi (asmaa.kassimi@external.thalesgroup.com) - Thales ####################################################################################################### -waive -file_line {$CVA6_REPO_DIR/common/local/util/sram_cache.sv} {55} -severity { {ERROR} } -rule { {ErrorAnalyzeBBox} } -waive -file_line {$CVA6_REPO_DIR/common/local/util/sram_cache.sv} {85} -severity { {ERROR} } -rule { {ErrorAnalyzeBBox} } -waive -file { {$CVA6_REPO_DIR/vendor/pulp-platform/tech_cells_generic/src/rtl/tc_sram.sv} } -severity { {ERROR} } -rule { {ErrorAnalyzeBBox} } -waive -file { {$CVA6_REPO_DIR/vendor/pulp-platform/tech_cells_generic/src/rtl/tc_sram.sv} } -severity { {ERROR} } -rule { {SYNTH_5251} } +waive -file_line {$CVA6_REPO_DIR/common/local/util/sram_cache.sv} {55} -severity { {ERROR} } -rule { {ErrorAnalyzeBBox} } +waive -file_line {$CVA6_REPO_DIR/common/local/util/sram_cache.sv} {85} -severity { {ERROR} } -rule { {ErrorAnalyzeBBox} } +waive -file { {$CVA6_REPO_DIR/vendor/pulp-platform/tech_cells_generic/src/rtl/tc_sram.sv} } -severity { {ERROR} } -rule { {ErrorAnalyzeBBox} } +waive -file { {$CVA6_REPO_DIR/vendor/pulp-platform/tech_cells_generic/src/rtl/tc_sram.sv} } -severity { {ERROR} } -rule { {SYNTH_5251} } waive -file { {$CVA6_REPO_DIR/common/local/util/tc_sram_wrapper_cache_techno.sv} } -du { {tc_sram_wrapper_cache_techno} } -severity { {ERROR} } -rule { {ErrorAnalyzeBBox} } -waive -rule { {W240} } -comment {Created by akassimi on 26-Jul-2024 18:36:59} + +waive -file {$CVA6_REPO_DIR/core/cache_subsystem/*} -regexp + +waive -rule { {W240} } -comment {Created by akassimi on 26-Jul-2024 18:36:59} +waive -rule { {W528} } -comment {Remove Set but not read warning as it happens very often for disable features such as PMP, Accelerator, ...} diff --git a/src_files.yml b/src_files.yml index b71b628b6..33c8bf6c0 100644 --- a/src_files.yml +++ b/src_files.yml @@ -22,6 +22,7 @@ ariane: src/ex_stage.sv, src/frontend/btb.sv, src/frontend/bht.sv, + src/frontend/bht2lvl.sv, src/frontend/ras.sv, src/frontend/instr_scan.sv, src/frontend/frontend.sv, diff --git a/util/toolchain-builder/config/global.sh b/util/toolchain-builder/config/global.sh index dab7b0cba..c5af7f6a6 100755 --- a/util/toolchain-builder/config/global.sh +++ b/util/toolchain-builder/config/global.sh @@ -60,11 +60,7 @@ BINUTILS_CONFIGURE_OPTS() { --target=$1 --prefix=${INSTALL_DIR} --disable-werror - --disable-gdb --disable-nls - --disable-sim - --disable-libdecnumber - --disable-readline ) echo "${OPTS[@]}" } diff --git a/vendor/patches/pulp-platform/common_cells/00001-spyglass-no-multiple-assignement-same-block-padded_input.patch b/vendor/patches/pulp-platform/common_cells/00001-spyglass-no-multiple-assignement-same-block-padded_input.patch new file mode 100644 index 000000000..01410cbbd --- /dev/null +++ b/vendor/patches/pulp-platform/common_cells/00001-spyglass-no-multiple-assignement-same-block-padded_input.patch @@ -0,0 +1,16 @@ +diff --git a/vendor/pulp-platform/common_cells/src/popcount.sv b/vendor/pulp-platform/common_cells/src/popcount.sv +index 72b9b71f0..6fde114f3 100644 +--- a/vendor/pulp-platform/common_cells/src/popcount.sv ++++ b/vendor/pulp-platform/common_cells/src/popcount.sv +@@ -30,10 +30,7 @@ module popcount #( + logic [PopcountWidth-2:0] left_child_result, right_child_result; + + //Zero pad the input to next power of two +- always_comb begin +- padded_input = '0; +- padded_input[INPUT_WIDTH-1:0] = data_i; +- end ++ assign padded_input = {{{PaddedWidth-INPUT_WIDTH}{1'b0}}, data_i}; + + //Recursive instantiation to build binary adder tree + if (INPUT_WIDTH == 1) begin : single_node diff --git a/vendor/pulp-platform/common_cells/src/popcount.sv b/vendor/pulp-platform/common_cells/src/popcount.sv index 72b9b71f0..6fde114f3 100644 --- a/vendor/pulp-platform/common_cells/src/popcount.sv +++ b/vendor/pulp-platform/common_cells/src/popcount.sv @@ -30,10 +30,7 @@ module popcount #( logic [PopcountWidth-2:0] left_child_result, right_child_result; //Zero pad the input to next power of two - always_comb begin - padded_input = '0; - padded_input[INPUT_WIDTH-1:0] = data_i; - end + assign padded_input = {{{PaddedWidth-INPUT_WIDTH}{1'b0}}, data_i}; //Recursive instantiation to build binary adder tree if (INPUT_WIDTH == 1) begin : single_node diff --git a/verif/core-v-verif b/verif/core-v-verif index 464bf7a0d..60e57248c 160000 --- a/verif/core-v-verif +++ b/verif/core-v-verif @@ -1 +1 @@ -Subproject commit 464bf7a0d730eaf614acac258b412829217b6465 +Subproject commit 60e57248c48b0f8f90cf52af20aecc5c16e9d6d8 diff --git a/verif/docs/VerifPlans/PMP/VP_IP000.yml b/verif/docs/VerifPlans/PMP/VP_IP000.yml new file mode 100644 index 000000000..8e7da47c6 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP000.yml @@ -0,0 +1,358 @@ +!Feature +next_elt_id: 15 +name: TRISTAN Restrictions +id: 0 +display_order: 0 +subfeatures: !!omap +- 000_general: !Subfeature + name: 000_general + tag: VP_PMP_F000_S000 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S000_I000 + description: "\nthe verif plan is written for 32bits architecture only" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 001_number of harts: !Subfeature + name: 001_number of harts + tag: VP_PMP_F000_S001 + next_elt_id: 2 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S001_I000 + description: "\nthere is only 1 hart in cv32a6" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 002_mxlen: !Subfeature + name: 002_mxlen + tag: VP_PMP_F000_S002 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S002_I000 + description: "\nMXLEN is always 32bits" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 003_xlen: !Subfeature + name: 003_xlen + tag: VP_PMP_F000_S003 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S003_I000 + description: "\nXLEN=MXLEN=32, so the PMP address registers are XLEN bits + long, so no zero-extension needed" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 004_granularity: !Subfeature + name: 004_granularity + tag: VP_PMP_F000_S004 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S004_I000 + description: "\nPMP granularity is 8 bytes (G=1), but the verif plan is written + to take G=0 into account (NA4)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 005_number of pmp entries: !Subfeature + name: 005_number of pmp entries + tag: VP_PMP_F000_S005 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S005_I000 + description: "\nthere are 8 HW implemented PMP entries" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 006_hardwired regions: !Subfeature + name: 006_hardwired regions + tag: VP_PMP_F000_S006 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S006_I000 + description: "\nnone of the 8 PMP entries is hardwired privileges" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 007_virtual memory: !Subfeature + name: 007_virtual memory + tag: VP_PMP_F000_S007 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S007_I000 + description: "\nno virtual memory is implemented\nas a consequence no page-based + virtual memory is implemented" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 008_physical memory regions: !Subfeature + name: 008_physical memory regions + tag: VP_PMP_F000_S008 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S008_I000 + description: "\nthe list of all physical memory regions\n - system memory + regions\n - I-$\n - D-$\n - I-scratchpad (preload mode)\n - I-scratchpad + (functional mode)\n - D-scratchpad\n - ahb_periph" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 009_pmp entry disabling: !Subfeature + name: 009_pmp entry disabling + tag: VP_PMP_F000_S009 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S009_I000 + description: "\nwe assume an already written PMP entry (i) can be disabled\n\ + \ - if L=0, by clearing pmpcfg(i)\n - if L=1, only by hart reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 010_access-faults (violations): !Subfeature + name: 010_access-faults (violations) + tag: VP_PMP_F000_S010 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S010_I000 + description: "\nThe testbench/testcases architecture ensures that:\n - any + time there is an access-fault type, we check it matches the related access-type\n + - all violations are trapped at the processor\n\n{Page 56 Volume II: RISC-V + Privileged Architectures V20211203}\nPMP violations are always trapped precisely + at the processor" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 011_testcases modularity: !Subfeature + name: 011_testcases modularity + tag: VP_PMP_F000_S011 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S011_I000 + description: "\nThe verif plan is written assuming there is a way (like SystemVerilog + interaction):\n - to factorize the testcases in code blocks (in particular + configuration code block and access code block)\n - to randomize the code + blocks data and addresses\n - to randomize the sequence of code blocks" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 012_access types: !Subfeature + name: 012_access types + tag: VP_PMP_F000_S012 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S012_I000 + description: "at the time of writing,\nthe verif plan makes no distinction + between load and load-reserved instructions. they are gathered in the same + access type, subtleties unknown\nthe verif plan makes no distinction between + store, store-conditional, and AMO instructions. they are gathered in the + same access type, subtleties unknown" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 013_multiple accesses instructions: !Subfeature + name: 013_multiple accesses instructions + tag: VP_PMP_F000_S013 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S013_I000 + description: "\nwe assume there is no added value to test multiple accesses + instructions" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +- 014_misaligned instructions: !Subfeature + name: 014_misaligned instructions + tag: VP_PMP_F000_S014 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F000_S014_I000 + description: "\nwe assume that instructions are mandatorily aligned" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: '' + pfc: -1 + test_type: -1 + cov_method: -1 + cores: -1 + coverage_loc: '' + comments: '' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP001.yml b/verif/docs/VerifPlans/PMP/VP_IP001.yml new file mode 100644 index 000000000..6198f379c --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP001.yml @@ -0,0 +1,45 @@ +!Feature +next_elt_id: 1 +name: PMP granularity +id: 1 +display_order: 1 +subfeatures: !!omap +- 000_granularity_check: !Subfeature + name: 000_granularity_check + tag: VP_PMP_F001_S000 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F001_S000_I000 + description: "{Page 59 Volume II: RISC-V Privileged Architectures V20211203}\n + \nSoftware may determine the PMP granularity by writing zero to pmp0cfg, + then writing all ones to pmpaddr0, then reading back pmpaddr0.\nIf G is + the index of the least-signicant bit set, the PMP granularity is 2G+2 bytes." + reqt_doc: '' + ref_mode: page + ref_page: '59' + ref_section: '' + ref_viewer: evince + verif_goals: determine the PMP granularity 2^(G+2) bytes by writing zero to + pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). + G is the index G of the least-significant bit set + pfc: 11 + test_type: 2 + cov_method: 0 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR07-b\nSoftware may determine the PMP granularity + by writing zero to pmp0cfg, then writing all ones to pmpaddr0, then reading + back pmpaddr0.\n If G is the index of the least-signicant bit set, the + PMP granularity is 2G+2 bytes.\n\n\nTST01 (HIGH-PRIO) => FTR07-b\n[determine + the PMP granularity 2^(G+2) bytes by writing zero to pmp(0)cfg, then writing + all ones to pmpaddr(0), then reading back pmpaddr(0). G is the index G of + the least-significant bit set]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP002.yml b/verif/docs/VerifPlans/PMP/VP_IP002.yml new file mode 100644 index 000000000..82ecf96ce --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP002.yml @@ -0,0 +1,159 @@ +!Feature +next_elt_id: 4 +name: CSRs M-mode only +id: 2 +display_order: 2 +subfeatures: !!omap +- 000_configure_1_pmp_entry: !Subfeature + name: 000_configure_1_pmp_entry + tag: VP_PMP_F002_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F002_S001_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nPMP CSRs are only accessible to M-mode" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 1 PMP entry (i) (the 1st one),\n - check for each + PMP entry (i) reset value (read zero) by reading in M mode\n - check for + each PMP entry (i) that pmp(i)cfg and pmpaddr(i) are not writable/readable + in S or U modes\n - check for each PMP entry (i) that pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only\n - check for each PMP entry (i) that + pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST02(group) => FTR02-d\n [check that all 8 HW implemented + PMP entries are writable/readable in M-mode (L=0)]\n [check that no HW + implemented PMP entry are writable/readable in S or U modes (L=0)]\n \ + \ - random values may be used\n - before any configuration (after hart + reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST02-1 + (HIGH-PRIO)\n[configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first + one): with L=0,\n - if possible, the PMP entry number is a configurable + parameter\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are not writable/readable in S or U modes\n - check for PMP entry (i) where + L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only\n\ + \ - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are + not writable/readable in S or U modes]" +- 001_configure_2_pmp_entries: !Subfeature + name: 001_configure_2_pmp_entries + tag: VP_PMP_F002_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F002_S002_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nPMP CSRs are only accessible to M-mode" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 2 PMP entries (the 2 first ones in incrementing order),\n\ + \ - reuse of VP_PMP_F002_S001_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST02(group) => FTR02-d\n [check that all 8 HW implemented + PMP entries are writable/readable in M-mode (L=0)]\n [check that no HW + implemented PMP entry are writable/readable in S or U modes (L=0)]\n \ + \ - random values may be used\n - before any configuration (after hart + reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST02-2 + (LOW-PRIO) = 2 times reuse/call of TST02-1\n[configure 2 PMP entries ([FTR02-b1]: + maybe mandatorily the 2 first ones): both with L=0,\n - check for PMP entry + (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in + S or U modes\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only\n - check for PMP entry (i) where + L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes]" +- 002_configure_N_pmp_entries: !Subfeature + name: 002_configure_N_pmp_entries + tag: VP_PMP_F002_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F002_S003_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nPMP CSRs are only accessible to M-mode" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure N PMP entries (the N first ones in incrementing order),\n\ + \ - reuse of VP_PMP_F002_S001_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST02(group) => FTR02-d\n [check that all 8 HW implemented + PMP entries are writable/readable in M-mode (L=0)]\n [check that no HW + implemented PMP entry are writable/readable in S or U modes (L=0)]\n \ + \ - random values may be used\n - before any configuration (after hart + reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST02-3 + (LOW-PRIO) = N times reuse/call of TST02-1\n[configure N PMP entries ([FTR02-b1]: + maybe mandatorily the N first ones): all with L=0,\n - check for PMP entry + (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in + S or U modes\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only\n - check for PMP entry (i) where + L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes]" +- 003_configure_8_pmp_entries: !Subfeature + name: 003_configure_8_pmp_entries + tag: VP_PMP_F002_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F002_S004_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nPMP CSRs are only accessible to M-mode" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure all 8 PMP entries (in incrementing order),\n - reuse + of VP_PMP_F002_S001_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST02(group) => FTR02-d\n [check that all 8 HW implemented + PMP entries are writable/readable in M-mode (L=0)]\n [check that no HW + implemented PMP entry are writable/readable in S or U modes (L=0)]\n \ + \ - random values may be used\n - before any configuration (after hart + reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST02-4 + (HIGH-PRIO) = 8 times reuse/call of TST02-1\n[configure 8 PMP entries: all + with L=0,\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are not writable/readable in S or U modes\n - check for PMP entry (i) where + L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only\n\ + \ - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are + not writable/readable in S or U modes]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP003.yml b/verif/docs/VerifPlans/PMP/VP_IP003.yml new file mode 100644 index 000000000..dbc0945d8 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP003.yml @@ -0,0 +1,277 @@ +!Feature +next_elt_id: 5 +name: CSRs locked access +id: 3 +display_order: 3 +subfeatures: !!omap +- 000_configure_1_pmp_entry: !Subfeature + name: 000_configure_1_pmp_entry + tag: VP_PMP_F003_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S001_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 1 PMP entry (the 1st one) with L=1,\n - write PMP + entry (i) with L=1 in M-mode\n - A is random, should also be tried with + A=OFF when L=1 (to cover feature above)\n - check PMP entry (i) written + value in M-mode\n - check for PMP entry (i) where L=1 that pmp(i)cfg and + pmpaddr(i) are effectively locked (M-mode check only)\n - also check for + PMP entry (i) where L=1 and pmp(i)cfg.A=TOR that pmpaddr(i-1) is effectively + locked\n - apply hart reset\n - check for PMP entry (i) reset value (read + zero) by reading in M mode\n - write PMP entry (i) in M-mode\n - check + PMP entry (i) written value in M-mode\n\nREUSABILITY\n - if possible, the + PMP entry number (i) is a configurable parameter\n - if possible, (L) value + is a configurable parameter\n - so the same sub-functions are reused with + varying (i) and (L) parameters" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-1 + (HIGH-PRIO)\n[configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first + one): with L=1,\n - if possible, the PMP entry number is a configurable + parameter\n - if possible, L value is a configurable parameter\n - check + for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively + locked whatever the SW mode => FTR08-a\n - check for PMP entry (i) where + L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes]" +- 001_configure_2_pmp_entries_L1: !Subfeature + name: 001_configure_2_pmp_entries_L1 + tag: VP_PMP_F003_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S002_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 2 PMP entries (the 2 first ones in incrementing order) + with L=1,\n - reuse of VP_PMP_F003_S001_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-2 + (LOW-PRIO) = 2 times reuse/call of TST02-1\n[configure 2 PMP entries ([FTR02-b1]: + maybe mandatorily the 2 first ones): both with L=1,\n - check for PMP entry + (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever + the SW mode => FTR08-a\n - check for PMP entry (i) where L=1 that pmp(i)cfg + and pmpaddr(i) are not writable/readable in S or U modes]" +- 002_configure_2_pmp_entries_L0_L1: !Subfeature + name: 002_configure_2_pmp_entries_L0_L1 + tag: VP_PMP_F003_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S003_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 2 PMP entries (the 2 first ones in incrementing order) + at least one with L=1 and one with L=0,\n - write PMP entry (i) with L=0/1 + in M-mode\n - A is random, should also be tried with A=OFF when L=1 (to + cover feature above)\n - check PMP entry (i) written value in M-mode\n\ + \ - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are + writable in M mode (read back the written value in M mode)\n - check for + PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked + (M-mode check only)\n - also check for PMP entry (i) where L=1 and pmp(i)cfg.A=TOR + that pmpaddr(i-1) is effectively locked\n - apply hart reset\n - check + for PMP entry (i) reset value (read zero) by reading in M mode\n - write + PMP entry (i) in M-mode\n - check PMP entry (i) written value in M-mode\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, (L) value is a configurable parameter\n - so + the same sub-functions are reused with varying (i) and (L) parameters" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-3 + (HIGH-PRIO) = 2 times reuse/call of TST02-1\n[configure 2 PMP entries ([FTR02-b1]: + maybe mandatorily the 2 first ones): one with L=1 and one with L=0,\n - + check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively + locked whatever the SW mode => FTR08-a\n - check for PMP entry (i) where + L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes\n\ + \ - check locked PMP entry (i) has no effect on unlocked PMP entry (j)\n\ + \ - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are + writable/readable in M-mode only\n - check for PMP entry (i) where L=0 + that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes]" +- 003_configure_N_pmp_entries: !Subfeature + name: 003_configure_N_pmp_entries + tag: VP_PMP_F003_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S004_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure N PMP entries (the N first ones in incrementing order) + at least one with L=1 and one with L=0,\n - reuse of VP_PMP_F003_S003_I000 + sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-4 + (LOW-PRIO) = N times reuse/call of TST02-1\n[configure N PMP entries ([FTR02-b1]: + maybe mandatorily the N first ones): at least one with L=1 and one with + L=0,\n - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) + are effectively locked whatever the SW mode => FTR08-a\n - check for PMP + entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable + in S or U modes\n - check locked PMP entry (i) has no effect on unlocked + PMP entry (j)\n - check for PMP entry (i) where L=0 that pmp(i)cfg and + pmpaddr(i) are writable/readable in M-mode only\n - check for PMP entry + (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in + S or U modes]" +- 004_configure_8_pmp_entries: !Subfeature + name: 004_configure_8_pmp_entries + tag: VP_PMP_F003_S005 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F003_S005_I000 + description: "{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\n\nThe L bit indicates that the PMP + entry is locked, i.e., writes to the configuration register and associated + address registers are ignored\nIf PMP entry (i) is locked, writes to pmp(i)cfg + and pmpaddr(i) are ignored\nLocked PMP entries remain locked until the hart + is reset\n\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nSetting the L bit locks the + PMP entry even when the A field is set to OFF\n\nAdditionally, if PMP entry + (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are + ignored" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure all 8 PMP entries (in incrementing order) at least + one with L=1 and one with L=0,\n - reuse of VP_PMP_F003_S003_I000 sequence" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST03(group) => FTR08-a and FTR08-b\n [check that HW + implemented PMP entries are not writable/readable in M-mode (L=1)]\n [check + that no HW implemented PMP entry are writable/readable in S or U modes (L=1)]\n\ + \ - before any configuration, check all pmp(i)cfg and pmpaddr(i) are + M-mode read zero\n - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg + and pmpaddr(i) maybe random values\n - execute following tests specific + checks\n - check only hart reset unlocks all => FTR08-b\n - check + reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero\n\nTST03-5 + (HIGH-PRIO) = 8 times reuse/call of TST02-1\n[configure 8 PMP entries: at + least one with L=1 and one with L=0,\n - check for PMP entry (i) where + L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW + mode => FTR08-a\n - check for PMP entry (i) where L=1 that pmp(i)cfg and + pmpaddr(i) are not writable/readable in S or U modes\n - check locked PMP + entry (i) has no effect on unlocked PMP entry (j)\n - check for PMP entry + (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode + only\n - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) + are not writable/readable in S or U modes]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP004.yml b/verif/docs/VerifPlans/PMP/VP_IP004.yml new file mode 100644 index 000000000..80ed9259c --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP004.yml @@ -0,0 +1,146 @@ +!Feature +next_elt_id: 4 +name: CSRs programming order +id: 4 +display_order: 4 +subfeatures: !!omap +- 000_configure_1_pmp_entry: !Subfeature + name: 000_configure_1_pmp_entry + tag: VP_PMP_F004_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F004_S001_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nthe lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)\nAll PMP CSR fields are WARL and may be read-only + zero (QUESTION: does read-only zero mean not implemented?)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure any PMP entry (i), but the first one\n - reuse of + VP_PMP_F003_S003_I000 sequence (Feature: \"CSRs locked access\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST04 => FTR02-b1 and FTR02-b2\n [check if the lowest-numbered + PMP CSRs must be programmed first before programming higher-numbered ones]\n + \nTST04-1 (LOW-PRIO) extends TST02-1\n[configure any PMP entry, but the + first one\n - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only\n - check for not configured PMP entry + (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero]" +- 001_configure_2_pmp_entries: !Subfeature + name: 001_configure_2_pmp_entries + tag: VP_PMP_F004_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F004_S002_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nthe lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)\nAll PMP CSR fields are WARL and may be read-only + zero (QUESTION: does read-only zero mean not implemented?)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure 2 non-adjacent PMP entries (highest-numbered ones + first) (avoid the first PMP entry)\n - reuse of VP_PMP_F003_S003_I000 sequence + (Feature: \"CSRs locked access\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST04 => FTR02-b1 and FTR02-b2\n [check if the lowest-numbered + PMP CSRs must be programmed first before programming higher-numbered ones]\n + \nTST04-2 (HIGH-PRIO) extends TST02-2\n[configure 2 non-adjacent PMP entries + (highest-numbered ones first) (avoid the first PMP entry)\n - check for + configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable + in M-mode only\n - check for not configured PMP entry (i), pmp(i)cfg and + pmpaddr(i) are M-mode read zero]" +- 002_configure_N_pmp_entries: !Subfeature + name: 002_configure_N_pmp_entries + tag: VP_PMP_F004_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F004_S003_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nthe lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)\nAll PMP CSR fields are WARL and may be read-only + zero (QUESTION: does read-only zero mean not implemented?)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure N PMP entries (highest-numbered ones first) (as non-adjacent + as possible, and avoid the first PMP entry)\n - reuse of VP_PMP_F003_S003_I000 + sequence (Feature: \"CSRs locked access\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST04 => FTR02-b1 and FTR02-b2\n [check if the lowest-numbered + PMP CSRs must be programmed first before programming higher-numbered ones]\n + \nTST04-3 (LOW-PRIO) extends TST02-3\n[configure N PMP entries (highest-numbered + ones first) (as non-adjacent as possible, and avoid the first PMP entry)\n\ + \ - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable + in M-mode only\n - check for not configured PMP entry (i), pmp(i)cfg and + pmpaddr(i) are M-mode read zero]" +- 003_configure_8_pmp_entries: !Subfeature + name: 003_configure_8_pmp_entries + tag: VP_PMP_F004_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F004_S004_I000 + description: "{Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures + V20211203}\n\nthe lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)\nAll PMP CSR fields are WARL and may be read-only + zero (QUESTION: does read-only zero mean not implemented?)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure all 8 PMP entries (highest-numbered ones first)\n\ + \ - reuse of VP_PMP_F003_S003_I000 sequence (Feature: \"CSRs locked access\"\ + )" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST04 => FTR02-b1 and FTR02-b2\n [check if the lowest-numbered + PMP CSRs must be programmed first before programming higher-numbered ones]\n + \nTST04-4 (HIGH-PRIO) extends TST02-4\n[configure 8 PMP entries (highest-numbered + ones first)\n - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) + are writable/readable in M-mode only]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP005.yml b/verif/docs/VerifPlans/PMP/VP_IP005.yml new file mode 100644 index 000000000..1c2955923 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP005.yml @@ -0,0 +1,90 @@ +!Feature +next_elt_id: 2 +name: CSRs Hardwired regions +id: 5 +display_order: 5 +subfeatures: !!omap +- 000_access with L=0: !Subfeature + name: 000_access with L=0 + tag: VP_PMP_F005_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F005_S001_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + Certain regions’ privileges can be hardwired: so only ever be visible in + machine mode but in no lower-privilege layers.\n\n{Section 3.7.1 Page 57 + Volume II: RISC-V Privileged Architectures V20211203}\nImplementations may + implement zero, 16, or 64 PMP CSRs\n\n{https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html}\n + A maximum of 16 PMP entries are supported.\nAll PMP CSRs are always implemented, + but CSRs (or bitfields of CSRs) related to PMP entries with number CVA6Cfg.NrPMPEntries + and above are hardwired to zero.\n\nTRISTAN\n8 PMP entries are implemented" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure the first 8 PMP entries with L=0\n - for each PMP + entry (i), check several times that pmp(i)cfg and pmpaddr(i) can be written + and can be read back exactly the same (in M-mode)\n\nfor the last 8 PMP + entries, check that pmp(i)cfg and pmpaddr(i) always read zero after being + written (in M-mode with L=0)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST05 => FTR01-c and FTR01-c-extended\n [check all + regions are configurable in M-mode to make sure none is hardwired]\n [regions + hardwired privileges might only ever be visible in M-mode]\n\nTST05-1 (HIGH-PRIO) + extends TST02-4\n - check the written pmp(i)cfg and pmpaddr(i) values can + be read exactly the same as written" +- 001_access with L=1: !Subfeature + name: 001_access with L=1 + tag: VP_PMP_F005_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F005_S002_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + Certain regions’ privileges can be hardwired: so only ever be visible in + machine mode but in no lower-privilege layers.\n\n{Section 3.7.1 Page 57 + Volume II: RISC-V Privileged Architectures V20211203}\nImplementations may + implement zero, 16, or 64 PMP CSRs\n\n{https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html}\n + A maximum of 16 PMP entries are supported.\nAll PMP CSRs are always implemented, + but CSRs (or bitfields of CSRs) related to PMP entries with number CVA6Cfg.NrPMPEntries + and above are hardwired to zero.\n\nTRISTAN\n8 PMP entries are implemented" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure the first 8 PMP entries with L=1\n - for each PMP + entry (i), check once that pmp(i)cfg and pmpaddr(i) can be written and can + be read back exactly the same (in M-mode)\n - apply hart reset\n - for + each PMP entry (i), check once that pmp(i)cfg and pmpaddr(i) can be written + and can be read back exactly the same (in M-mode)\n\nfor the last 8 PMP + entries, check that pmp(i)cfg and pmpaddr(i) always read zero after being + written (in M-mode with L=1)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST05 => FTR01-c and FTR01-c-extended\n [check all + regions are configurable in M-mode to make sure none is hardwired]\n [regions + hardwired privileges might only ever be visible in M-mode]\n\nTST05-2 (LOW-PRIO) + extends TST03-5\n - check the written pmp(i)cfg and pmpaddr(i) values can + be read exactly the same as written (before hart reset)" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP006.yml b/verif/docs/VerifPlans/PMP/VP_IP006.yml new file mode 100644 index 000000000..f59c2d356 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP006.yml @@ -0,0 +1,82 @@ +!Feature +next_elt_id: 2 +name: CSRs reserved values +id: 6 +display_order: 6 +subfeatures: !!omap +- 000_access with L=0: !Subfeature + name: 000_access with L=0 + tag: VP_PMP_F006_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F006_S001_I000 + description: "{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + \nThe R, W, and X fields form a collective WARL field for which the combinations + with R=0 and W=1 are reserved." + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "repeat following sequence several times on some PMP entries\n\ + \ - write totally random values to pmp(i)cfg and pmpaddr(i), but with L=0\n\ + \ - check all pmp(i)cfg and pmpaddr(i) can be read back exactly the same + as written except:\n - except with the reserved combinations [R=0 and + W=1]\n - except with A=NA4 which must not be selectable as G>0" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST06 => FTR04-a\n[PMP CSR fields are WARL: PMP entry + combinations with R=0 and W=1 are reserved/can’t be read]\n[permissions + fields could be randomly written; should we try randomization ?]\n\nTST06-1 + (HIGH-PRIO) extends TST02-4\n - write totally random values to pmp(i)cfg + and pmpaddr(i)\n - check all pmp(i)cfg and pmpaddr(i) can be read exactly + the same as written except for the reserved combinations with R=0 and W=1" +- 001_access with L=1: !Subfeature + name: 001_access with L=1 + tag: VP_PMP_F006_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F006_S002_I000 + description: "{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + \nThe R, W, and X fields form a collective WARL field for which the combinations + with R=0 and W=1 are reserved." + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "repeat following sequence several times on some PMP entries\n\ + \ - write totally random values to pmp(i)cfg and pmpaddr(i), but with L=1\n\ + \ - check all pmp(i)cfg and pmpaddr(i) can be read back exactly the same + as written:\n - except with the reserved combinations [R=0 and W=1]\n\ + \ - except with A=NA4 which must not be selectable as G>0\n - apply + hart reset" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST06 => FTR04-a\n[PMP CSR fields are WARL: PMP entry + combinations with R=0 and W=1 are reserved/can’t be read]\n[permissions + fields could be randomly written; should we try randomization ?]\n\nTST06-2 + (LOW-PRIO) extends TST03-5\n - write totally random values to pmp(i)cfg + and pmpaddr(i)\n - check all pmp(i)cfg and pmpaddr(i) can be read exactly + the same as written except for the reserved combinations with R=0 and W=1 + (before hart reset)" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP010.yml b/verif/docs/VerifPlans/PMP/VP_IP010.yml new file mode 100644 index 000000000..e44684c19 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP010.yml @@ -0,0 +1,128 @@ +!Feature +next_elt_id: 4 +name: no cfg matching/defined +id: 10 +display_order: 10 +subfeatures: !!omap +- 000_no matching entry - M mode access: !Subfeature + name: 000_no matching entry - M mode access + tag: VP_PMP_F010_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F010_S001_I000 + description: "{Page 60 Section \"Priority and Matching Logic\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nIf no PMP entry matches an + M-mode access, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: check M-mode access succeeds if no PMP entry matches + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR09-e\n[If no PMP entry matches an M-mode access, + the access succeeds]\n \nTST10-1 (HIGH-PRIO) => FTR09-e\n[check M-mode access + succeeds if no PMP entry matches]" +- 001_no defined entry - M mode access: !Subfeature + name: 001_no defined entry - M mode access + tag: VP_PMP_F010_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F010_S002_I000 + description: "{Page 60 Section \"Priority and Matching Logic\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nIf no PMP entry matches an + M-mode access, the access succeeds\nQUESTION: what happens if no PMP entry + is implemented ?\nASSUMPTION: access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: check M-mode access succeeds if no PMP entry defined + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR09-e-question\n[what happens if no PMP entry is implemented + ?]\n \nTST10-2 (HIGH-PRIO) => FTR09-e-question\n[check M-mode access succeeds + if no PMP entry defined]" +- 002_no matching entry - S/U mode access: !Subfeature + name: 002_no matching entry - S/U mode access + tag: VP_PMP_F010_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F010_S003_I000 + description: "{Page 60 Section \"Priority and Matching Logic\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nIf no PMP entry matches an + S-mode or U-mode access, but at least one PMP entry is implemented, the + access fails" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: check S or U mode access fails when no PMP entry matching and + at least one PMP entry implemented + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR09-f\n[If no PMP entry matches an S-mode or U-mode + access, but at least one PMP entry is implemented, the access fails]\n\n + TST10-3 (HIGH-PRIO) => FTR09-f\n[check S or U mode access fails when no + PMP entry matching and at least one PMP entry implemented]" +- 003_no defined entry - S/U mode access: !Subfeature + name: 003_no defined entry - S/U mode access + tag: VP_PMP_F010_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F010_S004_I000 + description: "{Page 60 Section \"Priority and Matching Logic\" Volume II: + RISC-V Privileged Architectures V20211203}\n\nIf no PMP entry matches an + S-mode or U-mode access, but at least one PMP entry is implemented, the + access fails\nQUESTION: what happens if no PMP entry is implemented ?\n + ASSUMPTION: access fails" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: check S or U mode access fails when no PMP entry implemented + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR09-f-question\n[what happens if no PMP entry is implemented + ?]\n \nTST10-4 (HIGH-PRIO) => FTR09-f-question\n[check S or U mode access + fails when no PMP entry implemented]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP011.yml b/verif/docs/VerifPlans/PMP/VP_IP011.yml new file mode 100644 index 000000000..07e7d1115 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP011.yml @@ -0,0 +1,2069 @@ +!Feature +next_elt_id: 30 +name: cfg NA4 access S/U (G=0) +id: 11 +display_order: 11 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F011_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S011_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch inside defined NA4 + address range with execute permissions and with L=0\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-11 (HIGH-PRIO)\n [with L=0 => FTR08-e2-2 (refers to + FTR09-d2-2),\n - configure the PMP entry with execute permissions for the + PMP region\n - fetch an instruction from that region (with exact address-matching)\n\ + \ - check no access-fault exception]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F011_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S012_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to fetch an instruction from a PMP region that does not have + execute permissions raises an instruction access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch inside defined NA4 + address range without execute permissions and with L=0\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=0, L=0, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-b\n + [Attempting to fetch an instruction from a PMP region that does not have + execute permissions raises an instruction access-fault exception]\n \nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-12 (MEDIUM-PRIO)\n[with L=0 => FTR08-e2-2 (refers + to FTR09-d2-2),\n - configure the PMP entry without execute permissions + for the PMP region\n - fetch an instruction from that region (with exact + address-matching)\n - check instruction fetch access-fault exception raised + => FTR04-b]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F011_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S013_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch from outside defined + NA4 address range with execute permissions and with L=0\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from outside all PMP defined regions\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-13 (MEDIUM-PRIO)\n [with L=0 => FTR08-e2-2 (refers + to FTR09-d2-2),\n - configure the PMP entry with execute permissions for + the PMP region\n - fetch an instruction from outside all PMP defined regions\n\ + \ - check instruction fetch access-fault exception raised]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F011_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S014_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch inside defined NA4 + address range with execute permissions and with L=1\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-14 (LOW-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry with execute permissions + for the PMP region\n - fetch an instruction from that region (with exact + address-matching)\n - check no access-fault exception]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F011_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S015_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to fetch an instruction + from a PMP region that does not have execute permissions raises an instruction + access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch inside defined NA4 + address range without execute permissions and with L=1\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=0, L=1, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-b\n + [Attempting to fetch an instruction from a PMP region that does not have + execute permissions raises an instruction access-fault exception]\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-15 (LOW-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry without execute permissions + for the PMP region\n - fetch an instruction from that region (with exact + address-matching)\n - check instruction fetch access-fault exception raised + => FTR04-b]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F011_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S016_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access instruction fetch from outside defined + NA4 address range with execute permissions and with L=1\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from outside all PMP defined regions\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-1x(group) + => FTR01-d\n [PMP check on instruction fetch where effective privilege + mode is S or U:\n - choose an executable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access instruction fetch in + S and U mode]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-16 (LOW-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry with execute permissions + for the PMP region\n - fetch an instruction from outside all PMP defined + regions\n - check instruction fetch access-fault exception raised]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F011_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S021_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range with read permissions and with L=0\n \ + \ - choose a readable pmp region and address range\n - choose only one + PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n\nCHECK\n - check no access-fault exception\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-2x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP + entries with A=2 (NA4) and with/without matching permissions\n - check + only NA4 defined addresses are matching]\nTST11-21 (HIGH-PRIO)\n[with L=0 + => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry with + read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check no + access-fault exception]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F011_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S022_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range without read permissions and with L=0\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n\nCHECK\n - check load access-fault exception + raised\n\nREUSABILITY\n - if possible, the PMP entry number (i) is a + configurable parameter\n - if possible, the PMP entry lock (L) is a configurable + parameter\n - if possible, the PMP entry permissions (R,W,X) are configurable + parameters\n - if possible, the PMP entry adress-matching mode (A) is + a configurable parameter\n - if possible, the PMP entry address range + (pmpaddr) is a configurable parameter\n - if possible, the PMP entry + associated access address is a configurable parameter\n - so a single + CONFIGURATION function and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-c\n + [Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception]\n\nTST11-2x(group) => FTR01-d\n [PMP check + on load or load-reserved instruction where effective privilege mode is S + or U:\n - choose a data readable pmp region and address range\n - + choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n\ + \ - if possible, the PMP entry number is a configurable parameter\n \ + \ - choose pmpcfg(i).A=NA4\n - single access data load in S and U mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST11-22 (MEDIUM-PRIO)\n[with L=0 => FTR08-e2-2 + (refers to FTR09-d2-2),\n - configure the PMP entry without read permissions + for the PMP region\n - execute a load or load-reserved instruction from + that region (with exact address-matching)\n - check load access-fault exception + raised => FTR04-c]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F011_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S023_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + from outside defined NA4 address range with read permissions and with L=0\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n\nCHECK\n - check load access-fault exception raised\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-2x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP + entries with A=2 (NA4) and with/without matching permissions\n - check + only NA4 defined addresses are matching]\nTST11-23 (MEDIUM-PRIO)\n[with + L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry with + read permissions for the PMP region\n - execute a load or load-reserved + instruction from outside all PMP defined regions\n - check load access-fault + exception raised]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F011_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S024_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range with read permissions and with L=1\n \ + \ - choose a readable pmp region and address range\n - choose only one + PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n\nCHECK\n - check no access-fault exception\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-2x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP + entries with A=2 (NA4) and with/without matching permissions\n - check + only NA4 defined addresses are matching]\nTST11-24 (LOW-PRIO)\n[with L=1 + => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure the + PMP entry with read permissions for the PMP region\n - execute a load or + load-reserved instruction from that region (with exact address-matching)\n\ + \ - check no access-fault exception]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F011_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S025_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to execute a + load or load-reserved instruction which accesses a physical address within + a PMP region without read permissions raises a load access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range without read permissions and with L=1\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n\nCHECK\n - check load access-fault exception + raised\n\nREUSABILITY\n - if possible, the PMP entry number (i) is a + configurable parameter\n - if possible, the PMP entry lock (L) is a configurable + parameter\n - if possible, the PMP entry permissions (R,W,X) are configurable + parameters\n - if possible, the PMP entry adress-matching mode (A) is + a configurable parameter\n - if possible, the PMP entry address range + (pmpaddr) is a configurable parameter\n - if possible, the PMP entry + associated access address is a configurable parameter\n - so a single + CONFIGURATION function and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-c\n + [Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception]\n \nTST11-2x(group) => FTR01-d\n [PMP check + on load or load-reserved instruction where effective privilege mode is S + or U:\n - choose a data readable pmp region and address range\n - + choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n\ + \ - if possible, the PMP entry number is a configurable parameter\n \ + \ - choose pmpcfg(i).A=NA4\n - single access data load in S and U mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST11-25 (LOW-PRIO)\n [with L=1 => FTR08-e1 (refers + to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry without + read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check load + access-fault exception raised => FTR04-c]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F011_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S026_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + from outside defined NA4 address range with read permissions and with L=1\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n\nCHECK\n - check load access-fault exception raised\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-2x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP + entries with A=2 (NA4) and with/without matching permissions\n - check + only NA4 defined addresses are matching]\nTST11-26 (LOW-PRIO)\n[with L=1 + => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure the + PMP entry with read permissions for the PMP region\n - execute a load or + load-reserved instruction from outside all PMP defined regions\n - check + load access-fault exception raised]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F011_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S031_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=0\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-3x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in S and U mode when the bit mstatus.MPRV=0]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-31 (HIGH-PRIO)\n + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry + with write permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + no access-fault exception]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F011_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S032_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-d\n + [Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nTST11-3x(group) => FTR01-d\n \ + \ [PMP check on store, store-conditional, or AMO instruction where effective + privilege mode is S or U:\n - choose a data writable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data store + in S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST11-32 (MEDIUM-PRIO)\n + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry + without write permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + store access-fault exception raised => FTR04-d]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F011_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S033_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-3x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in S and U mode when the bit mstatus.MPRV=0]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-33 (MEDIUM-PRIO)\n + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry + with write permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n - check store access-fault + exception raised]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F011_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S034_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=1\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-3x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in S and U mode when the bit mstatus.MPRV=0]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-34 (LOW-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry with write permissions for the PMP region\n - execute a store, + store-conditional, or AMO instruction to that region (with exact address-matching)\n\ + \ - check no access-fault exception]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F011_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S035_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to execute a + store, store-conditional, or AMO instruction which accesses a physical address + within a PMP region without write permissions raises a store access-fault + exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-d\n + [Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nTST11-3x(group) => FTR01-d\n \ + \ [PMP check on store, store-conditional, or AMO instruction where effective + privilege mode is S or U:\n - choose a data writable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data store + in S and U mode when the bit mstatus.MPRV=0]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST11-35 (LOW-PRIO)\n[with + L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry without write permissions for the PMP region\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n - check store access-fault exception raised => FTR04-d]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F011_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S036_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-3x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in S and U mode when the bit mstatus.MPRV=0]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-36 (LOW-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry with write permissions for the PMP region\n - execute a store, + store-conditional, or AMO instruction to outside all PMP defined regions\n\ + \ - check store access-fault exception raised]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F011_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S041_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range with read permissions and with L=0\n \ + \ - choose a readable pmp region and address range\n - choose only one + PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from that region (with exact address-matching)\n\nCHECK\n - check no + access-fault exception\n\nREUSABILITY\n - if possible, the PMP entry + number (i) is a configurable parameter\n - if possible, the PMP entry + lock (L) is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-4x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST11-41 + (LOWEST-PRIO)\n [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure + the PMP entry with read permissions for the PMP region\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \ - check no access-fault exception]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F011_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S042_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range without read permissions and with L=0\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from that region (with exact address-matching)\n\nCHECK\n - check load + access-fault exception raised\n\nREUSABILITY\n - if possible, the PMP + entry number (i) is a configurable parameter\n - if possible, the PMP + entry lock (L) is a configurable parameter\n - if possible, the PMP entry + permissions (R,W,X) are configurable parameters\n - if possible, the + PMP entry adress-matching mode (A) is a configurable parameter\n - if + possible, the PMP entry address range (pmpaddr) is a configurable parameter\n\ + \ - if possible, the PMP entry associated access address is a configurable + parameter\n - so a single CONFIGURATION function and a single ACCESS + function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-c\n + [Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception]\n\nTST11-4x(group) => FTR01-d\n [PMP check + on load or load-reserved instruction where effective privilege mode is S + or U:\n - choose a data readable pmp region and address range\n - + choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n\ + \ - if possible, the PMP entry number is a configurable parameter\n \ + \ - choose pmpcfg(i).A=NA4\n - single access data load in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-42 (LOWEST-PRIO)\n + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure the PMP entry + without read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check load + access-fault exception raised => FTR04-c]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F011_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S043_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + from outside defined NA4 address range with read permissions and with L=0\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from outside all PMP defined regions\n\nCHECK\n - check load access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-4x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST11-43 + (LOWEST-PRIO)\n [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n - configure + the PMP entry with read permissions for the PMP region\n - execute a load + or load-reserved instruction from outside all PMP defined regions\n - check + load access-fault exception raised]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F011_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S044_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range with read permissions and with L=1\n \ + \ - choose a readable pmp region and address range\n - choose only one + PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from that region (with exact address-matching)\n\nCHECK\n - check no + access-fault exception\n\nREUSABILITY\n - if possible, the PMP entry + number (i) is a configurable parameter\n - if possible, the PMP entry + lock (L) is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-4x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST11-44 + (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n\ + \ - configure the PMP entry with read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n - check no access-fault exception]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F011_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S045_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to execute a + load or load-reserved instruction which accesses a physical address within + a PMP region without read permissions raises a load access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + inside defined NA4 address range without read permissions and with L=1\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from that region (with exact address-matching)\n\nCHECK\n - check load + access-fault exception raised\n\nREUSABILITY\n - if possible, the PMP + entry number (i) is a configurable parameter\n - if possible, the PMP + entry lock (L) is a configurable parameter\n - if possible, the PMP entry + permissions (R,W,X) are configurable parameters\n - if possible, the + PMP entry adress-matching mode (A) is a configurable parameter\n - if + possible, the PMP entry address range (pmpaddr) is a configurable parameter\n\ + \ - if possible, the PMP entry associated access address is a configurable + parameter\n - so a single CONFIGURATION function and a single ACCESS + function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-c\n + [Attempting to execute a load or load-reserved instruction which accesses + a physical address within a PMP region without read permissions raises a + load access-fault exception]\n \nTST11-4x(group) => FTR01-d\n [PMP check + on load or load-reserved instruction where effective privilege mode is S + or U:\n - choose a data readable pmp region and address range\n - + choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n\ + \ - if possible, the PMP entry number is a configurable parameter\n \ + \ - choose pmpcfg(i).A=NA4\n - single access data load in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\nTST11-45 (LOWEST-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry without read permissions for the PMP region\n - execute a + load or load-reserved instruction from that region (with exact address-matching)\n\ + \ - check load access-fault exception raised => FTR04-c]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F011_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S046_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access load or load-reserved instruction + from outside defined NA4 address range with read permissions and with L=1\n\ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains S or U\n\nACCESS\n - execute a load or load-reserved instruction + from outside all PMP defined regions\n\nCHECK\n - check load access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-4x(group) + => FTR01-d\n [PMP check on load or load-reserved instruction where effective + privilege mode is S or U:\n - choose a data readable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST11-46 + (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n\ + \ - configure the PMP entry with read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n - check load access-fault exception raised]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F011_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S051_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=0\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n\nCHECK\n\ + \ - check no access-fault exception\n\nREUSABILITY\n - if possible, + the PMP entry number (i) is a configurable parameter\n - if possible, + the PMP entry lock (L) is a configurable parameter\n - if possible, the + PMP entry permissions (R,W,X) are configurable parameters\n - if possible, + the PMP entry adress-matching mode (A) is a configurable parameter\n \ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-5x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP + contains S or U]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-51 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-2 (refers + to FTR09-d2-2),\n - configure the PMP entry with write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to that region (with exact address-matching)\n - check no access-fault + exception]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F011_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S052_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set\n\n{Page 58 Volume II: RISC-V Privileged Architectures V20211203}\n + Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n\nCHECK\n\ + \ - check store access-fault exception raised\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nFTR04-d\n + [Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nTST11-5x(group) => FTR01-d\n \ + \ [PMP check on store, store-conditional, or AMO instruction where effective + privilege mode is S or U:\n - choose a data writable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data store + in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or + U]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST11-52 (LOWEST-PRIO)\n [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2),\n\ + \ - configure the PMP entry without write permissions for the PMP region\n\ + \ - execute a store, store-conditional, or AMO instruction to that region + (with exact address-matching)\n - check store access-fault exception raised + => FTR04-d]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F011_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S053_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is clear, the R/W/X + permissions apply only to S and U modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n\nCHECK\n - check + store access-fault exception raised\n\nREUSABILITY\n - if possible, the + PMP entry number (i) is a configurable parameter\n - if possible, the + PMP entry lock (L) is a configurable parameter\n - if possible, the PMP + entry permissions (R,W,X) are configurable parameters\n - if possible, + the PMP entry adress-matching mode (A) is a configurable parameter\n \ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e2-2 (refers to + FTR09-d2-2)\n [When the L bit is clear, the R/W/X permissions apply only + to S and U modes]\n FTR09-d2-2 (L=0 refers to FTR08-e2-2)\n[if the privilege + mode of the access is S or U (whatever L), then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\n\nTST11-5x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP + contains S or U]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-53 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-2 (refers + to FTR09-d2-2),\n - configure the PMP entry with write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to outside all PMP defined regions\n - check store access-fault exception + raised]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F011_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S054_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=1\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n\nCHECK\n\ + \ - check no access-fault exception\n\nREUSABILITY\n - if possible, + the PMP entry number (i) is a configurable parameter\n - if possible, + the PMP entry lock (L) is a configurable parameter\n - if possible, the + PMP entry permissions (R,W,X) are configurable parameters\n - if possible, + the PMP entry adress-matching mode (A) is a configurable parameter\n \ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-5x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP + contains S or U]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-54 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + no access-fault exception]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F011_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S055_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset\n\n{Page 58 Volume + II: RISC-V Privileged Architectures V20211203}\nAttempting to execute a + store, store-conditional, or AMO instruction which accesses a physical address + within a PMP region without write permissions raises a store access-fault + exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n\nCHECK\n\ + \ - check store access-fault exception raised\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nFTR04-d\n + [Attempting to execute a store, store-conditional, or AMO instruction which + accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nTST11-5x(group) => FTR01-d\n \ + \ [PMP check on store, store-conditional, or AMO instruction where effective + privilege mode is S or U:\n - choose a data writable pmp region and address + range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily + the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data store + in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or + U]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST11-55 (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers + to FTR09-d2-1),\n - configure the PMP entry without write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to that region (with exact address-matching)\n - check store access-fault + exception raised => FTR04-d]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F011_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F011_S056_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks are applied to all accesses whose effective privilege mode is + S or U\n\n{Page 60 Section \"Locking and Privilege Mode\" Volume II: RISC-V + Privileged Architectures V20211203}\nWhen the L bit is set, these permissions + are enforced for all privilege modes\n\n{Page 60 Section \"Priority and + Matching Logic\" Volume II: RISC-V Privileged Architectures V20211203}\n + if the L bit is set, then the access succeeds only if the R, W, or X bit + corresponding to the access type is set\n\n{Page 60 Section \"Locking and + Privilege Mode\" Volume II: RISC-V Privileged Architectures V20211203}\n + Locked PMP entries remain locked until the hart is reset" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "S or U mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains S or U\n\nACCESS\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n\nCHECK\n - check + store access-fault exception raised\n\nREUSABILITY\n - if possible, the + PMP entry number (i) is a configurable parameter\n - if possible, the + PMP entry lock (L) is a configurable parameter\n - if possible, the PMP + entry permissions (R,W,X) are configurable parameters\n - if possible, + the PMP entry adress-matching mode (A) is a configurable parameter\n \ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-d\n[PMP checks are applied to all accesses whose effective privilege + mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\nFTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1)\n [When the L bit is set, these permissions + are enforced for all privilege modes]\n FTR09-d2-1 (refers to FTR08-e1) + (refers to FTR01-f)\n [if the L bit is set, then the access succeeds only + if the R, W, or X bit corresponding to the access type is set]\nFTR08-b\n + [Locked PMP entries remain locked until the hart is reset]\n\nTST11-5x(group) + => FTR01-d\n [PMP check on store, store-conditional, or AMO instruction + where effective privilege mode is S or U:\n - choose a data writable + pmp region and address range\n - choose only one PMP entry (i) ([FTR02-b1]: + maybe mandatorily the 1st one)\n - if possible, the PMP entry number + is a configurable parameter\n - choose pmpcfg(i).A=NA4\n - single + access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP + contains S or U]\n [create scenarios where PMP entries with A=2 (NA4) and + with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST11-56 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n - check store access-fault + exception raised]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP012.yml b/verif/docs/VerifPlans/PMP/VP_IP012.yml new file mode 100644 index 000000000..5c4b0bee5 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP012.yml @@ -0,0 +1,2052 @@ +!Feature +next_elt_id: 30 +name: cfg NA4 access M (G=0) +id: 12 +display_order: 12 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F012_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S011_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch inside defined NA4 address + range with execute permissions and with L=0\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-11 (LOW-PRIO)\n [with + L=0 => FTR08-e2-1 (refers to FTR09-d1),\n - configure the PMP entry with + execute permissions for the PMP region\n - fetch an instruction from that + region (with exact address-matching)\n - check no access-fault exception]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F012_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S012_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch inside defined NA4 address + range without execute permissions and with L=0\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=0, L=0, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-12 (LOW-PRIO)\n [with + L=0 => FTR08-e2-1 (refers to FTR09-d1),\n - configure the PMP entry without + execute permissions for the PMP region\n - fetch an instruction from that + region (with exact address-matching)\n - check no access-fault exception]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F012_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S013_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch from outside defined + NA4 address range with execute permissions and with L=0\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from outside all PMP defined regions\n\ + \nCHECK\n - check no access-fault exception (Feature: \"no cfg matching\"\ + )\n\nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-13 (LOW-PRIO)\n [with + L=0 => FTR08-e2-1 (refers to FTR09-d1),\n - configure the PMP entry with + execute permissions for the PMP region\n - fetch an instruction from outside + all PMP defined regions\n - check no access-fault exception] //TODO: CHECK + IF M-MODE ALLOWED" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F012_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S014_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch inside defined NA4 address + range with execute permissions and with L=1\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-14 (HIGH-PRIO)\n [with + L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry with execute permissions for the PMP region\n - fetch an + instruction from that region (with exact address-matching)\n - check no + access-fault exception]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F012_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S015_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + fetch an instruction from a PMP region that does not have execute permissions + raises an instruction access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch inside defined NA4 address + range without execute permissions and with L=1\n - choose an executable + pmp region and address range\n - choose only one PMP entry (i)\n\nCONFIGURATION\n\ + \ - pmpcfg(i): A=NA4, X=0, L=1, R/W:random, with reserve on R=0 & W=1\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - fetch an instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check instruction fetch access-fault exception raised\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-b\n[Attempting to fetch an instruction from a PMP region that does + not have execute permissions raises an instruction access-fault exception]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n \nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-15 (MEDIUM-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry without execute permissions for the PMP region\n - fetch + an instruction from that region (with exact address-matching)\n - check + instruction fetch access-fault exception raised => FTR04-b]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F012_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S016_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access instruction fetch from outside defined + NA4 address range with execute permissions and with L=1\n - choose an + executable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with + reserve on R=0 & W=1\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\ + \nACCESS\n - fetch an instruction from outside all PMP defined regions\n\ + \nCHECK\n - check no access-fault exception (Feature: \"no cfg matching\"\ + )\n\nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-1x(group) => FTR01-f\n [PMP check + on instruction fetch where effective privilege mode is M:\n - choose + an executable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access instruction fetch in M mode]\n [create scenarios where + PMP entries with A=2 (NA4) and with/without matching permissions\n - + check only NA4 defined addresses are matching]\nTST12-16 (HIGH-PRIO)\n [with + L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry with execute permissions for the PMP region\n - fetch an + instruction from outside all PMP defined regions\n - check no access-fault + exception] //TODO: CHECK IF M-MODE ALLOWED" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F012_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S021_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range with read permissions and with L=0\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n - + execute a load or load-reserved instruction from that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-21 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers to \ + \ FTR09-d1)\n - configure the PMP entry with read permissions for the PMP + region\n - execute a load or load-reserved instruction from that region + (with exact address-matching)\n - check no access-fault exception]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F012_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S022_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range without read permissions and with L=0\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=0, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n - + execute a load or load-reserved instruction from that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-22 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers to \ + \ FTR09-d1)\n - configure the PMP entry without read permissions for the + PMP region\n - execute a load or load-reserved instruction from that region + (with exact address-matching)\n - check no access-fault exception]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F012_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S023_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction from + outside defined NA4 address range with read permissions and with L=0\n \ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n\nCHECK\n - check no access-fault exception (Feature: \"no cfg + matching\")\n\nREUSABILITY\n - if possible, the PMP entry number (i) + is a configurable parameter\n - if possible, the PMP entry lock (L) is + a configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-23 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers to \ + \ FTR09-d1)\n - configure the PMP entry with read permissions for the PMP + region\n - execute a load or load-reserved instruction from outside all + PMP defined regions\n - check no access-fault exception] //TODO: CHECK + IF M-MODE ALLOWED" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F012_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S024_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range with read permissions and with L=1\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n - + execute a load or load-reserved instruction from that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-24 (HIGH-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry with read permissions + for the PMP region\n - execute a load or load-reserved instruction from + that region (with exact address-matching)\n - check no access-fault exception]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F012_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S025_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + execute a load or load-reserved instruction which accesses a physical address + within a PMP region without read permissions raises a load access-fault + exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range without read permissions and with L=1\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=1, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n - + execute a load or load-reserved instruction from that region (with exact + address-matching)\n\nCHECK\n - check load access-fault exception raised\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-c\n[Attempting to execute a load or load-reserved instruction which + accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\nFTR02-b1\n[the lowest-numbered + PMP CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nTST12-2x(group) => FTR01-f\n [PMP check on load or load-reserved instruction + where effective privilege mode is M:\n - choose a data readable pmp region + and address range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe + mandatorily the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + M mode when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST12-25 (MEDIUM-PRIO)\n[with L=1 => FTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry + without read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check load + access-fault exception raised => FTR04-c]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F012_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S026_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction from + outside defined NA4 address range with read permissions and with L=1\n \ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\nACCESS\n \ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n\nCHECK\n - check no access-fault exception (Feature: \"no cfg + matching\")\n\nREUSABILITY\n - if possible, the PMP entry number (i) + is a configurable parameter\n - if possible, the PMP entry lock (L) is + a configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-2x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in M mode when the + bit mstatus.MPRV=0]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-26 (HIGH-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) + (refers to FTR09-d2-1),\n - configure the PMP entry with read permissions + for the PMP region\n - execute a load or load-reserved instruction from + outside all PMP defined regions\n - check no access-fault exception] //TODO: + CHECK IF M-MODE ALLOWED" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F012_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S031_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=0\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-31 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers + to FTR09-d1)\n - configure the PMP entry with write permissions for the + PMP region\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n - check no access-fault exception]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F012_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S032_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-32 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers + to FTR09-d1)\n - configure the PMP entry without write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to that region (with exact address-matching)\n - check no access-fault + exception]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F012_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S033_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n\nCHECK\n - check no access-fault exception + (Feature: \"no cfg matching\")\n\nREUSABILITY\n - if possible, the PMP + entry number (i) is a configurable parameter\n - if possible, the PMP + entry lock (L) is a configurable parameter\n - if possible, the PMP entry + permissions (R,W,X) are configurable parameters\n - if possible, the + PMP entry adress-matching mode (A) is a configurable parameter\n - if + possible, the PMP entry address range (pmpaddr) is a configurable parameter\n\ + \ - if possible, the PMP entry associated access address is a configurable + parameter\n - so a single CONFIGURATION function and a single ACCESS + function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-33 (LOW-PRIO)\n[with L=0 => FTR08-e2-1 (refers + to FTR09-d1)\n - configure the PMP entry with write permissions for the + PMP region\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n - check no access-fault exception] //TODO: + CHECK IF M-MODE ALLOWED" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F012_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S034_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=1\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check no access-fault + exception\n\nREUSABILITY\n - if possible, the PMP entry number (i) is + a configurable parameter\n - if possible, the PMP entry lock (L) is a + configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-34 (HIGH-PRIO)\n[with L=1 => FTR08-e1 (refers + to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + no access-fault exception]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F012_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S035_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + execute a store, store-conditional, or AMO instruction which accesses a + physical address within a PMP region without write permissions raises a + store access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n\nCHECK\n - check store access-fault + exception raised\n\nREUSABILITY\n - if possible, the PMP entry number + (i) is a configurable parameter\n - if possible, the PMP entry lock (L) + is a configurable parameter\n - if possible, the PMP entry permissions + (R,W,X) are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-d\n[Attempting to execute a store, store-conditional, or AMO instruction + which accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nFTR02-b1\n[the lowest-numbered + PMP CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \n TST12-3x(group) => FTR01-f\n [PMP check on store, store-conditional, + or AMO instruction where effective privilege mode is M:\n - choose a + data writable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access data store in M mode when the bit mstatus.MPRV=0]\n\ + \ [create scenarios where PMP entries with A=2 (NA4) and with/without matching + permissions\n - check only NA4 defined addresses are matching]\nTST12-35 + (MEDIUM-PRIO)\n[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n\ + \ - configure the PMP entry without write permissions for the PMP region\n\ + \ - execute a store, store-conditional, or AMO instruction to that region + (with exact address-matching)\n - check store access-fault exception raised + => FTR04-d]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F012_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S036_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=0\n\n\ + ACCESS\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n\nCHECK\n - check no access-fault exception + (Feature: \"no cfg matching\")\n\nREUSABILITY\n - if possible, the PMP + entry number (i) is a configurable parameter\n - if possible, the PMP + entry lock (L) is a configurable parameter\n - if possible, the PMP entry + permissions (R,W,X) are configurable parameters\n - if possible, the + PMP entry adress-matching mode (A) is a configurable parameter\n - if + possible, the PMP entry address range (pmpaddr) is a configurable parameter\n\ + \ - if possible, the PMP entry associated access address is a configurable + parameter\n - so a single CONFIGURATION function and a single ACCESS + function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-3x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in M mode + when the bit mstatus.MPRV=0]\n [create scenarios where PMP entries with + A=2 (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-36 (HIGH-PRIO)\n[with L=1 => FTR08-e1 (refers + to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n - check no access-fault + exception] //TODO: CHECK IF M-MODE ALLOWED" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F012_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S041_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range with read permissions and with L=0\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-41 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to FTR09-d1)\n\ + \ - configure the PMP entry with read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n - check no access-fault exception]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F012_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S042_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range without read permissions and with L=0\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=0, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-42 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to FTR09-d1)\n\ + \ - configure the PMP entry without read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from that region (with + exact address-matching)\n - check no access-fault exception]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F012_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S043_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction from + outside defined NA4 address range with read permissions and with L=0\n \ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=0, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from outside all PMP defined regions\n\nCHECK\n\ + \ - check no access-fault exception (Feature: \"no cfg matching\")\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-43 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to FTR09-d1)\n\ + \ - configure the PMP entry with read permissions for the PMP region\n\ + \ - execute a load or load-reserved instruction from outside all PMP defined + regions\n - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F012_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S044_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range with read permissions and with L=1\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check no access-fault exception\n\nREUSABILITY\n - if + possible, the PMP entry number (i) is a configurable parameter\n - if + possible, the PMP entry lock (L) is a configurable parameter\n - if possible, + the PMP entry permissions (R,W,X) are configurable parameters\n - if + possible, the PMP entry adress-matching mode (A) is a configurable parameter\n\ + \ - if possible, the PMP entry address range (pmpaddr) is a configurable + parameter\n - if possible, the PMP entry associated access address is + a configurable parameter\n - so a single CONFIGURATION function and a + single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-44 (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers + to FTR09-d2-1),\n - configure the PMP entry with read permissions for the + PMP region\n - execute a load or load-reserved instruction from that region + (with exact address-matching)\n - check no access-fault exception]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F012_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S045_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + execute a load or load-reserved instruction which accesses a physical address + within a PMP region without read permissions raises a load access-fault + exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction inside + defined NA4 address range without read permissions and with L=1\n - choose + a readable pmp region and address range\n - choose only one PMP entry + (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=0, L=1, X/W:random\n \ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from that region (with exact address-matching)\n\ + \nCHECK\n - check load access-fault exception raised\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-c\n[Attempting to execute a load or load-reserved instruction which + accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\nFTR02-b1\n[the lowest-numbered + PMP CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nTST12-4x(group) => FTR01-f\n [PMP check on load or load-reserved instruction + where effective privilege mode is M:\n - choose a data readable pmp region + and address range\n - choose only one PMP entry (i) ([FTR02-b1]: maybe + mandatorily the 1st one)\n - if possible, the PMP entry number is a configurable + parameter\n - choose pmpcfg(i).A=NA4\n - single access data load in + any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: + CHECK IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 + (NA4) and with/without matching permissions\n - check only NA4 defined + addresses are matching]\nTST12-45 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers + to FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry without + read permissions for the PMP region\n - execute a load or load-reserved + instruction from that region (with exact address-matching)\n - check load + access-fault exception raised => FTR04-c]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F012_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S046_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access load or load-reserved instruction from + outside defined NA4 address range with read permissions and with L=1\n \ + \ - choose a readable pmp region and address range\n - choose only + one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, R=1, L=1, X/W:random\n\ + \ - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and mstatus.MPP + contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute a load + or load-reserved instruction from outside all PMP defined regions\n\nCHECK\n\ + \ - check no access-fault exception (Feature: \"no cfg matching\")\n\n\ + REUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-4x(group) => FTR01-f\n [PMP check + on load or load-reserved instruction where effective privilege mode is M:\n\ + \ - choose a data readable pmp region and address range\n - choose + only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n \ + \ - if possible, the PMP entry number is a configurable parameter\n - + choose pmpcfg(i).A=NA4\n - single access data load in any mode when the + bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING + SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) and with/without + matching permissions\n - check only NA4 defined addresses are matching]\n + TST12-46 (LOWEST-PRIO)\n [with L=1 => FTR08-e1 (refers to FTR01-f) (refers + to FTR09-d2-1),\n - configure the PMP entry with read permissions for the + PMP region\n - execute a load or load-reserved instruction from outside + all PMP defined regions\n - check no access-fault exception] //TODO: CHECK + IF M-MODE ALLOWED" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F012_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S051_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=0\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-51 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to\ + \ FTR09-d1)\n - configure the PMP entry with write permissions for the + PMP region\n - execute a store, store-conditional, or AMO instruction to + that region (with exact address-matching)\n - check no access-fault exception]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F012_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S052_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-52 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to\ + \ FTR09-d1)\n - configure the PMP entry without write permissions for + the PMP region\n - execute a store, store-conditional, or AMO instruction + to that region (with exact address-matching)\n - check no access-fault + exception]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F012_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S053_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is clear, any M-mode access matching the PMP entry will succeed\n\n + {Page 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nIf the L bit is clear and the privilege mode of + the access is M, the access succeeds" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=0\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=0, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to outside all PMP defined + regions\n\nCHECK\n - check no access-fault exception (Feature: \"no cfg + matching\")\n\nREUSABILITY\n - if possible, the PMP entry number (i) + is a configurable parameter\n - if possible, the PMP entry lock (L) is + a configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e2-1 + (refers to FTR09-d1)\n[When the L bit is clear, any M-mode access matching + the PMP entry will succeed]\nFTR09-d1 (refers to FTR08-e2-1)\n [If the L + bit is clear and the privilege mode of the access is M, the access succeeds]\n + \nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\nTST12-53 (LOWEST-PRIO)\n[with L=0 => FTR08-e2-1 (refers to\ + \ FTR09-d1)\n - configure the PMP entry with write permissions for the + PMP region\n - execute a store, store-conditional, or AMO instruction to + outside all PMP defined regions\n - check no access-fault exception] //TODO: + CHECK IF M-MODE ALLOWED" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F012_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S054_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range with write permissions and with L=1\n \ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n\nCHECK\n - check no access-fault exception\n\nREUSABILITY\n\ + \ - if possible, the PMP entry number (i) is a configurable parameter\n\ + \ - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST12-54 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to that region (with exact address-matching)\n - check + no access-fault exception]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F012_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S055_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set\n\n{Page + 58 Volume II: RISC-V Privileged Architectures V20211203}\nAttempting to + execute a store, store-conditional, or AMO instruction which accesses a + physical address within a PMP region without write permissions raises a + store access-fault exception" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + inside defined NA4 address range without write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=0, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n\nCHECK\n - check store access-fault exception raised\n\ + \nREUSABILITY\n - if possible, the PMP entry number (i) is a configurable + parameter\n - if possible, the PMP entry lock (L) is a configurable parameter\n\ + \ - if possible, the PMP entry permissions (R,W,X) are configurable parameters\n\ + \ - if possible, the PMP entry adress-matching mode (A) is a configurable + parameter\n - if possible, the PMP entry address range (pmpaddr) is a + configurable parameter\n - if possible, the PMP entry associated access + address is a configurable parameter\n - so a single CONFIGURATION function + and a single ACCESS function can be reused and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR04-d\n[Attempting to execute a store, store-conditional, or AMO instruction + which accesses a physical address within a PMP region without write permissions + raises a store access-fault exception]\n\nFTR02-b1\n[the lowest-numbered + PMP CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \n TST12-5x(group) => FTR01-f\n [PMP check on store, store-conditional, + or AMO instruction where effective privilege mode is M:\n - choose a + data writable pmp region and address range\n - choose only one PMP entry + (i) ([FTR02-b1]: maybe mandatorily the 1st one)\n - if possible, the + PMP entry number is a configurable parameter\n - choose pmpcfg(i).A=NA4\n\ + \ - single access data store in any mode when the bit mstatus.MPRV=1 + and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)]\n [create + scenarios where PMP entries with A=2 (NA4) and with/without matching permissions\n\ + \ - check only NA4 defined addresses are matching]\n TST12-55 (LOWEST-PRIO)\n + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1),\n - configure + the PMP entry without write permissions for the PMP region\n - execute + a store, store-conditional, or AMO instruction to that region (with exact + address-matching)\n - check store access-fault exception raised => FTR04-d]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F012_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F012_S056_I000 + description: "{Page 56 Volume II: RISC-V Privileged Architectures V20211203}\n + PMP checks may additionally apply to M-mode accesses, in which case the + PMP registers themselves are locked, so that even M-mode software cannot + change them until the hart is reset\n\n{Page 60 Section \"Locking and Privilege + Mode\" Volume II: RISC-V Privileged Architectures V20211203}\nWhen the L + bit is set, these permissions are enforced for all privilege modes\n\n{Page + 60 Section \"Priority and Matching Logic\" Volume II: RISC-V Privileged + Architectures V20211203}\nif the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "M mode single access store, store-conditional, or AMO instruction + from outside defined NA4 address range with write permissions and with L=1\n\ + \ - choose a data writable pmp region and address range\n - choose + only one PMP entry (i)\n\nCONFIGURATION\n - pmpcfg(i): A=NA4, W=1, L=1, + X/R:random\n - pmpaddr(i): NA4 address range\n - mstatus.MPRV=1 and + mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)\n\nACCESS\n - execute + a store, store-conditional, or AMO instruction to outside all PMP defined + regions\n\nCHECK\n - check no access-fault exception (Feature: \"no cfg + matching\")\n\nREUSABILITY\n - if possible, the PMP entry number (i) + is a configurable parameter\n - if possible, the PMP entry lock (L) is + a configurable parameter\n - if possible, the PMP entry permissions (R,W,X) + are configurable parameters\n - if possible, the PMP entry adress-matching + mode (A) is a configurable parameter\n - if possible, the PMP entry address + range (pmpaddr) is a configurable parameter\n - if possible, the PMP + entry associated access address is a configurable parameter\n - so a + single CONFIGURATION function and a single ACCESS function can be reused + and combined" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<>\n\n<< link to the + old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) + : reading below not mandatory but may help for better understanding >>\n + \nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally apply to M-mode + accesses, in which case the PMP registers themselves are locked, so that + even M-mode software cannot change them until the hart is reset]\n \nFTR08-e1 + (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the L bit is set, these + permissions are enforced for all privilege modes]\nFTR09-d2-1 (refers to + FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access succeeds + only if the R, W, or X bit corresponding to the access type is set]\n\n + FTR02-b1\n[the lowest-numbered PMP CSRs must be implemented first (QUESTION: + does it mean programmed first)]\n\nTST12-5x(group) => FTR01-f\n [PMP check + on store, store-conditional, or AMO instruction where effective privilege + mode is M:\n - choose a data writable pmp region and address range\n\ + \ - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the + 1st one)\n - if possible, the PMP entry number is a configurable parameter\n\ + \ - choose pmpcfg(i).A=NA4\n - single access data store in any mode + when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK + IF MAKING SENSE)]\n [create scenarios where PMP entries with A=2 (NA4) + and with/without matching permissions\n - check only NA4 defined addresses + are matching]\n TST12-56 (LOWEST-PRIO)\n[with L=1 => FTR08-e1 (refers to + FTR01-f) (refers to FTR09-d2-1),\n - configure the PMP entry with write + permissions for the PMP region\n - execute a store, store-conditional, + or AMO instruction to outside all PMP defined regions\n - check no access-fault + exception] //TODO: CHECK IF M-MODE ALLOWED" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP013.yml b/verif/docs/VerifPlans/PMP/VP_IP013.yml new file mode 100644 index 000000000..a0a659155 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP013.yml @@ -0,0 +1,1133 @@ +!Feature +next_elt_id: 30 +name: cfg NAPOT access S/U +id: 13 +display_order: 13 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F013_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S011_I000 + description: 'reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-11 (HIGH-PRIO)\n [same as TST11-11(group), but with pmpcfg(i).A=NAPOT]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F013_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S012_I000 + description: 'reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n [Attempting to fetch an instruction from a PMP region + that does not have execute permissions raises an instruction access-fault + exception]\n \n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-12 (MEDIUM-PRIO)\n [same as TST11-12(group), but with pmpcfg(i).A=NAPOT]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F013_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S013_I000 + description: 'reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-13 (MEDIUM-PRIO)\n [same as TST11-13(group), but with pmpcfg(i).A=NAPOT]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F013_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S014_I000 + description: 'reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-14 (LOW-PRIO)\n [same as TST11-14(group), but with pmpcfg(i).A=NAPOT]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F013_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S015_I000 + description: 'reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n[Attempting to fetch an instruction from a PMP region that + does not have execute permissions raises an instruction access-fault exception]\n\ + \n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-15 (LOW-PRIO)\n [same as TST11-15(group), but with pmpcfg(i).A=NAPOT]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F013_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S016_I000 + description: 'reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-16 (LOW-PRIO)\n [same as TST11-16(group), but with pmpcfg(i).A=NAPOT]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F013_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S021_I000 + description: 'reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-21 (HIGH-PRIO)\n [same as TST11-21(group), but with pmpcfg(i).A=NAPOT]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F013_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S022_I000 + description: 'reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=NAPOT]\nTST13-22 (MEDIUM-PRIO)\n [same as TST11-22(group), + but with pmpcfg(i).A=NAPOT]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F013_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S023_I000 + description: 'reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-23 (MEDIUM-PRIO)\n [same as TST11-23(group), but with pmpcfg(i).A=NAPOT]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F013_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S024_I000 + description: 'reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-24 (LOW-PRIO)\n [same as TST11-24(group), but with pmpcfg(i).A=NAPOT]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F013_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S025_I000 + description: 'reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=NAPOT]\n TST13-25 (LOW-PRIO)\n [same as TST11-25(group), + but with pmpcfg(i).A=NAPOT]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F013_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S026_I000 + description: 'reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-26 (LOW-PRIO)\n [same as TST11-26(group), but with pmpcfg(i).A=NAPOT]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F013_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S031_I000 + description: 'reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-31 (HIGH-PRIO)\n [same as TST11-31(group), but with pmpcfg(i).A=NAPOT]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F013_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S032_I000 + description: 'reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST13-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\nTST13-32 (MEDIUM-PRIO)\n\ + \ [same as TST11-32(group), but with pmpcfg(i).A=NAPOT]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F013_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S033_I000 + description: 'reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-33 (MEDIUM-PRIO)\n [same as TST11-33(group), but with pmpcfg(i).A=NAPOT]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F013_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S034_I000 + description: 'reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-34 (LOW-PRIO)\n [same as TST11-34(group), but with pmpcfg(i).A=NAPOT]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F013_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S035_I000 + description: 'reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST13-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\nTST13-35 (LOW-PRIO)\n\ + \ [same as TST11-35(group), but with pmpcfg(i).A=NAPOT]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F013_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S036_I000 + description: 'reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-36 (LOW-PRIO)\n [same as TST11-36(group), but with pmpcfg(i).A=NAPOT]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F013_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S041_I000 + description: 'reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-41 (LOWEST-PRIO)\n [same as TST11-41(group), but with pmpcfg(i).A=NAPOT]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F013_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S042_I000 + description: 'reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=NAPOT]\nTST13-42 (LOWEST-PRIO)\n [same as TST11-42(group), + but with pmpcfg(i).A=NAPOT]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F013_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S043_I000 + description: 'reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-43 (LOWEST-PRIO)\n [same as TST11-43(group), but with pmpcfg(i).A=NAPOT]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F013_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S044_I000 + description: 'reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-44 (LOWEST-PRIO)\n [same as TST11-44(group), but with pmpcfg(i).A=NAPOT]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F013_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S045_I000 + description: 'reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=NAPOT]\n TST13-45 (LOWEST-PRIO)\n [same as TST11-45(group), + but with pmpcfg(i).A=NAPOT]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F013_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S046_I000 + description: 'reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-46 (LOWEST-PRIO)\n [same as TST11-46(group), but with pmpcfg(i).A=NAPOT]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F013_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S051_I000 + description: 'reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-51 (LOWEST-PRIO)\n [same as TST11-51(group), but with pmpcfg(i).A=NAPOT]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F013_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S052_I000 + description: 'reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST13-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\nTST13-52 (LOWEST-PRIO)\n\ + \ [same as TST11-52(group), but with pmpcfg(i).A=NAPOT]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F013_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S053_I000 + description: 'reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-53 (LOWEST-PRIO)\n [same as TST11-53(group), but with pmpcfg(i).A=NAPOT]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F013_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S054_I000 + description: 'reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-54 (LOWEST-PRIO)\n [same as TST11-54(group), but with pmpcfg(i).A=NAPOT]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F013_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S055_I000 + description: 'reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST13-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\nTST13-55 (LOWEST-PRIO)\n\ + \ [same as TST11-55(group), but with pmpcfg(i).A=NAPOT]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F013_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F013_S056_I000 + description: 'reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n \ + \ - pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST13-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT]\n + TST13-56 (LOWEST-PRIO)\n [same as TST11-56(group), but with pmpcfg(i).A=NAPOT]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP014.yml b/verif/docs/VerifPlans/PMP/VP_IP014.yml new file mode 100644 index 000000000..6d5b1e0ba --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP014.yml @@ -0,0 +1,1119 @@ +!Feature +next_elt_id: 30 +name: cfg NAPOT access M +id: 14 +display_order: 14 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F014_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S011_I000 + description: 'reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-11 (LOW-PRIO)\n\ + \ [same as TST12-11(group), but with pmpcfg(i).A=NAPOT]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F014_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S012_I000 + description: 'reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-12 (LOW-PRIO)\n\ + \ [same as TST12-12(group), but with pmpcfg(i).A=NAPOT]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F014_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S013_I000 + description: 'reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-13 (LOW-PRIO)\n\ + \ [same as TST12-13(group), but with pmpcfg(i).A=NAPOT]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F014_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S014_I000 + description: 'reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-14 (HIGH-PRIO)\n\ + \ [same as TST12-14(group), but with pmpcfg(i).A=NAPOT]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F014_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S015_I000 + description: 'reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-b\n[Attempting to fetch an instruction from + a PMP region that does not have execute permissions raises an instruction + access-fault exception]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-15 (MEDIUM-PRIO)\n\ + \ [same as TST12-15(group), but with pmpcfg(i).A=NAPOT]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F014_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S016_I000 + description: 'reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT]\nTST14-16 (HIGH-PRIO)\n\ + \ [same as TST12-16(group), but with pmpcfg(i).A=NAPOT]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F014_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S021_I000 + description: 'reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-21 (LOW-PRIO)\n\ + \ [same as TST12-21(group), but with pmpcfg(i).A=NAPOT]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F014_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S022_I000 + description: 'reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-22 (LOW-PRIO)\n\ + \ [same as TST12-22(group), but with pmpcfg(i).A=NAPOT]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F014_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S023_I000 + description: 'reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-23 (LOW-PRIO)\n\ + \ [same as TST12-23(group), but with pmpcfg(i).A=NAPOT]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F014_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S024_I000 + description: 'reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-24 (HIGH-PRIO)\n\ + \ [same as TST12-24(group), but with pmpcfg(i).A=NAPOT]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F014_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S025_I000 + description: 'reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST14-2x(group)\n [same as TST12-2x(group), but + with pmpcfg(i).A=NAPOT]\n TST14-25 (MEDIUM-PRIO)\n [same as TST12-25(group), + but with pmpcfg(i).A=NAPOT]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F014_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S026_I000 + description: 'reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT]\nTST14-26 (HIGH-PRIO)\n\ + \ [same as TST12-26(group), but with pmpcfg(i).A=NAPOT]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F014_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S031_I000 + description: 'reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-31 (LOW-PRIO)\n\ + \ [same as TST12-31(group), but with pmpcfg(i).A=NAPOT]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F014_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S032_I000 + description: 'reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-32 (LOW-PRIO)\n\ + \ [same as TST12-32(group), but with pmpcfg(i).A=NAPOT]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F014_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S033_I000 + description: 'reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-33 (LOW-PRIO)\n\ + \ [same as TST12-33(group), but with pmpcfg(i).A=NAPOT]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F014_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S034_I000 + description: 'reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-34 (HIGH-PRIO)\n\ + \ [same as TST12-34(group), but with pmpcfg(i).A=NAPOT]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F014_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S035_I000 + description: 'reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST14-3x(group)\n [same as TST12-3x(group), + but with pmpcfg(i).A=NAPOT]\nTST14-35 (MEDIUM-PRIO)\n [same as TST12-35(group), + but with pmpcfg(i).A=NAPOT]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F014_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S036_I000 + description: 'reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT]\nTST14-36 (HIGH-PRIO)\n\ + \ [same as TST12-36(group), but with pmpcfg(i).A=NAPOT]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F014_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S041_I000 + description: 'reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-41 (LOWEST-PRIO)\n\ + \ [same as TST12-41(group), but with pmpcfg(i).A=NAPOT]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F014_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S042_I000 + description: 'reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-42 (LOWEST-PRIO)\n\ + \ [same as TST12-42(group), but with pmpcfg(i).A=NAPOT]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F014_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S043_I000 + description: 'reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-43 (LOWEST-PRIO)\n\ + \ [same as TST12-43(group), but with pmpcfg(i).A=NAPOT]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F014_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S044_I000 + description: 'reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-44 (LOWEST-PRIO)\n\ + \ [same as TST12-44(group), but with pmpcfg(i).A=NAPOT]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F014_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S045_I000 + description: 'reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST14-4x(group)\n [same as TST12-4x(group), but + with pmpcfg(i).A=NAPOT]\n TST14-45 (LOWEST-PRIO)\n [same as TST12-45(group), + but with pmpcfg(i).A=NAPOT]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F014_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S046_I000 + description: 'reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT]\nTST14-46 (LOWEST-PRIO)\n\ + \ [same as TST12-46(group), but with pmpcfg(i).A=NAPOT]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F014_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S051_I000 + description: 'reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-51 (LOWEST-PRIO)\n\ + \ [same as TST12-51(group), but with pmpcfg(i).A=NAPOT]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F014_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S052_I000 + description: 'reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-52 (LOWEST-PRIO)\n\ + \ [same as TST12-52(group), but with pmpcfg(i).A=NAPOT]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F014_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S053_I000 + description: 'reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-53 (LOWEST-PRIO)\n\ + \ [same as TST12-53(group), but with pmpcfg(i).A=NAPOT]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F014_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S054_I000 + description: 'reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-54 (LOWEST-PRIO)\n\ + \ [same as TST12-54(group), but with pmpcfg(i).A=NAPOT]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F014_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S055_I000 + description: 'reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST14-5x(group)\n [same as TST12-5x(group), + but with pmpcfg(i).A=NAPOT]\nTST14-55 (LOWEST-PRIO)\n [same as TST12-55(group), + but with pmpcfg(i).A=NAPOT]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F014_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F014_S056_I000 + description: 'reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=NAPOT\n - + pmpaddr(i): any NAPOT address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST14-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT]\nTST14-56 (LOWEST-PRIO)\n\ + \ [same as TST12-56(group), but with pmpcfg(i).A=NAPOT]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP015.yml b/verif/docs/VerifPlans/PMP/VP_IP015.yml new file mode 100644 index 000000000..a84fd152c --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP015.yml @@ -0,0 +1,1502 @@ +!Feature +next_elt_id: 36 +name: cfg TOR access S/U +id: 15 +display_order: 15 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F015_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S011_I000 + description: 'reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-11 (HIGH-PRIO)\n [same as TST11-11(group), but with pmpcfg(i).A=TOR]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F015_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S012_I000 + description: 'reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n [Attempting to fetch an instruction from a PMP region + that does not have execute permissions raises an instruction access-fault + exception]\n \n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-12 (MEDIUM-PRIO)\n [same as TST11-12(group), but with pmpcfg(i).A=TOR]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F015_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S013_I000 + description: 'reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-13 (MEDIUM-PRIO)\n [same as TST11-13(group), but with pmpcfg(i).A=TOR]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F015_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S014_I000 + description: 'reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-14 (LOW-PRIO)\n [same as TST11-14(group), but with pmpcfg(i).A=TOR]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F015_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S015_I000 + description: 'reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n[Attempting to fetch an instruction from a PMP region that + does not have execute permissions raises an instruction access-fault exception]\n\ + \n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-15 (LOW-PRIO)\n [same as TST11-15(group), but with pmpcfg(i).A=TOR]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F015_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S016_I000 + description: 'reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-16 (LOW-PRIO)\n [same as TST11-16(group), but with pmpcfg(i).A=TOR]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F015_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S021_I000 + description: 'reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-21 (HIGH-PRIO)\n [same as TST11-21(group), but with pmpcfg(i).A=TOR]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F015_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S022_I000 + description: 'reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=TOR]\nTST15-22 (MEDIUM-PRIO)\n [same as TST11-22(group), + but with pmpcfg(i).A=TOR]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F015_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S023_I000 + description: 'reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-23 (MEDIUM-PRIO)\n [same as TST11-23(group), but with pmpcfg(i).A=TOR]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F015_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S024_I000 + description: 'reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-24 (LOW-PRIO)\n [same as TST11-24(group), but with pmpcfg(i).A=TOR]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F015_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S025_I000 + description: 'reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=TOR]\n TST15-25 (LOW-PRIO)\n [same as TST11-25(group), + but with pmpcfg(i).A=TOR]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F015_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S026_I000 + description: 'reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-26 (LOW-PRIO)\n [same as TST11-26(group), but with pmpcfg(i).A=TOR]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F015_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S031_I000 + description: 'reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-31 (HIGH-PRIO)\n [same as TST11-31(group), but with pmpcfg(i).A=TOR]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F015_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S032_I000 + description: 'reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST15-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\nTST15-32 (MEDIUM-PRIO)\n\ + \ [same as TST11-32(group), but with pmpcfg(i).A=TOR]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F015_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S033_I000 + description: 'reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-33 (MEDIUM-PRIO)\n [same as TST11-33(group), but with pmpcfg(i).A=TOR]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F015_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S034_I000 + description: 'reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-34 (LOW-PRIO)\n [same as TST11-34(group), but with pmpcfg(i).A=TOR]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F015_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S035_I000 + description: 'reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST15-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\nTST15-35 (LOW-PRIO)\n\ + \ [same as TST11-35(group), but with pmpcfg(i).A=TOR]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F015_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S036_I000 + description: 'reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-36 (LOW-PRIO)\n [same as TST11-36(group), but with pmpcfg(i).A=TOR]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F015_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S041_I000 + description: 'reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=TOR]\n + TST15-41 (LOWEST-PRIO)\n [same as TST11-41(group), but with pmpcfg(i).A=TOR]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F015_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S042_I000 + description: 'reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=TOR]\nTST15-42 (LOWEST-PRIO)\n [same as TST11-42(group), + but with pmpcfg(i).A=TOR]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F015_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S043_I000 + description: 'reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=TOR]\n + TST15-43 (LOWEST-PRIO)\n [same as TST11-43(group), but with pmpcfg(i).A=TOR]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F015_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S044_I000 + description: 'reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=TOR]\n + TST15-44 (LOWEST-PRIO)\n [same as TST11-44(group), but with pmpcfg(i).A=TOR]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F015_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S045_I000 + description: 'reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=TOR]\n TST15-45 (LOWEST-PRIO)\n [same as TST11-45(group), + but with pmpcfg(i).A=TOR]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F015_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S046_I000 + description: 'reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=TOR]\n + TST15-46 (LOWEST-PRIO)\n [same as TST11-46(group), but with pmpcfg(i).A=TOR]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F015_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S051_I000 + description: 'reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\n + TST15-51 (LOWEST-PRIO)\n [same as TST11-51(group), but with pmpcfg(i).A=TOR]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F015_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S052_I000 + description: 'reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST15-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\nTST15-52 (LOWEST-PRIO)\n\ + \ [same as TST11-52(group), but with pmpcfg(i).A=TOR]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F015_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S053_I000 + description: 'reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\n + TST15-53 (LOWEST-PRIO)\n [same as TST11-53(group), but with pmpcfg(i).A=TOR]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F015_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S054_I000 + description: 'reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\n + TST15-54 (LOWEST-PRIO)\n [same as TST11-54(group), but with pmpcfg(i).A=TOR]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F015_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S055_I000 + description: 'reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST15-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\nTST15-55 (LOWEST-PRIO)\n\ + \ [same as TST11-55(group), but with pmpcfg(i).A=TOR]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F015_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S056_I000 + description: 'reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] + pmpaddr(0) > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=TOR]\n + TST15-56 (LOWEST-PRIO)\n [same as TST11-56(group), but with pmpcfg(i).A=TOR]" +- 030_fetch_L0_X1_addr_forbidden: !Subfeature + name: 030_fetch_L0_X1_addr_forbidden + tag: VP_PMP_F015_S061 + next_elt_id: 1 + display_order: 30 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S061_I000 + description: "reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check instruction fetch access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-11 (LOW-PRIO)\n [same as TST11-11(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 031_fetch_L1_X1_addr_forbidden: !Subfeature + name: 031_fetch_L1_X1_addr_forbidden + tag: VP_PMP_F015_S062 + next_elt_id: 1 + display_order: 31 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S062_I000 + description: "reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check instruction fetch access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=TOR]\n + TST15-14 (LOW-PRIO)\n [same as TST11-14(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 032_load_L0_R1_addr_forbidden: !Subfeature + name: 032_load_L0_R1_addr_forbidden + tag: VP_PMP_F015_S063 + next_elt_id: 1 + display_order: 32 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S063_I000 + description: "reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check load access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-21 (HIGH-PRIO)\n [same as TST11-21(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 033_load_L1_R1_addr_forbidden: !Subfeature + name: 033_load_L1_R1_addr_forbidden + tag: VP_PMP_F015_S064 + next_elt_id: 1 + display_order: 33 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S064_I000 + description: "reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check load access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=TOR]\n + TST15-24 (LOW-PRIO)\n [same as TST11-24(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 034_store_L0_W1_addr_forbidden: !Subfeature + name: 034_store_L0_W1_addr_forbidden + tag: VP_PMP_F015_S065 + next_elt_id: 1 + display_order: 34 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S065_I000 + description: "reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check store access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-31 (HIGH-PRIO)\n [same as TST11-31(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +- 035_store_L1_W1_addr_forbidden: !Subfeature + name: 035_store_L1_W1_addr_forbidden + tag: VP_PMP_F015_S066 + next_elt_id: 1 + display_order: 35 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F015_S066_I000 + description: "reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: + \"cfg NA4 access S/U\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - + [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for + i=0] pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)\n\nCHECK UPDATE\n\ + \ - check store access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST15-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=TOR]\n + TST15-34 (LOW-PRIO)\n [same as TST11-34(group), but with pmpcfg(i).A=TOR]\n + \n\n//TO COMPLETE => FTR06-b\nTST25 = same as TST15+TST16 (groups) with + PMP entry (0) with pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) + with PMP entry (0) with pmpaddr(0) = 0\n [create scenario where PMP entry + pmpcfg(0) with TOR:\n - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO + COMPLETE => FTR06-c\n TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) + and with pmpcfg(i) and pmpcfg(i-1) correct\n [create scenario where PMP + entry pmpcfg(i) with TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry + pmpcfg(i-1) correct]\n [create scenario where PMP entry pmpcfg(0) with + TOR:\n - pmpaddr(0) >= pmpaddr(1/2/3/…)]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP016.yml b/verif/docs/VerifPlans/PMP/VP_IP016.yml new file mode 100644 index 000000000..e19027450 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP016.yml @@ -0,0 +1,1482 @@ +!Feature +next_elt_id: 36 +name: cfg TOR access M +id: 16 +display_order: 16 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F016_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S011_I000 + description: 'reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-11 (LOW-PRIO)\n\ + \ [same as TST12-11(group), but with pmpcfg(i).A=TOR]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F016_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S012_I000 + description: 'reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-12 (LOW-PRIO)\n\ + \ [same as TST12-12(group), but with pmpcfg(i).A=TOR]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F016_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S013_I000 + description: 'reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-13 (LOW-PRIO)\n\ + \ [same as TST12-13(group), but with pmpcfg(i).A=TOR]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F016_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S014_I000 + description: 'reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-14 (HIGH-PRIO)\n\ + \ [same as TST12-14(group), but with pmpcfg(i).A=TOR]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F016_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S015_I000 + description: 'reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-b\n[Attempting to fetch an instruction from + a PMP region that does not have execute permissions raises an instruction + access-fault exception]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-15 (MEDIUM-PRIO)\n\ + \ [same as TST12-15(group), but with pmpcfg(i).A=TOR]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F016_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S016_I000 + description: 'reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-16 (HIGH-PRIO)\n\ + \ [same as TST12-16(group), but with pmpcfg(i).A=TOR]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F016_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S021_I000 + description: 'reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-21 (LOW-PRIO)\n\ + \ [same as TST12-21(group), but with pmpcfg(i).A=TOR]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F016_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S022_I000 + description: 'reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-22 (LOW-PRIO)\n\ + \ [same as TST12-22(group), but with pmpcfg(i).A=TOR]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F016_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S023_I000 + description: 'reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-23 (LOW-PRIO)\n\ + \ [same as TST12-23(group), but with pmpcfg(i).A=TOR]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F016_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S024_I000 + description: 'reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-24 (HIGH-PRIO)\n\ + \ [same as TST12-24(group), but with pmpcfg(i).A=TOR]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F016_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S025_I000 + description: 'reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST16-2x(group)\n [same as TST12-2x(group), but + with pmpcfg(i).A=TOR]\n TST16-25 (MEDIUM-PRIO)\n [same as TST12-25(group), + but with pmpcfg(i).A=TOR]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F016_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S026_I000 + description: 'reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-26 (HIGH-PRIO)\n\ + \ [same as TST12-26(group), but with pmpcfg(i).A=TOR]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F016_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S031_I000 + description: 'reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-31 (LOW-PRIO)\n\ + \ [same as TST12-31(group), but with pmpcfg(i).A=TOR]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F016_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S032_I000 + description: 'reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-32 (LOW-PRIO)\n\ + \ [same as TST12-32(group), but with pmpcfg(i).A=TOR]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F016_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S033_I000 + description: 'reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-33 (LOW-PRIO)\n\ + \ [same as TST12-33(group), but with pmpcfg(i).A=TOR]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F016_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S034_I000 + description: 'reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-34 (HIGH-PRIO)\n\ + \ [same as TST12-34(group), but with pmpcfg(i).A=TOR]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F016_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S035_I000 + description: 'reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST16-3x(group)\n [same as TST12-3x(group), + but with pmpcfg(i).A=TOR]\nTST16-35 (MEDIUM-PRIO)\n [same as TST12-35(group), + but with pmpcfg(i).A=TOR]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F016_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S036_I000 + description: 'reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-36 (HIGH-PRIO)\n\ + \ [same as TST12-36(group), but with pmpcfg(i).A=TOR]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F016_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S041_I000 + description: 'reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-41 (LOWEST-PRIO)\n\ + \ [same as TST12-41(group), but with pmpcfg(i).A=TOR]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F016_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S042_I000 + description: 'reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-42 (LOWEST-PRIO)\n\ + \ [same as TST12-42(group), but with pmpcfg(i).A=TOR]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F016_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S043_I000 + description: 'reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-43 (LOWEST-PRIO)\n\ + \ [same as TST12-43(group), but with pmpcfg(i).A=TOR]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F016_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S044_I000 + description: 'reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-44 (LOWEST-PRIO)\n\ + \ [same as TST12-44(group), but with pmpcfg(i).A=TOR]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F016_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S045_I000 + description: 'reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST16-4x(group)\n [same as TST12-4x(group), but + with pmpcfg(i).A=TOR]\n TST16-45 (LOWEST-PRIO)\n [same as TST12-45(group), + but with pmpcfg(i).A=TOR]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F016_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S046_I000 + description: 'reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=TOR]\nTST16-46 (LOWEST-PRIO)\n\ + \ [same as TST12-46(group), but with pmpcfg(i).A=TOR]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F016_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S051_I000 + description: 'reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-51 (LOWEST-PRIO)\n\ + \ [same as TST12-51(group), but with pmpcfg(i).A=TOR]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F016_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S052_I000 + description: 'reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-52 (LOWEST-PRIO)\n\ + \ [same as TST12-52(group), but with pmpcfg(i).A=TOR]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F016_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S053_I000 + description: 'reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-53 (LOWEST-PRIO)\n\ + \ [same as TST12-53(group), but with pmpcfg(i).A=TOR]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F016_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S054_I000 + description: 'reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-54 (LOWEST-PRIO)\n\ + \ [same as TST12-54(group), but with pmpcfg(i).A=TOR]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F016_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S055_I000 + description: 'reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST16-5x(group)\n [same as TST12-5x(group), + but with pmpcfg(i).A=TOR]\nTST16-55 (LOWEST-PRIO)\n [same as TST12-55(group), + but with pmpcfg(i).A=TOR]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F016_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S056_I000 + description: 'reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range\n - [for i=0] pmpaddr(0) + > 0: any TOR address range\n - [for j=unused] pmpaddr(j)=random: only + in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=TOR]\nTST16-56 (LOWEST-PRIO)\n\ + \ [same as TST12-56(group), but with pmpcfg(i).A=TOR]" +- 030_fetch_L0_X1_addr_forbidden: !Subfeature + name: 030_fetch_L0_X1_addr_forbidden + tag: VP_PMP_F016_S061 + next_elt_id: 1 + display_order: 30 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S061_I000 + description: "reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\n TST16-11 (LOW-PRIO)\n\ + \ [same as TST12-11(group), but with pmpcfg(i).A=TOR]\n \n\n//TO COMPLETE + => FTR06-b\nTST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 031_fetch_L1_X1_addr_forbidden: !Subfeature + name: 031_fetch_L1_X1_addr_forbidden + tag: VP_PMP_F016_S062 + next_elt_id: 1 + display_order: 31 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S062_I000 + description: "reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=TOR]\nTST16-14 (LOW-PRIO)\n\ + \ [same as TST12-14(group), but with pmpcfg(i).A=TOR]\n\n\n//TO COMPLETE + => FTR06-b\n TST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 032_load_L0_R1_addr_forbidden: !Subfeature + name: 032_load_L0_R1_addr_forbidden + tag: VP_PMP_F016_S063 + next_elt_id: 1 + display_order: 32 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S063_I000 + description: "reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\n TST16-21 (HIGH-PRIO)\n\ + \ [same as TST12-21(group), but with pmpcfg(i).A=TOR]\n \n\n//TO COMPLETE + => FTR06-b\nTST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 033_load_L1_R1_addr_forbidden: !Subfeature + name: 033_load_L1_R1_addr_forbidden + tag: VP_PMP_F016_S064 + next_elt_id: 1 + display_order: 33 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S064_I000 + description: "reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=TOR]\nTST16-24 (LOW-PRIO)\n\ + \ [same as TST12-24(group), but with pmpcfg(i).A=TOR]\n\n\n//TO COMPLETE + => FTR06-b\n TST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 034_store_L0_W1_addr_forbidden: !Subfeature + name: 034_store_L0_W1_addr_forbidden + tag: VP_PMP_F016_S065 + next_elt_id: 1 + display_order: 34 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S065_I000 + description: "reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\n TST16-31 (HIGH-PRIO)\n\ + \ [same as TST12-31(group), but with pmpcfg(i).A=TOR]\n \n\n//TO COMPLETE + => FTR06-b\nTST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +- 035_store_L1_W1_addr_forbidden: !Subfeature + name: 035_store_L1_W1_addr_forbidden + tag: VP_PMP_F016_S066 + next_elt_id: 1 + display_order: 35 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F016_S066_I000 + description: "reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: + \"cfg NA4 access M\")\n\n{Page 59 Volume II: RISC-V Privileged Architectures + V20211203}\nIf pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i + matches no addresses\nIf PMP entry 0’s A field is set to TOR, zero is used + for the lower bound, and so it matches any address y < pmpaddr(0)" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=TOR\n - [for + i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range\n - [for i=0] + pmpaddr(0) = 0: invalid TOR address range\n - [for j=unused] pmpaddr(j)=random: + only in single entry configuration case (not in reuse case)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST16-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=TOR]\nTST16-34 (LOW-PRIO)\n\ + \ [same as TST12-34(group), but with pmpcfg(i).A=TOR]\n\n\n//TO COMPLETE + => FTR06-b\n TST25 = same as TST15+TST16 (groups) with PMP entry (0) with + pmpaddr(0) > 0\nTST26 = same as TST15+TST16 (groups) with PMP entry (0) + with pmpaddr(0) = 0\n [create scenario where PMP entry pmpcfg(0) with TOR:\n\ + \ - pmpaddr(0) > 0\n - pmpaddr(0) = 0]\n\n//TO COMPLETE => FTR06-c\n + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) + and pmpcfg(i-1) correct\n [create scenario where PMP entry pmpcfg(i) with + TOR:\n - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct]\n\ + \ [create scenario where PMP entry pmpcfg(0) with TOR:\n - pmpaddr(0) + >= pmpaddr(1/2/3/…)]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP017.yml b/verif/docs/VerifPlans/PMP/VP_IP017.yml new file mode 100644 index 000000000..3a3989a73 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP017.yml @@ -0,0 +1,1153 @@ +!Feature +next_elt_id: 30 +name: cfg OFF access S/U +id: 17 +display_order: 17 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F017_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S011_I000 + description: 'reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check instruction fetch + access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-11 (HIGH-PRIO)\n [same as TST11-11(group), but with pmpcfg(i).A=OFF\n\ + \ - check instruction fetch access-fault exception raised]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F017_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S012_I000 + description: 'reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n [Attempting to fetch an instruction from a PMP region + that does not have execute permissions raises an instruction access-fault + exception]\n \n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-12 (MEDIUM-PRIO)\n [same as TST11-12(group), but with pmpcfg(i).A=OFF]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F017_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S013_I000 + description: 'reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-13 (MEDIUM-PRIO)\n [same as TST11-13(group), but with pmpcfg(i).A=OFF]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F017_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S014_I000 + description: 'reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check instruction fetch + access-fault exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-14 (LOW-PRIO)\n [same as TST11-14(group), but with pmpcfg(i).A=OFF\n\ + \ - check instruction fetch access-fault exception raised]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F017_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S015_I000 + description: 'reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-b\n[Attempting to fetch an instruction from a PMP region that + does not have execute permissions raises an instruction access-fault exception]\n\ + \n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-15 (LOW-PRIO)\n [same as TST11-15(group), but with pmpcfg(i).A=OFF]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F017_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S016_I000 + description: 'reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-1x(group)\n [same as TST11-1x(group), but with pmpcfg(i).A=OFF]\n + TST17-16 (LOW-PRIO)\n [same as TST11-16(group), but with pmpcfg(i).A=OFF]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F017_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S021_I000 + description: 'reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check load access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=OFF]\n + TST17-21 (HIGH-PRIO)\n [same as TST11-21(group), but with pmpcfg(i).A=OFF\n\ + \ - check load access-fault exception raised]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F017_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S022_I000 + description: 'reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=OFF]\nTST17-22 (MEDIUM-PRIO)\n [same as TST11-22(group), + but with pmpcfg(i).A=OFF]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F017_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S023_I000 + description: 'reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=OFF]\n + TST17-23 (MEDIUM-PRIO)\n [same as TST11-23(group), but with pmpcfg(i).A=OFF]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F017_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S024_I000 + description: 'reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check load access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=OFF]\n + TST17-24 (LOW-PRIO)\n [same as TST11-24(group), but with pmpcfg(i).A=OFF\n\ + \ - check load access-fault exception raised]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F017_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S025_I000 + description: 'reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), + but with pmpcfg(i).A=OFF]\n TST17-25 (LOW-PRIO)\n [same as TST11-25(group), + but with pmpcfg(i).A=OFF]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F017_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S026_I000 + description: 'reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-2x(group)\n [same as TST11-2x(group), but with pmpcfg(i).A=OFF]\n + TST17-26 (LOW-PRIO)\n [same as TST11-26(group), but with pmpcfg(i).A=OFF]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F017_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S031_I000 + description: 'reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check store access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\n + TST17-31 (HIGH-PRIO)\n [same as TST11-31(group), but with pmpcfg(i).A=OFF\n\ + \ - check store access-fault exception raised]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F017_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S032_I000 + description: 'reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST17-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\nTST17-32 (MEDIUM-PRIO)\n\ + \ [same as TST11-32(group), but with pmpcfg(i).A=OFF]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F017_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S033_I000 + description: 'reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\n + TST17-33 (MEDIUM-PRIO)\n [same as TST11-33(group), but with pmpcfg(i).A=OFF]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F017_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S034_I000 + description: 'reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check store access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\n + TST17-34 (LOW-PRIO)\n [same as TST11-34(group), but with pmpcfg(i).A=OFF\n\ + \ - check store access-fault exception raised]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F017_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S035_I000 + description: 'reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST17-3x(group)\n\ + \ [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\nTST17-35 (LOW-PRIO)\n\ + \ [same as TST11-35(group), but with pmpcfg(i).A=OFF]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F017_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S036_I000 + description: 'reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-3x(group)\n [same as TST11-3x(group), but with pmpcfg(i).A=OFF]\n + TST17-36 (LOW-PRIO)\n [same as TST11-36(group), but with pmpcfg(i).A=OFF]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F017_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S041_I000 + description: 'reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check load access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=OFF]\n + TST17-41 (LOWEST-PRIO)\n [same as TST11-41(group), but with pmpcfg(i).A=OFF\n\ + \ - check load access-fault exception raised]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F017_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S042_I000 + description: 'reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n [Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=OFF]\nTST17-42 (LOWEST-PRIO)\n [same as TST11-42(group), + but with pmpcfg(i).A=OFF]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F017_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S043_I000 + description: 'reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=OFF]\n + TST17-43 (LOWEST-PRIO)\n [same as TST11-43(group), but with pmpcfg(i).A=OFF]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F017_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S044_I000 + description: 'reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check load access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=OFF]\n + TST17-44 (LOWEST-PRIO)\n [same as TST11-44(group), but with pmpcfg(i).A=OFF\n\ + \ - check load access-fault exception raised]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F017_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S045_I000 + description: 'reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved instruction + which accesses a physical address within a PMP region without read permissions + raises a load access-fault exception]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), + but with pmpcfg(i).A=OFF]\n TST17-45 (LOWEST-PRIO)\n [same as TST11-45(group), + but with pmpcfg(i).A=OFF]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F017_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S046_I000 + description: 'reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-4x(group)\n [same as TST11-4x(group), but with pmpcfg(i).A=OFF]\n + TST17-46 (LOWEST-PRIO)\n [same as TST11-46(group), but with pmpcfg(i).A=OFF]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F017_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S051_I000 + description: 'reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check store access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\n + TST17-51 (LOWEST-PRIO)\n [same as TST11-51(group), but with pmpcfg(i).A=OFF\n\ + \ - check store access-fault exception raised]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F017_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S052_I000 + description: 'reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n [Attempting to execute a store, store-conditional, or + AMO instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST17-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\nTST17-52 (LOWEST-PRIO)\n\ + \ [same as TST11-52(group), but with pmpcfg(i).A=OFF]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F017_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S053_I000 + description: 'reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e2-2 (refers to FTR09-d2-2)\n[When the L bit is clear, the R/W/X + permissions apply only to S and U modes]\nFTR09-d2-2 (L=0 refers to FTR08-e2-2)\n + [if the privilege mode of the access is S or U (whatever L), then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\n + TST17-53 (LOWEST-PRIO)\n [same as TST11-53(group), but with pmpcfg(i).A=OFF]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F017_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S054_I000 + description: 'reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range\n\nCHECK UPDATE\n - check store access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\n + TST17-54 (LOWEST-PRIO)\n [same as TST11-54(group), but with pmpcfg(i).A=OFF\n\ + \ - check store access-fault exception raised]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F017_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S055_I000 + description: 'reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, or AMO + instruction which accesses a physical address within a PMP region without + write permissions raises a store access-fault exception]\n\n\nTST17-5x(group)\n\ + \ [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\nTST17-55 (LOWEST-PRIO)\n\ + \ [same as TST11-55(group), but with pmpcfg(i).A=OFF]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F017_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F017_S056_I000 + description: 'reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - + pmpaddr(i): NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-d\n[PMP checks are applied to all accesses whose + effective privilege mode is S or U]\n\nFTR02-b1\n[the lowest-numbered PMP + CSRs must be implemented first (QUESTION: does it mean programmed first)]\n + \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n [When the L bit + is set, these permissions are enforced for all privilege modes]\nFTR01-f + (refers to FTR08-e1)\n [PMP checks may additionally apply to M-mode accesses, + in which case the PMP registers themselves are locked, so that even M-mode + software cannot change them until the hart is reset]\n FTR09-d2-1 (refers + to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, then the access + succeeds only if the R, W, or X bit corresponding to the access type is + set]\n\n\nTST17-5x(group)\n [same as TST11-5x(group), but with pmpcfg(i).A=OFF]\n + TST17-56 (LOWEST-PRIO)\n [same as TST11-56(group), but with pmpcfg(i).A=OFF]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP018.yml b/verif/docs/VerifPlans/PMP/VP_IP018.yml new file mode 100644 index 000000000..f0183d418 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP018.yml @@ -0,0 +1,1129 @@ +!Feature +next_elt_id: 30 +name: cfg OFF access M +id: 18 +display_order: 18 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F018_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S011_I000 + description: 'reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-11 (LOW-PRIO)\n\ + \ [same as TST12-11(group), but with pmpcfg(i).A=OFF]" +- 001_fetch_L0_X0_addr_hit: !Subfeature + name: 001_fetch_L0_X0_addr_hit + tag: VP_PMP_F018_S012 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S012_I000 + description: 'reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-12 (LOW-PRIO)\n\ + \ [same as TST12-12(group), but with pmpcfg(i).A=OFF]" +- 002_fetch_L0_X1_addr_miss: !Subfeature + name: 002_fetch_L0_X1_addr_miss + tag: VP_PMP_F018_S013 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S013_I000 + description: 'reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-13 (LOW-PRIO)\n\ + \ [same as TST12-13(group), but with pmpcfg(i).A=OFF]" +- 003_fetch_L1_X1_addr_hit: !Subfeature + name: 003_fetch_L1_X1_addr_hit + tag: VP_PMP_F018_S014 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S014_I000 + description: 'reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-14 (HIGH-PRIO)\n\ + \ [same as TST12-14(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 004_fetch_L1_X0_addr_hit: !Subfeature + name: 004_fetch_L1_X0_addr_hit + tag: VP_PMP_F018_S015 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S015_I000 + description: 'reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-b\n[Attempting to fetch an instruction from + a PMP region that does not have execute permissions raises an instruction + access-fault exception]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-15 (MEDIUM-PRIO)\n\ + \ [same as TST12-15(group), but with pmpcfg(i).A=OFF]" +- 005_fetch_L1_X1_addr_miss: !Subfeature + name: 005_fetch_L1_X1_addr_miss + tag: VP_PMP_F018_S016 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S016_I000 + description: 'reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-1x(group)\n\ + \ [same as TST12-1x(group), but with pmpcfg(i).A=OFF]\nTST18-16 (HIGH-PRIO)\n\ + \ [same as TST12-16(group), but with pmpcfg(i).A=OFF]" +- 006_load_L0_R1_addr_hit: !Subfeature + name: 006_load_L0_R1_addr_hit + tag: VP_PMP_F018_S021 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S021_I000 + description: 'reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-21 (LOW-PRIO)\n\ + \ [same as TST12-21(group), but with pmpcfg(i).A=OFF]" +- 007_load_L0_R0_addr_hit: !Subfeature + name: 007_load_L0_R0_addr_hit + tag: VP_PMP_F018_S022 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S022_I000 + description: 'reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-22 (LOW-PRIO)\n\ + \ [same as TST12-22(group), but with pmpcfg(i).A=OFF]" +- 008_load_L0_R1_addr_miss: !Subfeature + name: 008_load_L0_R1_addr_miss + tag: VP_PMP_F018_S023 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S023_I000 + description: 'reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-23 (LOW-PRIO)\n\ + \ [same as TST12-23(group), but with pmpcfg(i).A=OFF]" +- 009_load_L1_R1_addr_hit: !Subfeature + name: 009_load_L1_R1_addr_hit + tag: VP_PMP_F018_S024 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S024_I000 + description: 'reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-24 (HIGH-PRIO)\n\ + \ [same as TST12-24(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 010_load_L1_R0_addr_hit: !Subfeature + name: 010_load_L1_R0_addr_hit + tag: VP_PMP_F018_S025 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S025_I000 + description: 'reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST18-2x(group)\n [same as TST12-2x(group), but + with pmpcfg(i).A=OFF]\n TST18-25 (MEDIUM-PRIO)\n [same as TST12-25(group), + but with pmpcfg(i).A=OFF]" +- 011_load_L1_R1_addr_miss: !Subfeature + name: 011_load_L1_R1_addr_miss + tag: VP_PMP_F018_S026 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S026_I000 + description: 'reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-2x(group)\n\ + \ [same as TST12-2x(group), but with pmpcfg(i).A=OFF]\nTST18-26 (HIGH-PRIO)\n\ + \ [same as TST12-26(group), but with pmpcfg(i).A=OFF]" +- 012_store_L0_W1_addr_hit: !Subfeature + name: 012_store_L0_W1_addr_hit + tag: VP_PMP_F018_S031 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S031_I000 + description: 'reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-31 (LOW-PRIO)\n\ + \ [same as TST12-31(group), but with pmpcfg(i).A=OFF]" +- 013_store_L0_W0_addr_hit: !Subfeature + name: 013_store_L0_W0_addr_hit + tag: VP_PMP_F018_S032 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S032_I000 + description: 'reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-32 (LOW-PRIO)\n\ + \ [same as TST12-32(group), but with pmpcfg(i).A=OFF]" +- 014_store_L0_W1_addr_miss: !Subfeature + name: 014_store_L0_W1_addr_miss + tag: VP_PMP_F018_S033 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S033_I000 + description: 'reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-33 (LOW-PRIO)\n\ + \ [same as TST12-33(group), but with pmpcfg(i).A=OFF]" +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F018_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S034_I000 + description: 'reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-34 (HIGH-PRIO)\n\ + \ [same as TST12-34(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 016_store_L1_W0_addr_hit: !Subfeature + name: 016_store_L1_W0_addr_hit + tag: VP_PMP_F018_S035 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S035_I000 + description: 'reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST18-3x(group)\n [same as TST12-3x(group), + but with pmpcfg(i).A=OFF]\nTST18-35 (MEDIUM-PRIO)\n [same as TST12-35(group), + but with pmpcfg(i).A=OFF]" +- 017_store_L1_W1_addr_miss: !Subfeature + name: 017_store_L1_W1_addr_miss + tag: VP_PMP_F018_S036 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S036_I000 + description: 'reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-3x(group)\n\ + \ [same as TST12-3x(group), but with pmpcfg(i).A=OFF]\nTST18-36 (HIGH-PRIO)\n\ + \ [same as TST12-36(group), but with pmpcfg(i).A=OFF]" +- 018_load_MPP_L0_R1_addr_hit: !Subfeature + name: 018_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F018_S041 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S041_I000 + description: 'reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-41 (LOWEST-PRIO)\n\ + \ [same as TST12-41(group), but with pmpcfg(i).A=OFF]" +- 019_load_MPP_L0_R0_addr_hit: !Subfeature + name: 019_load_MPP_L0_R0_addr_hit + tag: VP_PMP_F018_S042 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S042_I000 + description: 'reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-42 (LOWEST-PRIO)\n\ + \ [same as TST12-42(group), but with pmpcfg(i).A=OFF]" +- 020_load_MPP_L0_R1_addr_miss: !Subfeature + name: 020_load_MPP_L0_R1_addr_miss + tag: VP_PMP_F018_S043 + next_elt_id: 1 + display_order: 20 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S043_I000 + description: 'reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-43 (LOWEST-PRIO)\n\ + \ [same as TST12-43(group), but with pmpcfg(i).A=OFF]" +- 021_load_MPP_L1_R1_addr_hit: !Subfeature + name: 021_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F018_S044 + next_elt_id: 1 + display_order: 21 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S044_I000 + description: 'reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-44 (LOWEST-PRIO)\n\ + \ [same as TST12-44(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 022_load_MPP_L1_R0_addr_hit: !Subfeature + name: 022_load_MPP_L1_R0_addr_hit + tag: VP_PMP_F018_S045 + next_elt_id: 1 + display_order: 22 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S045_I000 + description: 'reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-c\n[Attempting to execute a load or load-reserved + instruction which accesses a physical address within a PMP region without + read permissions raises a load access-fault exception]\n\nFTR02-b1\n[the + lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean + programmed first)]\n \n\nTST18-4x(group)\n [same as TST12-4x(group), but + with pmpcfg(i).A=OFF]\n TST18-45 (LOWEST-PRIO)\n [same as TST12-45(group), + but with pmpcfg(i).A=OFF]" +- 023_load_MPP_L1_R1_addr_miss: !Subfeature + name: 023_load_MPP_L1_R1_addr_miss + tag: VP_PMP_F018_S046 + next_elt_id: 1 + display_order: 23 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S046_I000 + description: 'reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-4x(group)\n\ + \ [same as TST12-4x(group), but with pmpcfg(i).A=OFF]\nTST18-46 (LOWEST-PRIO)\n\ + \ [same as TST12-46(group), but with pmpcfg(i).A=OFF]" +- 024_store_MPP_L0_W1_addr_hit: !Subfeature + name: 024_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F018_S051 + next_elt_id: 1 + display_order: 24 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S051_I000 + description: 'reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-51 (LOWEST-PRIO)\n\ + \ [same as TST12-51(group), but with pmpcfg(i).A=OFF]" +- 025_store_MPP_L0_W0_addr_hit: !Subfeature + name: 025_store_MPP_L0_W0_addr_hit + tag: VP_PMP_F018_S052 + next_elt_id: 1 + display_order: 25 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S052_I000 + description: 'reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-52 (LOWEST-PRIO)\n\ + \ [same as TST12-52(group), but with pmpcfg(i).A=OFF]" +- 026_store_MPP_L0_W1_addr_miss: !Subfeature + name: 026_store_MPP_L0_W1_addr_miss + tag: VP_PMP_F018_S053 + next_elt_id: 1 + display_order: 26 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S053_I000 + description: 'reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e2-1 (refers to FTR09-d1)\n[When the L bit is clear, any + M-mode access matching the PMP entry will succeed]\nFTR09-d1 (refers to + FTR08-e2-1)\n [If the L bit is clear and the privilege mode of the access + is M, the access succeeds]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must + be implemented first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-53 (LOWEST-PRIO)\n\ + \ [same as TST12-53(group), but with pmpcfg(i).A=OFF]" +- 027_store_MPP_L1_W1_addr_hit: !Subfeature + name: 027_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F018_S054 + next_elt_id: 1 + display_order: 27 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S054_I000 + description: 'reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-54 (LOWEST-PRIO)\n\ + \ [same as TST12-54(group), but with pmpcfg(i).A=OFF\n - check instruction + fetch access-fault exception raised]" +- 028_store_MPP_L1_W0_addr_hit: !Subfeature + name: 028_store_MPP_L1_W0_addr_hit + tag: VP_PMP_F018_S055 + next_elt_id: 1 + display_order: 28 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S055_I000 + description: 'reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR04-d\n[Attempting to execute a store, store-conditional, + or AMO instruction which accesses a physical address within a PMP region + without write permissions raises a store access-fault exception]\n\nFTR02-b1\n + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does + it mean programmed first)]\n\n\nTST18-5x(group)\n [same as TST12-5x(group), + but with pmpcfg(i).A=OFF]\nTST18-55 (LOWEST-PRIO)\n [same as TST12-55(group), + but with pmpcfg(i).A=OFF]" +- 029_store_MPP_L1_W1_addr_miss: !Subfeature + name: 029_store_MPP_L1_W1_addr_miss + tag: VP_PMP_F018_S056 + next_elt_id: 1 + display_order: 29 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F018_S056_I000 + description: 'reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - pmpcfg(i): A=OFF\n - pmpaddr(i): + NA4 address range" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nFTR01-f (refers to FTR08-e1)\n[PMP checks may additionally + apply to M-mode accesses, in which case the PMP registers themselves are + locked, so that even M-mode software cannot change them until the hart is + reset]\n \nFTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1)\n[When the + L bit is set, these permissions are enforced for all privilege modes]\n + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f)\n[if the L bit is set, + then the access succeeds only if the R, W, or X bit corresponding to the + access type is set]\n\nFTR02-b1\n[the lowest-numbered PMP CSRs must be implemented + first (QUESTION: does it mean programmed first)]\n\n\nTST18-5x(group)\n\ + \ [same as TST12-5x(group), but with pmpcfg(i).A=OFF]\nTST18-56 (LOWEST-PRIO)\n\ + \ [same as TST12-56(group), but with pmpcfg(i).A=OFF]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP019.yml b/verif/docs/VerifPlans/PMP/VP_IP019.yml new file mode 100644 index 000000000..76d9a7ad6 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP019.yml @@ -0,0 +1,525 @@ +!Feature +next_elt_id: 20 +name: cfg NA4 not selectable +id: 19 +display_order: 19 +subfeatures: !!omap +- 000_fetch_L0_X1_addr_hit: !Subfeature + name: 000_fetch_L0_X1_addr_hit + tag: VP_PMP_F019_S011 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S011_I000 + description: 'reuse of VP_PMP_F019_S011_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check instruction fetch access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 001_fetch_L1_X1_addr_hit: !Subfeature + name: 001_fetch_L1_X1_addr_hit + tag: VP_PMP_F019_S014 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S014_I000 + description: 'reuse of VP_PMP_F019_S014_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check instruction fetch access-fault + exception raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 002_load_L0_R1_addr_hit: !Subfeature + name: 002_load_L0_R1_addr_hit + tag: VP_PMP_F019_S021 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S021_I000 + description: 'reuse of VP_PMP_F019_S021_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check load access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 003_load_L1_R1_addr_hit: !Subfeature + name: 003_load_L1_R1_addr_hit + tag: VP_PMP_F019_S024 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S024_I000 + description: 'reuse of VP_PMP_F019_S024_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check load access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 004_store_L0_W1_addr_hit: !Subfeature + name: 004_store_L0_W1_addr_hit + tag: VP_PMP_F019_S031 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S031_I000 + description: 'reuse of VP_PMP_F019_S031_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 005_store_L1_W1_addr_hit: !Subfeature + name: 005_store_L1_W1_addr_hit + tag: VP_PMP_F019_S034 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S034_I000 + description: 'reuse of VP_PMP_F019_S034_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 006_load_MPP_L0_R1_addr_hit: !Subfeature + name: 006_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F019_S041 + next_elt_id: 1 + display_order: 6 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S041_I000 + description: 'reuse of VP_PMP_F019_S041_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check load access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 007_load_MPP_L1_R1_addr_hit: !Subfeature + name: 007_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F019_S044 + next_elt_id: 1 + display_order: 7 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S044_I000 + description: 'reuse of VP_PMP_F019_S044_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check load access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 008_store_MPP_L0_W1_addr_hit: !Subfeature + name: 008_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F019_S051 + next_elt_id: 1 + display_order: 8 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S051_I000 + description: 'reuse of VP_PMP_F019_S051_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 009_store_MPP_L1_W1_addr_hit: !Subfeature + name: 009_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F019_S054 + next_elt_id: 1 + display_order: 9 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S054_I000 + description: 'reuse of VP_PMP_F019_S054_I000 feature description (Cf. Feature: + "cfg NA4 access S/U")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access S/U\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 010_fetch_L0_X1_addr_hit: !Subfeature + name: 010_fetch_L0_X1_addr_hit + tag: VP_PMP_F019_S011 + next_elt_id: 1 + display_order: 10 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S011_I000 + description: 'reuse of VP_PMP_F019_S011_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S011_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 011_fetch_L1_X1_addr_hit: !Subfeature + name: 011_fetch_L1_X1_addr_hit + tag: VP_PMP_F019_S014 + next_elt_id: 1 + display_order: 11 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S014_I000 + description: 'reuse of VP_PMP_F019_S014_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S014_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 012_load_L0_R1_addr_hit: !Subfeature + name: 012_load_L0_R1_addr_hit + tag: VP_PMP_F019_S021 + next_elt_id: 1 + display_order: 12 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S021_I000 + description: 'reuse of VP_PMP_F019_S021_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S021_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 013_load_L1_R1_addr_hit: !Subfeature + name: 013_load_L1_R1_addr_hit + tag: VP_PMP_F019_S024 + next_elt_id: 1 + display_order: 13 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S024_I000 + description: 'reuse of VP_PMP_F019_S024_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S024_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 014_store_L0_W1_addr_hit: !Subfeature + name: 014_store_L0_W1_addr_hit + tag: VP_PMP_F019_S031 + next_elt_id: 1 + display_order: 14 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S031_I000 + description: 'reuse of VP_PMP_F019_S031_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S031_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 015_store_L1_W1_addr_hit: !Subfeature + name: 015_store_L1_W1_addr_hit + tag: VP_PMP_F019_S034 + next_elt_id: 1 + display_order: 15 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S034_I000 + description: 'reuse of VP_PMP_F019_S034_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S034_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 016_load_MPP_L0_R1_addr_hit: !Subfeature + name: 016_load_MPP_L0_R1_addr_hit + tag: VP_PMP_F019_S041 + next_elt_id: 1 + display_order: 16 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S041_I000 + description: 'reuse of VP_PMP_F019_S041_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S041_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 017_load_MPP_L1_R1_addr_hit: !Subfeature + name: 017_load_MPP_L1_R1_addr_hit + tag: VP_PMP_F019_S044 + next_elt_id: 1 + display_order: 17 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S044_I000 + description: 'reuse of VP_PMP_F019_S044_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S044_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 018_store_MPP_L0_W1_addr_hit: !Subfeature + name: 018_store_MPP_L0_W1_addr_hit + tag: VP_PMP_F019_S051 + next_elt_id: 1 + display_order: 18 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S051_I000 + description: 'reuse of VP_PMP_F019_S051_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S051_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 019_store_MPP_L1_W1_addr_hit: !Subfeature + name: 019_store_MPP_L1_W1_addr_hit + tag: VP_PMP_F019_S054 + next_elt_id: 1 + display_order: 19 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F019_S054_I000 + description: 'reuse of VP_PMP_F019_S054_I000 feature description (Cf. Feature: + "cfg NA4 access M")' + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "reuse of VP_PMP_F019_S054_I000 verification goals (Cf. Feature: + \"cfg NA4 access M\")\n\nCONFIGURATION\n - check that pmpcfg(i).A=OFF + (by reading back)\n\nCHECK UPDATE\n - check store access-fault exception + raised (TODO: is M mode access prevented by A=OFF)" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP021.yml b/verif/docs/VerifPlans/PMP/VP_IP021.yml new file mode 100644 index 000000000..673688102 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP021.yml @@ -0,0 +1,376 @@ +!Feature +next_elt_id: 6 +name: multi entries NA4 +id: 21 +display_order: 21 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F021_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg NA4 access S/U/M\")\n - make sure the pmp entries address ranges + are not overlapping/intersecting\n - NB: obviously, pmp entry configurations + with different mstatus.MPRV/MPP values cannot be mixed in same test\n\n\ + CHECK\n - for each pmp entry, we should obtain the expected CHECK result\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST21(group)\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST21-1 = extension of (TST11-11, TST11-21, + TST11-31, TST11-41, TST11-51,\n TST11-12, TST11-22, + TST11-32, TST11-42, TST11-52,\n TST11-13, TST11-23, + TST11-33, TST11-43, TST11-53,\n TST11-14, TST11-24, + TST11-34, TST11-44, TST11-54,\n TST11-15, TST11-25, + TST11-35, TST11-45, TST11-55,\n TST11-16, TST11-26, + TST11-36, TST11-46, TST11-56,\n TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n TST12-13, TST12-23, + TST12-33, TST12-43, TST12-53,\n TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n TST12-15, TST12-25, + TST12-35, TST12-45, TST12-55,\n TST12-16, TST12-26, + TST12-36, TST12-46, TST12-56)\n[configure only one (any, but the first one) + PMP entry\n - use A=NA4 for the PMP entry configuration\n - execute the + chosen kind of access\n - should be same result]" +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F021_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F021_S001_I000 feature + description (Cf. Feature: \"multi entries NA4\")" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST21(group)\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST21-2 = extension of compatible pair + of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51,\n \ + \ \t\t\t\t\t\t\t\t\t TST11-12, TST11-22, TST11-32, TST11-42, TST11-52,\n\ + \ \t\t\t\t\t\t\t\t\t TST11-13, TST11-23, TST11-33, + TST11-43, TST11-53,\n \t\t\t\t\t\t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n \ + \ \t\t\t\t \t\t\t\t\t TST11-16, TST11-26, TST11-36, TST11-46, + TST11-56,\n \t\t\t\t\t\t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52,\n \ + \ \t\t\t\t\t\t\t\t\t TST12-13, TST12-23, TST12-33, TST12-43, TST12-53,\n\ + \ \t\t\t\t\t\t\t\t\t TST12-14, TST12-24, TST12-34, + TST12-44, TST12-54,\n \t\t\t\t\t\t\t\t\t TST12-15, + TST12-25, TST12-35, TST12-45, TST12-55,\n \t\t\t\t + \t\t\t\t\t TST12-16, TST12-26, TST12-36, TST12-46, TST12-56)\n[configure + 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first + PMP entry)\n - use A=NA4 for each PMP entry configuration\n - execute + the 2 kinds of accesses (if possible to chain due to potential access-fault + exception)\n - should be same 2 results]" +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F021_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST21(group)\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST21-3 = extension of compatible group(N) + of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST11-12, TST11-22, TST11-32, TST11-42, + TST11-52,\n \t\t\t\t\t\t\t\t\t\t\t TST11-13, TST11-23, + TST11-33, TST11-43, TST11-53,\n \t\t\t\t\t\t\t\t\t + \t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, + TST11-55,\n \t\t\t\t\t\t\t\t\t\t\t TST11-16, TST11-26, + TST11-36, TST11-46, TST11-56,\n \t\t\t\t\t\t\t\t\t + \t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST12-12, TST12-22, TST12-32, TST12-42, + TST12-52,\n \t\t\t\t\t\t\t\t\t\t\t TST12-13, TST12-23, + TST12-33, TST12-43, TST12-53,\n \t\t\t\t\t\t\t\t\t + \t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, + TST12-55,\n \t\t\t\t\t\t\t\t\t\t\t TST12-16, TST12-26, + TST12-36, TST12-46, TST12-56)\n[configure N PMP entries (highest-numbered + ones first) (as non-adjacent as possible, and avoid the first PMP entry)\n\ + \ - use A=NA4 for each PMP entry configuration\n - execute the N kinds + of accesses (if possible to chain due to potential access-fault exception)\n\ + \ - should be same N results]" +- 003_8_isolated_entries: !Subfeature + name: 003_8_isolated_entries + tag: VP_PMP_F021_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S004_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose all 8 PMP entries\n\nreuse of VP_PMP_F021_S001_I000 feature + description (Cf. Feature: \"multi entries NA4\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST21(group)\n [create scenarios where PMP entries + with A=2 (NA4) and with/without matching permissions\n - check only NA4 + defined addresses are matching]\nTST21-4 = extension of compatible group(8) + of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST11-12, TST11-22, TST11-32, TST11-42, + TST11-52,\n \t\t\t\t\t\t\t\t\t\t\t TST11-13, TST11-23, + TST11-33, TST11-43, TST11-53,\n \t\t\t\t\t\t\t\t\t + \t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, + TST11-55,\n \t\t\t\t\t\t\t\t\t\t\t TST11-16, TST11-26, + TST11-36, TST11-46, TST11-56,\n \t\t\t\t\t\t\t\t\t + \t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST12-12, TST12-22, TST12-32, TST12-42, + TST12-52,\n \t\t\t\t\t\t\t\t\t\t\t TST12-13, TST12-23, + TST12-33, TST12-43, TST12-53,\n \t\t\t\t\t\t\t\t\t + \t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, + TST12-55,\n \t\t\t\t\t\t\t\t\t\t\t TST12-16, TST12-26, + TST12-36, TST12-46, TST12-56)\n[configure 8 PMP entries (highest-numbered + ones first)\n - use A=NA4 for each PMP entry configuration\n - execute + the 8 kinds of accesses (if possible to chain due to potential access-fault + exception)\n - should be same 8 results]" +- 004_2_intersecting_entries_fail: !Subfeature + name: 004_2_intersecting_entries_fail + tag: VP_PMP_F021_S005 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S005_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NA4 access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario with access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault\n\ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should generate the access-type related access-fault\n\nREUSABILITY\n \ + \ - if possible, the number of PMP entries (N) is a configurable parameter\n\ + \ - so a single test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-1\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, TST14-25, + TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, + TST16-55,\n TST17-12, + TST17-22, TST17-32, TST17-42, TST17-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, TST17-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, TST18-22, + TST18-32, TST18-42, TST18-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n - configure + the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, + TST11-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST13-14, TST13-24, TST13-34, + TST13-44, TST13-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + \tTST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST14-14, TST14-24, TST14-34, TST14-44, + TST14-54,\n TST15-11, + TST15-21, TST15-31, TST15-41, TST15-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-11, TST16-21, + TST16-31, TST16-41, TST16-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54)\n - execute + the associated access\n - check associated access-fault exception raised]" +- 005_2_intersecting_entries_succeed: !Subfeature + name: 005_2_intersecting_entries_succeed + tag: VP_PMP_F021_S006 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F021_S006_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NA4 access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario without access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault\n \ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should not generate any access-fault\n\nREUSABILITY\n - if possible, + the number of PMP entries (N) is a configurable parameter\n - so a single + test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-2\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-11, + TST11-21, TST11-31, TST11-41, TST11-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, + TST13-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \ + \ TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, + TST15-44, TST15-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, + TST16-54)\n - configure the highest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t\ + \ TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, + TST14-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, + TST15-35, TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \ + \ TST17-12, TST17-22, TST17-32, TST17-42, TST17-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, + TST17-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, + TST18-22, TST18-32, TST18-42, TST18-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n\ + \ - execute the associated access\n - check no access-fault exception]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP022.yml b/verif/docs/VerifPlans/PMP/VP_IP022.yml new file mode 100644 index 000000000..7412bcc7b --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP022.yml @@ -0,0 +1,376 @@ +!Feature +next_elt_id: 6 +name: multi entries NAPOT +id: 22 +display_order: 22 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F022_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg NAPOT access S/U/M\")\n - make sure the pmp entries address ranges + are not overlapping/intersecting\n - NB: obviously, pmp entry configurations + with different mstatus.MPRV/MPP values cannot be mixed in same test\n\n\ + CHECK\n - for each pmp entry, we should obtain the expected CHECK result\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST22(group)\n [create scenarios where PMP entries + with A=3 (NAPOT) and with/without matching permissions\n - check only + NAPOT defined addresses are matching]\nTST22-1 = extension of (TST13-11, + TST13-21, TST13-31, TST13-41, TST13-51,\n TST13-12, + TST13-22, TST13-32, TST13-42, TST13-52,\n TST13-13, + TST13-23, TST13-33, TST13-43, TST13-53,\n TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n TST13-16, + TST13-26, TST13-36, TST13-46, TST13-56,\n TST14-11, + TST14-21, TST14-31, TST14-41, TST14-51,\n TST14-12, + TST14-22, TST14-32, TST14-42, TST14-52,\n TST14-13, + TST14-23, TST14-33, TST14-43, TST14-53,\n TST14-14, + TST14-24, TST14-34, TST14-44, TST14-54,\n TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n TST14-16, + TST14-26, TST14-36, TST14-46, TST14-56)\n[configure only one (any, but the + first one) PMP entry\n - use A=NAPOT for the PMP entry configuration\n\ + \ - execute the chosen kind of access\n - should be same result]" +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F022_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F022_S001_I000 feature + description (Cf. Feature: \"multi entries NAPOT\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST22(group)\n [create scenarios where PMP entries + with A=3 (NAPOT) and with/without matching permissions\n - check only + NAPOT defined addresses are matching]\nTST22-2 = extension of compatible + pair of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t TST13-13, TST13-23, + TST13-33, TST13-43, TST13-53,\n \t\t\t\t\t\t\t\t\t + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54,\n \ + \ \t\t\t\t\t\t\t\t\t TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n\ + \ \t\t\t\t \t\t\t\t\t TST13-16, TST13-26, TST13-36, + TST13-46, TST13-56,\n \t\t\t\t\t\t\t\t\t TST14-11, + TST14-21, TST14-31, TST14-41, TST14-51,\n \t\t\t\t + \t\t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n \ + \ \t\t\t\t\t\t\t\t\t TST14-13, TST14-23, TST14-33, TST14-43, + TST14-53,\n \t\t\t\t\t\t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \t\t\t\t\t\t\t\t\t + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ \t\t\t\t\t\t\t\t\t TST14-16, TST14-26, TST14-36, TST14-46, TST14-56)\n + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid + the first PMP entry)\n - use A=NAPOT for each PMP entry configuration\n\ + \ - execute the 2 kinds of accesses (if possible to chain due to potential + access-fault exception)\n - should be same 2 results]" +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F022_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST22(group)\n [create scenarios where PMP entries + with A=3 (NAPOT) and with/without matching permissions\n - check only + NAPOT defined addresses are matching]\nTST22-3 = extension of compatible + group(N) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t\t\t TST13-13, + TST13-23, TST13-33, TST13-43, TST13-53,\n \t\t\t\t + \t\t\t\t\t\t\t TST13-14, TST13-24, TST13-34, TST13-44, TST13-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST13-15, TST13-25, TST13-35, + TST13-45, TST13-55,\n \t\t\t\t\t\t\t\t\t\t\t TST13-16, + TST13-26, TST13-36, TST13-46, TST13-56,\n \t\t\t\t + \t\t\t\t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST14-12, TST14-22, TST14-32, + TST14-42, TST14-52,\n \t\t\t\t\t\t\t\t\t\t\t TST14-13, + TST14-23, TST14-33, TST14-43, TST14-53,\n \t\t\t\t + \t\t\t\t\t\t\t TST14-14, TST14-24, TST14-34, TST14-44, TST14-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST14-15, TST14-25, TST14-35, + TST14-45, TST14-55,\n \t\t\t\t\t\t\t\t\t\t\t TST14-16, + TST14-26, TST14-36, TST14-46, TST14-56)\n[configure N PMP entries (highest-numbered + ones first) (as non-adjacent as possible, and avoid the first PMP entry)\n\ + \ - use A=NAPOT for each PMP entry configuration\n - execute the N kinds + of accesses (if possible to chain due to potential access-fault exception)\n\ + \ - should be same N results]" +- 003_8_isolated_entries: !Subfeature + name: 003_8_isolated_entries + tag: VP_PMP_F022_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S004_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose all 8 PMP entries\n\nreuse of VP_PMP_F022_S001_I000 feature + description (Cf. Feature: \"multi entries NAPOT\")" + pfc: 3 + test_type: 3 + cov_method: 0 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST22(group)\n [create scenarios where PMP entries + with A=3 (NAPOT) and with/without matching permissions\n - check only + NAPOT defined addresses are matching]\nTST22-4 = extension of compatible + group(8) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t\t\t TST13-13, + TST13-23, TST13-33, TST13-43, TST13-53,\n \t\t\t\t + \t\t\t\t\t\t\t TST13-14, TST13-24, TST13-34, TST13-44, TST13-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST13-15, TST13-25, TST13-35, + TST13-45, TST13-55,\n \t\t\t\t\t\t\t\t\t\t\t TST13-16, + TST13-26, TST13-36, TST13-46, TST13-56,\n \t\t\t\t + \t\t\t\t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST14-12, TST14-22, TST14-32, + TST14-42, TST14-52,\n \t\t\t\t\t\t\t\t\t\t\t TST14-13, + TST14-23, TST14-33, TST14-43, TST14-53,\n \t\t\t\t + \t\t\t\t\t\t\t TST14-14, TST14-24, TST14-34, TST14-44, TST14-54,\n \ + \ \t\t\t\t \t\t\t\t\t\t\t TST14-15, TST14-25, TST14-35, + TST14-45, TST14-55,\n \t\t\t\t\t\t\t\t\t\t\t TST14-16, + TST14-26, TST14-36, TST14-46, TST14-56)\n[configure 8 PMP entries (highest-numbered + ones first)\n - use A=NAPOT for each PMP entry configuration\n - execute + the 8 kinds of accesses (if possible to chain due to potential access-fault + exception)\n - should be same 8 results]" +- 004_2_intersecting_entries_fail: !Subfeature + name: 004_2_intersecting_entries_fail + tag: VP_PMP_F022_S005 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S005_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NAPOT access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario with access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault\n\ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should generate the access-type related access-fault\n\nREUSABILITY\n \ + \ - if possible, the number of PMP entries (N) is a configurable parameter\n\ + \ - so a single test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-1\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, TST14-25, + TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, + TST16-55,\n TST17-12, + TST17-22, TST17-32, TST17-42, TST17-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, TST17-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, TST18-22, + TST18-32, TST18-42, TST18-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n - configure + the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, + TST11-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST13-14, TST13-24, TST13-34, + TST13-44, TST13-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + \tTST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST14-14, TST14-24, TST14-34, TST14-44, + TST14-54,\n TST15-11, + TST15-21, TST15-31, TST15-41, TST15-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-11, TST16-21, + TST16-31, TST16-41, TST16-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54)\n - execute + the associated access\n - check associated access-fault exception raised]" +- 005_2_intersecting_entries_succeed: !Subfeature + name: 005_2_intersecting_entries_succeed + tag: VP_PMP_F022_S006 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F022_S006_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NAPOT access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario without access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault\n \ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should not generate any access-fault\n\nREUSABILITY\n - if possible, + the number of PMP entries (N) is a configurable parameter\n - so a single + test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-2\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-11, + TST11-21, TST11-31, TST11-41, TST11-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, + TST13-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \ + \ TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, + TST15-44, TST15-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, + TST16-54)\n - configure the highest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t\ + \ TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, + TST14-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, + TST15-35, TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \ + \ TST17-12, TST17-22, TST17-32, TST17-42, TST17-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, + TST17-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, + TST18-22, TST18-32, TST18-42, TST18-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n\ + \ - execute the associated access\n - check no access-fault exception]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP023.yml b/verif/docs/VerifPlans/PMP/VP_IP023.yml new file mode 100644 index 000000000..b09fcd938 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP023.yml @@ -0,0 +1,378 @@ +!Feature +next_elt_id: 6 +name: multi entries TOR +id: 23 +display_order: 23 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F023_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg TOR access S/U/M\")\n - make sure the pmp entries address ranges + are not overlapping/intersecting\n - NB: obviously, pmp entry configurations + with different mstatus.MPRV/MPP values cannot be mixed in same test\n\n\ + CHECK\n - for each pmp entry, we should obtain the expected CHECK result\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST23(group) => \n [create scenarios where PMP entries + with A=1 (TOR) and with/without matching permissions\n - pmpaddr(i−1) + < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions\n\ + \ - check only TOR defined addresses are matching]\nTST23-1 = extension + of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ TST15-13, TST15-23, TST15-33, TST15-43, TST15-53,\n \ + \ TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n \ + \ TST15-15, TST15-25, TST15-35, TST15-45, TST15-55,\n\ + \ TST15-16, TST15-26, TST15-36, TST15-46, TST15-56,\n\ + \ TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n\ + \ TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n\ + \ TST16-13, TST16-23, TST16-33, TST16-43, TST16-53,\n\ + \ TST16-14, TST16-24, TST16-34, TST16-44, TST16-54,\n\ + \ TST16-15, TST16-25, TST16-35, TST16-45, TST16-55,\n\ + \ TST16-16, TST16-26, TST16-36, TST16-46, TST16-56)\n + [configure only one (any, but the first one) PMP entry\n - execute the + chosen kind of access\n - should be same result]" +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F023_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F023_S001_I000 feature + description (Cf. Feature: \"multi entries TOR\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST23(group) => \n [create scenarios where PMP entries + with A=1 (TOR) and with/without matching permissions\n - pmpaddr(i−1) + < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions\n\ + \ - check only TOR defined addresses are matching]\nTST23-2 = extension + of compatible pair of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n\ + \ \t\t\t\t\t\t\t\t\t TST15-12, TST15-22, TST15-32, + TST15-42, TST15-52,\n \t\t\t\t\t\t\t\t\t TST15-13, + TST15-23, TST15-33, TST15-43, TST15-53,\n \t\t\t\t + \t\t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n \ + \ \t\t\t\t\t\t\t\t\t TST15-15, TST15-25, TST15-35, TST15-45, + TST15-55,\n \t\t\t\t\t\t\t\t\t TST15-16, TST15-26, + TST15-36, TST15-46, TST15-56,\n \t\t\t\t\t\t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t \t\t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n\ + \ \t\t\t\t\t\t\t\t\t TST16-13, TST16-23, TST16-33, + TST16-43, TST16-53,\n \t\t\t\t\t\t\t\t\t TST16-14, + TST16-24, TST16-34, TST16-44, TST16-54,\n \t\t\t\t + \t\t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, TST16-55,\n \ + \ \t\t\t\t\t\t\t\t\t TST16-16, TST16-26, TST16-36, TST16-46, + TST16-56)\n [configure 2 non-adjacent PMP entries (highest-numbered ones + first) (avoid the first PMP entry)\n - execute the 2 kinds of accesses + (if possible to chain due to potential access-fault exception)\n - should + be same 2 results]" +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F023_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST23(group) => \n [create scenarios where PMP entries + with A=1 (TOR) and with/without matching permissions\n - pmpaddr(i−1) + < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions\n\ + \ - check only TOR defined addresses are matching]\nTST23-3 = extension + of compatible group(N) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n\ + \ \t\t\t\t\t\t\t\t\t\t\t TST15-12, TST15-22, TST15-32, + TST15-42, TST15-52,\n \t\t\t\t\t\t\t\t\t\t\t TST15-13, + TST15-23, TST15-33, TST15-43, TST15-53,\n \t\t\t\t + \t\t\t\t\t \t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t\t\t TST15-16, + TST15-26, TST15-36, TST15-46, TST15-56,\n \t\t\t\t + \t\t\t\t\t \t\t TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST16-12, TST16-22, TST16-32, + TST16-42, TST16-52,\n \t\t\t\t\t\t\t\t\t\t\t TST16-13, + TST16-23, TST16-33, TST16-43, TST16-53,\n \t\t\t\t + \t\t\t\t\t \t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \t\t\t\t\t\t\t\t\t\t\t TST16-16, + TST16-26, TST16-36, TST16-46, TST16-56)\n[configure N PMP entries (highest-numbered + ones first) (as non-adjacent as possible, and avoid the first PMP entry)\n\ + \ - execute the N kinds of accesses (if possible to chain due to potential + access-fault exception)\n - should be same N results]" +- 003_8_isolated_entries: !Subfeature + name: 003_8_isolated_entries + tag: VP_PMP_F023_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S004_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose all 8 PMP entries\n\nreuse of VP_PMP_F023_S001_I000 feature + description (Cf. Feature: \"multi entries TOR\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST23(group) => \n [create scenarios where PMP entries + with A=1 (TOR) and with/without matching permissions\n - pmpaddr(i−1) + < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions\n\ + \ - check only TOR defined addresses are matching]\nTST23-4 = extension + of compatible group(8) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n\ + \ \t\t\t\t\t\t\t\t\t\t\t TST15-12, TST15-22, TST15-32, + TST15-42, TST15-52,\n \t\t\t\t\t\t\t\t\t\t\t TST15-13, + TST15-23, TST15-33, TST15-43, TST15-53,\n \t\t\t\t + \t\t\t\t\t \t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t\t\t TST15-16, + TST15-26, TST15-36, TST15-46, TST15-56,\n \t\t\t\t + \t\t\t\t\t \t\t TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST16-12, TST16-22, TST16-32, + TST16-42, TST16-52,\n \t\t\t\t\t\t\t\t\t\t\t TST16-13, + TST16-23, TST16-33, TST16-43, TST16-53,\n \t\t\t\t + \t\t\t\t\t \t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \t\t\t\t\t\t\t\t\t\t\t TST16-16, + TST16-26, TST16-36, TST16-46, TST16-56)\n[configure 8 PMP entries (highest-numbered + ones first)\n - execute the 8 kinds of accesses (if possible to chain due + to potential access-fault exception)\n - should be same 8 results]" +- 004_2_intersecting_entries_fail: !Subfeature + name: 004_2_intersecting_entries_fail + tag: VP_PMP_F023_S005 + next_elt_id: 1 + display_order: 4 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S005_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg TOR access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario with access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault\n\ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should generate the access-type related access-fault\n\nREUSABILITY\n \ + \ - if possible, the number of PMP entries (N) is a configurable parameter\n\ + \ - so a single test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-1\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, TST14-25, + TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, + TST16-55,\n TST17-12, + TST17-22, TST17-32, TST17-42, TST17-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, TST17-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, TST18-22, + TST18-32, TST18-42, TST18-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n - configure + the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, + TST11-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST13-14, TST13-24, TST13-34, + TST13-44, TST13-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + \tTST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST14-14, TST14-24, TST14-34, TST14-44, + TST14-54,\n TST15-11, + TST15-21, TST15-31, TST15-41, TST15-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-11, TST16-21, + TST16-31, TST16-41, TST16-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54)\n - execute + the associated access\n - check associated access-fault exception raised]" +- 005_2_intersecting_entries_succeed: !Subfeature + name: 005_2_intersecting_entries_succeed + tag: VP_PMP_F023_S006 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F023_S006_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg TOR access S/U/M\")\n - for the least-numbered pmp entry, apply + any CONFIGURATION+ACCESS scenario without access-fault\n - for the highest-numbered + pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault\n \ + \ - make sure the pmp entries address ranges are overlapping/intersecting + (at least at 4 consecutive bytes)\n - for each pmp entry, execute one + access in its associated pmp address region but outside the overlapping/intersecting + address range\n - execute one additional access inside the overlapping/intersecting + address range\n - NB: obviously, pmp entry configurations with different + access-modes (S/U vs. M) cannot be easily mixed in same test\n - NB: + obviously, pmp entry configurations with different mstatus.MPRV/MPP values + cannot be mixed in same test\n\nCHECK\n - for each pmp entry, access + outside the overlapping/intersecting address range should give the expected + CHECK result\n - access inside the overlapping/intersecting address range + should not generate any access-fault\n\nREUSABILITY\n - if possible, + the number of PMP entries (N) is a configurable parameter\n - so a single + test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-2\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-11, + TST11-21, TST11-31, TST11-41, TST11-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, + TST13-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \ + \ TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, + TST15-44, TST15-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, + TST16-54)\n - configure the highest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t\ + \ TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, + TST14-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, + TST15-35, TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \ + \ TST17-12, TST17-22, TST17-32, TST17-42, TST17-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, + TST17-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, + TST18-22, TST18-32, TST18-42, TST18-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n\ + \ - execute the associated access\n - check no access-fault exception]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP024.yml b/verif/docs/VerifPlans/PMP/VP_IP024.yml new file mode 100644 index 000000000..824f2ef61 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP024.yml @@ -0,0 +1,200 @@ +!Feature +next_elt_id: 4 +name: multi entries OFF +id: 24 +display_order: 24 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F024_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F024_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg OFF access S/U/M\")\n - make sure the pmp entries address ranges + are not overlapping/intersecting\n - NB: obviously, pmp entry configurations + with different mstatus.MPRV/MPP values cannot be mixed in same test\n\n\ + CHECK\n - for each pmp entry, we should obtain the expected CHECK result\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST24(group) => FTR09-g\n [create scenarios where PMP + entries with A=0 (OFF) and with matching permissions\n - check no address + matching for those PMP entries]\n [create scenarios where all PMP entries + with A=0 (OFF) and with matching permissions\n - check no address matching + for all PMP entries]\n [check S or U mode access fails when all A=OFF with + at least one PMP entry implemented] => FTR09-g\nTST24-1 = extension of (TST17-11, + TST17-21, TST17-31, TST17-41, TST17-51,\n TST17-13, + TST17-23, TST17-33, TST17-43, TST17-53,\n TST17-14, + TST17-24, TST17-34, TST17-44, TST17-54,\n TST17-16, + TST17-26, TST17-36, TST17-46, TST17-56,\n TST18-14, + TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an + exception\n TST18-16, TST18-26, TST18-36, TST18-46, + TST18-56) //TODO: M-mode may not raise an exception\n \ + \ //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51,\n\ + \ TST18-13, TST18-23, TST18-33, + TST18-43, TST18-53) ?\n[configure only one (any, but the first one) PMP + entry\n - execute the chosen kind of access\n - check appropriate access-fault + exception raised]" +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F024_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F024_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F024_S001_I000 feature + description (Cf. Feature: \"multi entries OFF\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST24(group) => FTR09-g\n [create scenarios where PMP + entries with A=0 (OFF) and with matching permissions\n - check no address + matching for those PMP entries]\n [create scenarios where all PMP entries + with A=0 (OFF) and with matching permissions\n - check no address matching + for all PMP entries]\n [check S or U mode access fails when all A=OFF with + at least one PMP entry implemented] => FTR09-g\nTST24-2 = extension of compatible + pair of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51,\n \ + \ \t\t\t\t\t\t\t\t\t TST17-13, TST17-23, TST17-33, TST17-43, + TST17-53,\n \t\t\t\t\t\t\t\t\t TST17-14, TST17-24, + TST17-34, TST17-44, TST17-54,\n \t\t\t\t\t\t\t\t + \t TST17-16, TST17-26, TST17-36, TST17-46, TST17-56,\n \ + \ \t\t\t\t\t\t\t\t\t TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, + //TODO: M-mode may not raise an exception\n \t\t + \t\t\t\t\t\t\t TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: + M-mode may not raise an exception\n //TODO: SHOULD + WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51,\n \ + \ TST18-13, TST18-23, TST18-33, TST18-43, + TST18-53) ?\n[configure 2 non-adjacent PMP entries (highest-numbered ones + first) (avoid the first PMP entry)\n - execute the 2 kinds of accesses + (if possible to chain due to access-fault)\n - check 2 appropriate access-fault + exceptions raised]" +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F024_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F024_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST24(group) => FTR09-g\n [create scenarios where PMP + entries with A=0 (OFF) and with matching permissions\n - check no address + matching for those PMP entries]\n [create scenarios where all PMP entries + with A=0 (OFF) and with matching permissions\n - check no address matching + for all PMP entries]\n [check S or U mode access fails when all A=OFF with + at least one PMP entry implemented] => FTR09-g\nTST24-3 = extension of compatible + group(N) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51,\n \ + \ \t\t\t\t\t\t\t\t\t\t TST17-13, TST17-23, TST17-33, TST17-43, + TST17-53,\n \t\t\t\t\t\t\t\t\t\t TST17-14, TST17-24, + TST17-34, TST17-44, TST17-54,\n \t\t\t\t\t\t\t\t + \t\t TST17-16, TST17-26, TST17-36, TST17-46, TST17-56,\n \ + \ \t\t\t\t\t\t\t\t\t\t TST18-14, TST18-24, TST18-34, TST18-44, + TST18-54, //TODO: M-mode may not raise an exception\n \ + \ \t\t\t\t\t\t\t\t\t\t TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) + //TODO: M-mode may not raise an exception\n //TODO: + SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51,\n \ + \ TST18-13, TST18-23, TST18-33, + TST18-43, TST18-53) ?\n[configure N PMP entries (highest-numbered ones first) + (as non-adjacent as possible, and avoid the first PMP entry)\n - execute + the N kinds of accesses (if possible to chain due to access-fault)\n - + check N appropriate access-fault exceptions raised]" +- 003_8_isolated_entries: !Subfeature + name: 003_8_isolated_entries + tag: VP_PMP_F024_S004 + next_elt_id: 1 + display_order: 3 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F024_S004_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose all 8 PMP entries\n\nreuse of VP_PMP_F024_S001_I000 feature + description (Cf. Feature: \"multi entries OFF\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST24(group) => FTR09-g\n [create scenarios where PMP + entries with A=0 (OFF) and with matching permissions\n - check no address + matching for those PMP entries]\n [create scenarios where all PMP entries + with A=0 (OFF) and with matching permissions\n - check no address matching + for all PMP entries]\n [check S or U mode access fails when all A=OFF with + at least one PMP entry implemented] => FTR09-g\nTST24-4 = extension of compatible + group(8) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST17-13, TST17-23, TST17-33, TST17-43, + TST17-53,\n \t\t\t\t\t\t\t\t\t\t\t TST17-14, TST17-24, + TST17-34, TST17-44, TST17-54,\n \t\t\t\t\t\t\t\t\t + \t\t TST17-16, TST17-26, TST17-36, TST17-46, TST17-56,\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST18-14, TST18-24, TST18-34, TST18-44, + TST18-54, //TODO: M-mode may not raise an exception\n \ + \ \t\t\t\t\t\t\t\t\t\t\t TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) + //TODO: M-mode may not raise an exception\n //TODO: + SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51,\n \ + \ TST18-13, TST18-23, TST18-33, + TST18-43, TST18-53) ?\n[configure 8 PMP entries (highest-numbered ones first)\n\ + \ - execute the 8 kinds of accesses (if possible to chain due to access-fault)\n\ + \ - check 8 appropriate access-fault exceptions raised]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP025.yml b/verif/docs/VerifPlans/PMP/VP_IP025.yml new file mode 100644 index 000000000..db3587a8b --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP025.yml @@ -0,0 +1,290 @@ +!Feature +next_elt_id: 6 +name: multi entries ALL +id: 25 +display_order: 25 +subfeatures: !!omap +- 000_1_entry: !Subfeature + name: 000_1_entry + tag: VP_PMP_F025_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F025_S001_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose a single PMP entry\n\nCONFIGURATION and ACCESS\n - + for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: + \"cfg NA4/NAPOT/TOR/OFF access S/U/M\")\n - make sure the pmp entries + address ranges are not overlapping/intersecting\n - NB: obviously, pmp + entry configurations with different mstatus.MPRV/MPP values cannot be mixed + in same test\n\nCHECK\n - for each pmp entry, we should obtain the expected + CHECK result\n\nREUSABILITY\n - if possible, the number of PMP entries + (N) is a configurable parameter\n - so a single test function can be + reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 001_2_isolated_entries: !Subfeature + name: 001_2_isolated_entries + tag: VP_PMP_F025_S002 + next_elt_id: 1 + display_order: 1 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F025_S002_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nreuse of VP_PMP_F025_S001_I000 feature + description (Cf. Feature: \"multi entries ALL\")" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +- 002_N_isolated_entries: !Subfeature + name: 002_N_isolated_entries + tag: VP_PMP_F025_S003 + next_elt_id: 1 + display_order: 2 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F025_S003_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any N PMP entries (2>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-1\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, TST13-42, + TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-15, + TST13-25, TST13-35, TST13-45, TST13-55,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, TST14-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, TST14-25, + TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, TST15-35, + TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, TST16-45, + TST16-55,\n TST17-12, + TST17-22, TST17-32, TST17-42, TST17-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, TST17-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, TST18-22, + TST18-32, TST18-42, TST18-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n - configure + the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, + TST11-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST11-14, + TST11-24, TST11-34, TST11-44, TST11-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST12-11, TST12-21, TST12-31, TST12-41, TST12-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-14, TST12-24, + TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, TST13-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST13-14, TST13-24, TST13-34, + TST13-44, TST13-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + \tTST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t\tTST14-14, TST14-24, TST14-34, TST14-44, + TST14-54,\n TST15-11, + TST15-21, TST15-31, TST15-41, TST15-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, TST15-44, TST15-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-11, TST16-21, + TST16-31, TST16-41, TST16-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, TST16-54)\n - execute + the associated access\n - check associated access-fault exception raised]" +- 005_2_intersecting_entries_succeed: !Subfeature + name: 005_2_intersecting_entries_succeed + tag: VP_PMP_F025_S006 + next_elt_id: 1 + display_order: 5 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F025_S006_I000 + description: "{Page 57 Section \"3.7.1 Physical Memory Protection CSRs\" Volume + II: RISC-V Privileged Architectures V20211203}\n\nUp to 64 PMP entries are + supported" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "choose any 2 PMP entries\n\nCONFIGURATION and ACCESS (Cf. Feature: + \"cfg NA4/NAPOT/TOR/OFF access S/U/M\")\n - for the least-numbered pmp + entry, apply any CONFIGURATION+ACCESS scenario without access-fault\n \ + \ - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS + scenario with access-fault\n - make sure the pmp entries address ranges + are overlapping/intersecting (at least at 4 consecutive bytes)\n - for + each pmp entry, execute one access in its associated pmp address region + but outside the overlapping/intersecting address range\n - execute one + additional access inside the overlapping/intersecting address range\n \ + \ - NB: obviously, pmp entry configurations with different access-modes + (S/U vs. M) cannot be easily mixed in same test\n - NB: obviously, pmp + entry configurations with different mstatus.MPRV/MPP values cannot be mixed + in same test\n\nCHECK\n - for each pmp entry, access outside the overlapping/intersecting + address range should give the expected CHECK result\n - access inside + the overlapping/intersecting address range should not generate any access-fault\n\ + \nREUSABILITY\n - if possible, the number of PMP entries (N) is a configurable + parameter\n - so a single test function can be reused" + pfc: 3 + test_type: 4 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: "<< link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt + files (not up-to-date) : reading below not mandatory but may help for better + understanding >>\n\nTST51(group) => FTR09-a, FTR09-b and FTR09-c\n [create + scenarios where 2 PMP entries with same pmpaddr\n - one without matching + permissions or with A=OFF\n - one with matching permissions and A=NA4/NAPOT/TOR\n\ + \ - any of them can be the lowest-numbered PMP entry]\nTST51-2\n[configure + 2 PMP entries\n - configure the lowest-numbered PMP entry with (TST11-11, + TST11-21, TST11-31, TST11-41, TST11-51,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-14, TST11-24, TST11-34, TST11-44, TST11-54,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-11, TST12-21, + TST12-31, TST12-41, TST12-51,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-14, TST12-24, TST12-34, TST12-44, TST12-54,\n \ + \ TST13-11, TST13-21, TST13-31, TST13-41, + TST13-51,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST13-14, + TST13-24, TST13-34, TST13-44, TST13-54,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST14-11, TST14-21, TST14-31, TST14-41, TST14-51,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-14, TST14-24, + TST14-34, TST14-44, TST14-54,\n \ + \ TST15-11, TST15-21, TST15-31, TST15-41, TST15-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-14, TST15-24, TST15-34, + TST15-44, TST15-54,\n \t\t\t\t\t\t\t\t\t \t\t\t\t + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-14, TST16-24, TST16-34, TST16-44, + TST16-54)\n - configure the highest-numbered PMP entry with (TST11-12, + TST11-22, TST11-32, TST11-42, TST11-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST11-15, TST11-25, TST11-35, TST11-45, TST11-55,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST12-12, TST12-22, + TST12-32, TST12-42, TST12-52,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST12-15, TST12-25, TST12-35, TST12-45, TST12-55,\n \ + \ TST13-12, TST13-22, TST13-32, + TST13-42, TST13-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t\ + \ TST13-15, TST13-25, TST13-35, TST13-45, TST13-55,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-12, TST14-22, TST14-32, TST14-42, + TST14-52,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST14-15, + TST14-25, TST14-35, TST14-45, TST14-55,\n \ + \ TST15-12, TST15-22, TST15-32, TST15-42, TST15-52,\n\ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST15-15, TST15-25, + TST15-35, TST15-45, TST15-55,\n \t\t\t\t\t\t\t\t\t + \t\t\t\t TST16-12, TST16-22, TST16-32, TST16-42, TST16-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST16-15, TST16-25, TST16-35, + TST16-45, TST16-55,\n \ + \ TST17-12, TST17-22, TST17-32, TST17-42, TST17-52,\n \ + \ \t\t\t\t\t\t\t\t\t \t\t\t\t TST17-15, TST17-25, TST17-35, TST17-45, + TST17-55,\n \t\t\t\t\t\t\t\t\t \t\t\t\t TST18-12, + TST18-22, TST18-32, TST18-42, TST18-52,\n \t\t\t\t + \t\t\t\t\t \t\t\t\t TST18-15, TST18-25, TST18-35, TST18-45, TST18-55)\n\ + \ - execute the associated access\n - check no access-fault exception]" +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/VP_IP031.yml b/verif/docs/VerifPlans/PMP/VP_IP031.yml new file mode 100644 index 000000000..45ff1790a --- /dev/null +++ b/verif/docs/VerifPlans/PMP/VP_IP031.yml @@ -0,0 +1,51 @@ +!Feature +next_elt_id: 1 +name: entry reconfiguration +id: 31 +display_order: 31 +subfeatures: !!omap +- 000_reconfigure_N_pmp_entries: !Subfeature + name: 000_reconfigure_N_pmp_entries + tag: VP_PMP_F031_S001 + next_elt_id: 1 + display_order: 0 + items: !!omap + - '000': !VerifItem + name: '000' + tag: VP_PMP_F031_S001_I000 + description: "reuse of feature descriptions (Cf. Feature: \"cfg NA4/NAPOT/TOR/OFF + access S/U/M\")\nreuse of feature descriptions (Cf. Feature: \"CSRs M-mode + only\")\nreuse of feature descriptions (Cf. Feature: \"CSRs locked access\"\ + )\nreuse of feature descriptions (Cf. Feature: \"multi entries NA4/NAPOT/TOR/OFF\"\ + )" + reqt_doc: '' + ref_mode: page + ref_page: '' + ref_section: '' + ref_viewer: firefox + verif_goals: "configure any N PMP entries, possibly some with L=1\n\nCONFIGURATION + and ACCESS\n - for each pmp entry, apply any CONFIGURATION+ACCESS scenario + above (Cf. Feature: \"cfg NA4/NAPOT/TOR/OFF access S/U/M\")\n - make + sure the pmp entries address ranges are not overlapping/intersecting\n \ + \ - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP + values cannot be mixed in same test\n\nRECONFIGURATION and ACCESS\n - + for each pmp entry with L=0, apply any other CONFIGURATION+ACCESS scenario + above (Cf. Feature: \"cfg NA4/NAPOT/TOR/OFF access S/U/M\")\n - make + sure the pmp entries address ranges are not overlapping/intersecting\n \ + \ - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP + values cannot be mixed in same test\n\nRESET\n - if there is any pmp + entry with L=1, apply hart reset (or only PMP reset if possible)\n - + and restart with CONFIGURATION and RESET\n\nCHECK\n - for each pmp entry, + we should obtain the expected CHECK result\n\nREUSABILITY\n - if possible, + the number of PMP entries (N) is a configurable parameter\n - so a single + test function can be reused" + pfc: 3 + test_type: 3 + cov_method: 1 + cores: -1 + coverage_loc: '' + comments: '' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/PMP/pmp_verif_plan.txt b/verif/docs/VerifPlans/PMP/pmp_verif_plan.txt new file mode 100644 index 000000000..7569eadb5 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/pmp_verif_plan.txt @@ -0,0 +1,1739 @@ +/////////////////////////////////////////////////////////////////////////////////// +INITIAL VERIF PLAN (cv32a6_embedded_copro): list of memory regions +/////////////////////////////////////////////////////////////////////////////////// + + + +Check no LSU Fault/Exception and correct access propagation +- LOAD+STORE allowed ahb_periph regions +- LOAD allowed D-scratchpad +- LOAD+STORE allowed I-scratchpad (preload mode) +- LOAD+STORE allowed D-$ +- LOAD+STORE system memory + +Check no FETCH Fault/Exception and correct access propagation +- FETCH allowed I-$ +- FETCH allowed I-scratchpad (functional mode) +- FETCH system memory + +Check LSU Fault/Exception and NO access propagation +- LOAD+STORE disabled ahb_periph (if enabling/disabling still specified) +- LOAD+STORE forbidden ahb_periph regions (if definable) +- LOAD+STORE disabled D-scratchpad (if enabling/disabling still specified) +- LOAD forbidden D-scratchpad (if definable) +- STORE D-scratchpad (maybe not PMP related, but structurally forbidden) +- LOAD+STORE disabled I-scratchpad (if enabling/disabling still specified) +- LOAD+STORE I-scratchpad (functional mode) (maybe not PMP related, but structurally forbidden) +- LOAD+STORE forbidden I-scratchpad (if definable) +- LOAD+STORE forbidden D-$ (if definable) +- LOAD+STORE I-$ (inexistent path) +- LOAD+STORE unallocated System Memory (inexistent path) + +Check FETCH Fault/Exception and NO access propagation +- FETCH forbidden I-$ (if definable) +- FETCH disabled I-scratchpad (if enabling/disabling still specified) +- FETCH I-scratchpad (preload mode) +- FETCH forbidden I-scratchpad (if definable) +- FETCH D-scratchpad (inexistent path) (not PMP related) +- FETCH ahb_periph (inexistent path) (not PMP related) +- FETCH unallocated System Memory (inexistent path) (not PMP related) + + + +/////////////////////////////////////////////////////////////////////////////////// +ADDITONAL VERIF PLAN +/////////////////////////////////////////////////////////////////////////////////// + +[we assume there is only 1 hart in cv32a6] + +[we assume MXLEN is always 32bits] + +[we assume XLEN=MXLEN=32, so the PMP address registers are XLEN bits long, so no zero-extension needed] + +[we assume there is no region with hardwired privileges in PMP] + +[we assume the PMP granularity is 4 bytes (G=0)] + +[we assume there are 8 HW implemented PMP entries] + +[we assume no virtual memory is implemented] +[we assume page-based virtual memory is not implemented] + +[we assume the list of all physical memory regions] + - system memory regions + - I-$ + - D-$ + - I-scratchpad (preload mode) + - I-scratchpad (functional mode) + - D-scratchpad + - ahb_periph + +[check the role/definitions of mstatus.MPRV and mstatus.MPP later] //TODO + +[we assume an already written PMP entry (i) can be disabled + - if L=0, by clearing pmpcfg(i) + - if L=1, only by hart reset] + +//////////////////////////// + +TB01 => FTR01-h +[check that all violations are trapped at the processor] +[any time there is an access-fault type, check it matches the access-type] + +//TODO: TB02 +Determine how to use SV to factorize the similar tests + +//////////////////////////// + +TST01 (HIGH-PRIO) => FTR07-b +[determine the PMP granularity 2^(G+2) bytes by writing zero to pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). G is the index G of the least-significant bit set] + +TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero +TST02-1 (HIGH-PRIO) +[configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first one): with L=0, + - if possible, the PMP entry number is a configurable parameter + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST02-2 (LOW-PRIO) = 2 times reuse/call of TST02-1 +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST02-3 (LOW-PRIO) = N times reuse/call of TST02-1 +[configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): all with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST02-4 (HIGH-PRIO) = 8 times reuse/call of TST02-1 +[configure 8 PMP entries: all with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] + +TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero +TST03-1 (HIGH-PRIO) +[configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first one): with L=1, + - if possible, the PMP entry number is a configurable parameter + - if possible, L value is a configurable parameter + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST03-2 (LOW-PRIO) = 2 times reuse/call of TST02-1 +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=1, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST03-3 (HIGH-PRIO) = 2 times reuse/call of TST02-1 +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST03-4 (LOW-PRIO) = N times reuse/call of TST02-1 +[configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +TST03-5 (HIGH-PRIO) = 8 times reuse/call of TST02-1 +[configure 8 PMP entries: at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] + +TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] +TST04-1 (LOW-PRIO) extends TST02-1 +[configure any PMP entry, but the first one + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +TST04-2 (HIGH-PRIO) extends TST02-2 +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +TST04-3 (LOW-PRIO) extends TST02-3 +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +TST04-4 (HIGH-PRIO) extends TST02-4 +[configure 8 PMP entries (highest-numbered ones first) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] + +TST05 => FTR01-c and FTR01-c-extended + [check all regions are configurable in M-mode to make sure none is hardwired] + [regions hardwired privileges might only ever be visible in M-mode] +TST05-1 (HIGH-PRIO) extends TST02-4 + - check the written pmp(i)cfg and pmpaddr(i) values can be read exactly the same as written +TST05-2 (LOW-PRIO) extends TST03-5 + - check the written pmp(i)cfg and pmpaddr(i) values can be read exactly the same as written (before hart reset) + +TST06 => FTR04-a +[PMP CSR fields are WARL: PMP entry combinations with R=0 and W=1 are reserved/can’t be read] +[permissions fields could be randomly written; should we try randomization ?] +TST06-1 (HIGH-PRIO) extends TST02-4 + - write totally random values to pmp(i)cfg and pmpaddr(i) + - check all pmp(i)cfg and pmpaddr(i) can be read exactly the same as written except for the reserved combinations with R=0 and W=1 +TST06-2 (LOW-PRIO) extends TST03-5 + - write totally random values to pmp(i)cfg and pmpaddr(i) + - check all pmp(i)cfg and pmpaddr(i) can be read exactly the same as written except for the reserved combinations with R=0 and W=1 (before hart reset) + +//////////////////////////// + +TST10-1 (HIGH-PRIO) => FTR09-e +[check M-mode access succeeds if no PMP entry matches] +TST10-2 (HIGH-PRIO) => FTR09-e-question +[check M-mode access succeeds if no PMP entry defined] + +TST10-3 (HIGH-PRIO) => FTR09-f +[check S or U mode access fails when no PMP entry matching and at least one PMP entry implemented] +TST10-4 (HIGH-PRIO) => FTR09-f-question +[check S or U mode access fails when no PMP entry implemented] + +//////////////////////////// + +TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-11 (HIGH-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-12 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +TST11-13 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check instruction fetch access-fault exception raised] +TST11-14 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-15 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +TST11-16 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check instruction fetch access-fault exception raised] + +--------------------------- + +TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-21 (HIGH-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-22 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST11-23 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +TST11-24 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-25 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST11-26 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] + +--------------------------- + +TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-31 (HIGH-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST11-32 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST11-33 (MEDIUM-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +TST11-34 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST11-35 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST11-36 (LOW-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] + +--------------------------- + +TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-41 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-42 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST11-43 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +TST11-44 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST11-45 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST11-46 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] + +--------------------------- + +TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST11-51 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST11-52 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST11-53 (LOWEST-PRIO) +[with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +TST11-54 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST11-55 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST11-56 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] + +//////////////////////////// + +TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-11 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-12 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-13 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-14 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-15 (MEDIUM-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +TST12-16 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +--------------------------- + +TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-21 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-22 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-23 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-24 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-25 (MEDIUM-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST12-26 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +--------------------------- + +TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-31 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-32 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-33 (LOW-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-34 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-35 (MEDIUM-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST12-36 (HIGH-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +--------------------------- + +TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-41 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-42 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-43 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-44 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +TST12-45 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +TST12-46 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +--------------------------- + +TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST12-51 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-52 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-53 (LOWEST-PRIO) +[with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +TST12-54 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +TST12-55 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +TST12-56 (LOWEST-PRIO) +[with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED + +//////////////////////////// +//TODO: complete specificities for A=NAPOT + +TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] +TST13-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=NAPOT] +TST13-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=NAPOT] +TST13-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=NAPOT] +TST13-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=NAPOT] +TST13-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=NAPOT] +TST13-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] +TST13-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=NAPOT] +TST13-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=NAPOT] +TST13-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=NAPOT] +TST13-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=NAPOT] +TST13-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=NAPOT] +TST13-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] +TST13-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=NAPOT] +TST13-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=NAPOT] +TST13-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=NAPOT] +TST13-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=NAPOT] +TST13-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=NAPOT] +TST13-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] +TST13-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=NAPOT] +TST13-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=NAPOT] +TST13-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=NAPOT] +TST13-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=NAPOT] +TST13-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=NAPOT] +TST13-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] +TST13-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=NAPOT] +TST13-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=NAPOT] +TST13-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=NAPOT] +TST13-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=NAPOT] +TST13-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=NAPOT] +TST13-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=NAPOT] + +//////////////////////////// + +TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] +TST14-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=NAPOT] +TST14-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=NAPOT] +TST14-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=NAPOT] +TST14-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=NAPOT] +TST14-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=NAPOT] +TST14-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] +TST14-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=NAPOT] +TST14-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=NAPOT] +TST14-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=NAPOT] +TST14-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=NAPOT] +TST14-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=NAPOT] +TST14-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] +TST14-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=NAPOT] +TST14-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=NAPOT] +TST14-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=NAPOT] +TST14-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=NAPOT] +TST14-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=NAPOT] +TST14-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] +TST14-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=NAPOT] +TST14-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=NAPOT] +TST14-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=NAPOT] +TST14-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=NAPOT] +TST14-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=NAPOT] +TST14-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=NAPOT] + +--------------------------- + +TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] +TST14-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=NAPOT] +TST14-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=NAPOT] +TST14-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=NAPOT] +TST14-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=NAPOT] +TST14-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=NAPOT] +TST14-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=NAPOT] + +//////////////////////////// +//TODO: complete specificities for A=TOR + +TST15-1x(group) => FTR06-a + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] +TST15-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=TOR] +TST15-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=TOR] +TST15-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=TOR] +TST15-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=TOR] +TST15-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=TOR] +TST15-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST15-2x(group) => FTR06-a + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] +TST15-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=TOR] +TST15-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=TOR] +TST15-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=TOR] +TST15-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=TOR] +TST15-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=TOR] +TST15-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST15-3x(group) => FTR06-a + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] +TST15-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=TOR] +TST15-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=TOR] +TST15-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=TOR] +TST15-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=TOR] +TST15-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=TOR] +TST15-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST15-4x(group) => FTR06-a + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] +TST15-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=TOR] +TST15-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=TOR] +TST15-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=TOR] +TST15-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=TOR] +TST15-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=TOR] +TST15-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST15-5x(group) => FTR06-a + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] +TST15-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=TOR] +TST15-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=TOR] +TST15-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=TOR] +TST15-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=TOR] +TST15-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=TOR] +TST15-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=TOR] + +//////////////////////////// + +TST16-1x(group) => FTR06-a + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] +TST16-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=TOR] +TST16-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=TOR] +TST16-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=TOR] +TST16-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=TOR] +TST16-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=TOR] +TST16-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST16-2x(group) => FTR06-a + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] +TST16-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=TOR] +TST16-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=TOR] +TST16-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=TOR] +TST16-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=TOR] +TST16-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=TOR] +TST16-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST16-3x(group) => FTR06-a + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] +TST16-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=TOR] +TST16-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=TOR] +TST16-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=TOR] +TST16-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=TOR] +TST16-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=TOR] +TST16-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST16-4x(group) => FTR06-a + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] +TST16-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=TOR] +TST16-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=TOR] +TST16-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=TOR] +TST16-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=TOR] +TST16-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=TOR] +TST16-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=TOR] + +--------------------------- + +TST16-5x(group) => FTR06-a + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] +TST16-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=TOR] +TST16-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=TOR] +TST16-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=TOR] +TST16-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=TOR] +TST16-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=TOR] +TST16-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=TOR] + +//////////////////////////// +//TODO: complete specificities for A=OFF + +TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] +TST17-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST17-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=OFF] +TST17-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=OFF] +TST17-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST17-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=OFF] +TST17-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] +TST17-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +TST17-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=OFF] +TST17-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=OFF] +TST17-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +TST17-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=OFF] +TST17-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] +TST17-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +TST17-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=OFF] +TST17-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=OFF] +TST17-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +TST17-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=OFF] +TST17-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] +TST17-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +TST17-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=OFF] +TST17-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=OFF] +TST17-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +TST17-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=OFF] +TST17-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] +TST17-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +TST17-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=OFF] +TST17-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=OFF] +TST17-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +TST17-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=OFF] +TST17-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=OFF] + +//////////////////////////// + +TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] +TST18-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=OFF] +TST18-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=OFF] +TST18-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=OFF] +TST18-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=OFF] +TST18-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] +TST18-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=OFF] +TST18-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=OFF] +TST18-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=OFF] +TST18-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=OFF] +TST18-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] +TST18-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=OFF] +TST18-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=OFF] +TST18-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=OFF] +TST18-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=OFF] +TST18-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] +TST18-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=OFF] +TST18-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=OFF] +TST18-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=OFF] +TST18-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=OFF] +TST18-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=OFF] + +--------------------------- + +TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] +TST18-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=OFF] +TST18-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=OFF] +TST18-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=OFF] +TST18-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +TST18-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=OFF] +TST18-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=OFF] + +//////////////////////////// + +TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] +TST21-1 = extension of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) +[configure only one (any, but the first one) PMP entry + - use A=NA4 for the PMP entry configuration + - execute the chosen kind of access + - should be same result] +TST21-2 = extension of compatible pair of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - use A=NA4 for each PMP entry configuration + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +TST21-3 = extension of compatible group(N) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - use A=NA4 for each PMP entry configuration + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +TST21-4 = extension of compatible group(8) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) +[configure 8 PMP entries (highest-numbered ones first) + - use A=NA4 for each PMP entry configuration + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] + +--------------------------- + +TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] +TST22-1 = extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) +[configure only one (any, but the first one) PMP entry + - use A=NAPOT for the PMP entry configuration + - execute the chosen kind of access + - should be same result] +TST22-2 = extension of compatible pair of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - use A=NAPOT for each PMP entry configuration + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +TST22-3 = extension of compatible group(N) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - use A=NAPOT for each PMP entry configuration + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +TST22-4 = extension of compatible group(8) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) +[configure 8 PMP entries (highest-numbered ones first) + - use A=NAPOT for each PMP entry configuration + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] + +--------------------------- + +TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] +TST23-1 = extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) +[configure only one (any, but the first one) PMP entry + - execute the chosen kind of access + - should be same result] +TST23-2 = extension of compatible pair of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +TST23-3 = extension of compatible group(N) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +TST23-4 = extension of compatible group(8) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) +[configure 8 PMP entries (highest-numbered ones first) + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] + +--------------------------- + +TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g +TST24-1 = extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? +[configure only one (any, but the first one) PMP entry + - execute the chosen kind of access + - check appropriate access-fault exception raised] +TST24-2 = extension of compatible pair of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses (if possible to chain due to access-fault) + - check 2 appropriate access-fault exceptions raised] +TST24-3 = extension of compatible group(N) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute the N kinds of accesses (if possible to chain due to access-fault) + - check N appropriate access-fault exceptions raised] +TST24-4 = extension of compatible group(8) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? +[configure 8 PMP entries (highest-numbered ones first) + - execute the 8 kinds of accesses (if possible to chain due to access-fault) + - check 8 appropriate access-fault exceptions raised] + +--------------------------- + +//TO COMPLETE => FTR06-b +TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 +TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + +//TO COMPLETE => FTR06-c +TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] + +//////////////////////////// + +TST31(group) => FTR08-a and FTR08-b + [create scenario where L=0 for PMP entry (i) + - check pmp(i)cfg and pmpaddr(i) are writable in M-mode only] + [create scenario where L=1 for PMP entry (i) + - check pmp(i)cfg and pmpaddr(i) are effectively locked whatever the mode] + [create scenario where PMP entries are locked L=1 + - check only the hart reset unlocks all PMP entries + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero] +TST31-1 = extension of (TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure only one ([FTR02-b1]: maybe mandatorily the 1st) PMP entry: with L=1 + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a] +TST31-2 = extension of compatible pair of (TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=1 + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a] +TST31-3 = extension of compatible pair of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): one with L=1 and the other with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] +TST31-4 = extension of compatible group(N) of (TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): all with L=1 + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a] +TST31-5 = extension of compatible group(N) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] +TST31-6 = extension of compatible group(8) of (TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure 8 PMP entries: all with L=1 + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a] +TST31-7 = extension of compatible group(8) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54) +[configure 8 PMP entries: at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] + +--------------------------- + +TST32(group) => FTR08-a and FTR08-b + [create scenario where pmp(i)cfg.L=1 and pmp(i)cfg.A=NAPOT for PMP entry (i)] +TST32-1 = same as TST31-1 but with extension of (TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-2 = same as TST31-2 but with extension of (TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-3 = same as TST31-3 but with extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-4 = same as TST31-4 but with extension of (TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-5 = same as TST31-5 but with extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-6 = same as TST31-6 but with extension of (TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) +TST32-7 = same as TST31-7 but with extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54) + +--------------------------- + +TST33(group) => FTR08-a and FTR08-b + [create scenario where pmp(i)cfg.L=1 and pmp(i)cfg.A=TOR for PMP entry (i) + - additionally, check writes to pmpaddr(i-1) are ignored] +TST33-1 = same as TST31-1 but with extension of (TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-2 = same as TST31-2 but with extension of (TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-3 = same as TST31-3 but with extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-4 = same as TST31-4 but with extension of (TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-5 = same as TST31-5 but with extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-6 = same as TST31-6 but with extension of (TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +TST33-7 = same as TST31-7 but with extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + +--------------------------- + +TST34(group) => FTR08-a and FTR08-b + [create scenario where pmp(i)cfg.A=OFF, then pmp(i)cfg.L=1 for PMP entry (i) + - check writes to pmp(i)cfg are ignored] +TST34-1 = same as TST31-1 but with extension of (TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-2 = same as TST31-2 but with extension of (TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-3 = same as TST31-3 but with extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-4 = same as TST31-4 but with extension of (TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-5 = same as TST31-5 but with extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-6 = same as TST31-6 but with extension of (TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) +TST34-7 = same as TST31-7 but with extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54) + +--------------------------- + +TST39(group) => FTR08-a and FTR08-b + [create scenario where pmp(i)cfg.L=1 and pmp(i)cfg.A=NA4/NAPOT/TOR/OFF for PMP entry (i)] +TST39-1 = same as TST31-1 but with extension of (TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-2 = same as TST31-2 but with extension of (TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-3 = same as TST31-3 but with extension of (TST1*-11, TST1*-21, TST1*-31, TST1*-41, TST1*-51, + TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-4 = same as TST31-4 but with extension of (TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-5 = same as TST31-5 but with extension of (TST1*-11, TST1*-21, TST1*-31, TST1*-41, TST1*-51, + TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-6 = same as TST31-6 but with extension of (TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) +TST39-7 = same as TST31-7 but with extension of (TST1*-11, TST1*-21, TST1*-31, TST1*-41, TST1*-51, + TST1*-14, TST1*-24, TST1*-34, TST1*-44, TST1*-54) + +//////////////////////////// + +TST42(group) => FTR02-b1 + [check if the lowest-numbered PMP CSRs must be programmed for higher-numbered ones to be taken into account in PMP checks] +TST42-1 = extension of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +[configure only one (any, but the first one) PMP entry + - execute the chosen kind of access several times + - check no access-fault exception] +TST42-2 = extension of compatible pair of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +[configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses several times + - check no access-fault exception] +TST42-3 = extension of compatible group(N) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) +[configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute all the kinds of accesses several times + - check no access-fault exception] + +//////////////////////////// + +TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] +TST51-1 +[configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +TST51-2 +[configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] + +// //IMPOSSIBLE TO IMPLEMENT (4-BYTE GRANUARITY) => FTR09-a +// [implement checks for priority: +// for each access length (1byte, 2bytes, 3bytes or 4bytes) +// for each byte position on the 32bits bus +// for each kind of permissions/mode access settings +// - set a low-numbered any-single-byte-address-matching PMP entry with non-matching permissions/mode settings +// - set a higher-numbered all-bytes-address-matching PMP entry with matching permissions/mode settings +// - set intermediate-numbered not-all-bytes-address-matching PMP entries with matching permissions/mode settings +// - NB: can be randomized +// - check the accesses fail (so reaching the low-numbered any-single-byte-address-matching PMP entry) +// for each access length (1byte, 2bytes, 3bytes or 4bytes) +// for each byte position on the 32bits bus +// for each kind of permissions/mode access settings +// - set a low-numbered all-bytes-address-matching PMP entry with matching permissions/mode settings +// - set a higher-numbered any-single-byte-address-matching PMP entry with non-matching permissions/mode settings +// - set intermediate-numbered not-all-bytes-address-matching PMP entries with non-matching permissions/mode settings +// - NB: can be randomized +// - check the accesses pass (so reaching the low-numbered all-bytes-address-matching PMP entry)] + +// //IMPOSSIBLE TO IMPLEMENT (4-BYTE GRANUARITY) => FTR09-b and FTR09-c +// [check access fails if only part of the access bytes are matching the PMP entry whatever the permissions and the mode] +// for each access length (1byte, 2bytes, 3bytes or 4bytes) +// for each byte position on the 32bits bus +// for each kind of permissions/mode access settings +// - set a low-numbered all-bytes-address-matching PMP entry with non-matching permissions/mode settings +// - set a higher-numbered any-single-byte-address-matching PMP entry with matching permissions/mode settings +// - set intermediate-numbered not-all-bytes-address-matching PMP entries with matching permissions/mode settings +// - NB: can be randomized +// - check the accesses fail] + +//////////////////////////// + +TST61 => FTR10-a +[check multiple-accesses instructions not generating any access-fault exceptions] + +TST62 +[check multiple-accesses instructions generating access-fault exceptions with only one non-matching access] + +TST63 +[check multiple-accesses instructions generating access-fault exceptions with multiple non-matching accesses] + +TST64 +[create scenario where instruction-associated multiple accesses are not mutually atomic] //TODO: UNDERSTAND THE MEANING + +//TST65 => FTR10-c +[create scenario with misaligned loads, stores, and instruction fetches generating multiple accesses for which: + - access-fault exception occurs at 1st, 2nd, … last access + - other accesses succeed] +[if floating-point is enabled, create scenario for floating-point store wider than XLEN bits (e.g. FSD instruction) + + + diff --git a/verif/docs/VerifPlans/PMP/pmp_verif_plan_features.txt b/verif/docs/VerifPlans/PMP/pmp_verif_plan_features.txt new file mode 100644 index 000000000..520e0d999 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/pmp_verif_plan_features.txt @@ -0,0 +1,224 @@ + + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +-19-FTR01 + +FTR01-a +[PMP allows physical memory access privileges (read, write, execute) to be specified for each physical memory region] + +FTR01-b +[the standard PMP encoding supports regions as small as four bytes.] + +FTR01-c +[Certain regions’ privileges can be hardwired: so only ever be visible in machine mode but in no lower-privilege layers.] +FTR01-c-extended +[PMP regions hardwired privileges can only be observed in M-mode] + +FTR01-d +[PMP checks are applied to all accesses whose effective privilege mode is S or U] + +FTR01-e +[PMP checks are also applied to page-table accesses for virtual-address translation, for which the effective privilege mode is S] + +FTR01-f (refers to FTR08-e1) +[PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + +FTR01-g1 +[by default (PMP entry not yet configured), S and U modes have no PMP permissions] +FTR01-g2 +[by default (PMP entry not yet configured), M-mode has full permissions.] + +FTR01-h +[PMP violations are always trapped precisely at the processor] + +//////////////////////////// +-21-FTR02 + +FTR02-a +[Up to 64 PMP entries are supported] + +FTR02-b1 +[the lowest-numbered PMP CSRs must be implemented first (does it mean programmed first)] +FTR02-b2 +[All PMP CSR fields are WARL and may be read-only zero (does read-only zero mean not implemented?)] + +FTR02-d +[PMP CSRs are only accessible to M-mode] + +FTR02-e +[2 CSRs, pmpcfg0–pmpcfg1, hold the configurations pmp0cfg–pmp7cfg for the 8 PMP entries] + + +//////////////////////////// +-23-FTR03 + +FTR03-a +[Each PMP address register encodes bits 33–2 of a 34-bit physical address] + +FTR03-b (NOT TOTALLY UNDERSTOOD!!!) +[Not all physical address bits may be implemented, and so the pmpaddr registers are WARL] + +//////////////////////////// +-25-FTR04 + +FTR04-a +[The R, W, and X fields form a collective WARL field for which the combinations with R=0 and W=1 are reserved.] + +FTR04-b +[Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + +FTR04-c +[Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + +FTR04-d +[Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + +FTR04-e +[if MXLEN is changed, the contents of the pmp(x)cfg fields are preserved, but appear in the pmpcfg(y) CSR prescribed by the new setting of MXLEN] +FTR04-e-assumption +[we assume MXLEN is always 32bits] + +//////////////////////////// +-27-FTR05 + +FTR05-a +[The A field in a PMP entry’s configuration register encodes the address-matching mode of the associated PMP address register] +[When A=OFF, this PMP entry is disabled and matches no addresses] +[When A=TOR, top boundary of an arbitrary range] +[When A=NA4, naturally aligned four-byte regions] +[When A=NAPOT, naturally aligned power-of-2 regions] +[These modes support four-bytes granularity] + +//////////////////////////// +-28-FTR06 + +FTR06-a +[If PMP entry i’s A field is set to TOR, the entry matches any address y such that pmpaddr(i−1) ≤ y < pmpaddr(i) (irrespective of the value of pmpcfg(i−1))] + +FTR06-b +[If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0)] + +FTR06-c +[If pmpaddr(i−1) ≥ pmpaddr(i) and pmpcfg(i).A=TOR, then PMP entry i matches no addresses] + +//////////////////////////// +-30-FTR07 + +FTR07-a +[Although the PMP mechanism supports regions as small as 4 bytes, platforms may specify coarser PMP regions] +[the PMP grain is 2^(G+2) bytes and must be the same across all PMP regions] + +FTR07-b +[Software may determine the PMP granularity by writing zero to pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). If G is the index of the least-significant bit set, the PMP granularity is 2^(G+2) bytes] + +FTR07-c +[If the current XLEN is greater than MXLEN, the PMP address registers are zero-extended from MXLEN to XLEN bits for the purposes of address matching] +FTR07-c-assumption +[we assume XLEN=MXLEN=32 bits] + +//////////////////////////// +-32-FTR08 + +FTR08-a +[The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored] +[If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored] + +FTR08-b +[Locked PMP entries remain locked until the hart is reset] + +FTR08-c +[if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored] + +FTR08-d +[Setting the L bit locks the PMP entry even when the A field is set to OFF] + +FTR08-e +[L bit indicates whether the R/W/X permissions are enforced on M-mode accesses] +FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) +[When the L bit is set, these permissions are enforced for all privilege modes] +FTR08-e2-1 (refers to FTR09-d1) +[When the L bit is clear, any M-mode access matching the PMP entry will succeed] +FTR08-e2-2 (refers to FTR09-d2-2) +[When the L bit is clear, the R/W/X permissions apply only to S and U modes] + +//////////////////////////// +-34-FTR09 + +FTR09-a +[PMP entries are statically prioritized] +[The lowest-numbered PMP entry that matches any byte of an access determines whether that access succeeds or fails] + +FTR09-b +[The matching PMP entry must match all bytes of an access, or the access fails, irrespective of the L, R, W, and X bits] + +FTR09-c +[If a PMP entry matches all bytes of an access, then the L, R, W, and X bits determine whether the access succeeds or fails] + +FTR09-d1 (refers to FTR08-e2-1) +[If the L bit is clear and the privilege mode of the access is M, the access succeeds] +FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) +[if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] +FTR09-d2-2 (L=0 refers to FTR08-e2-2) +[if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + +FTR09-e +[If no PMP entry matches an M-mode access, the access succeeds] +FTR09-e-question +[what happens if no PMP entry is implemented ?] + +FTR09-f +[If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails] +FTR09-f-question +[what happens if no PMP entry is implemented ?] + +FTR09-g +[If at least one PMP entry is implemented, but all PMP entries’ A fields are set to OFF, then all S-mode and U-mode memory accesses will fail] +FTR09-g-question (same as FTR09-f-question if 'memory access' is no different matter) +[what happens if no PMP entry is implemented ?] + +question are the pmpaddr(i) aligned to 4bytes ? + - NA4: naturally aligned four-byte regions + - NAPOT: naturally aligned power-of-2 regions + - TOR: + These modes support four-byte granularity + Each PMP address register encodes bits 33–2 of a 34-bit physical address for RV32 + +//////////////////////////// +-36-FTR10 + +FTR10-a +[An access-fault exception is generated if at least one access generated by an instruction fails, though other accesses generated by that instruction may succeed with visible side effects] + +FTR10-b +[instructions that reference virtual memory are decomposed into multiple accesses] +FTR10-b-assumption +[we assume no virtual memory is implemented] +[we assume page-based virtual memory is not implemented] + +FTR10-c +[misaligned loads, stores, and instruction fetches may also be decomposed into multiple accesses, some of which may succeed before an access-fault exception occurs] + +//////////////////////////// +-38-FTR11 +FTR11-assumption +[we assume no virtual memory is implemented] +[we assume page-based virtual memory is not implemented] + +FTR11-a +[instructions that access virtual memory may result in multiple physical-memory accesses, including implicit references to the page tables. The PMP checks apply to all of these accesses] + +FTR11-b +[The effective privilege mode for implicit page-table accesses is S] + +FTR11-c +[The PMP settings for the resulting physical address may be checked (and possibly cached) at any point between the address +translation and the explicit memory access] + +FTR11-d +[when the PMP settings are modified, M-mode software must synchronize the PMP settings with the virtual memory system and any PMP or address-translation caches] + +FTR11-e +[If page-based virtual memory is not implemented, memory accesses check the PMP settings synchronously, so no SFENCE.VMA is needed] + + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// diff --git a/verif/docs/VerifPlans/PMP/runme.sh b/verif/docs/VerifPlans/PMP/runme.sh new file mode 100644 index 000000000..08508cfb8 --- /dev/null +++ b/verif/docs/VerifPlans/PMP/runme.sh @@ -0,0 +1,34 @@ +############################################################################# +# Copyright (C) 2022 Thales DIS France SAS +# +# SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0. +# +# Original Author: Zbigniew Chamski (zbigniew.chamski@thalesgroup.com) +############################################################################# +#!/bin/sh + +# Location of project-specific directories +ROOTDIR=`readlink -f $(dirname "${BASH_SOURCE[0]}")` + +# Set up platform location. It can be anywhere but should contain +# a valid `vp_config.py` file in `vptool` directory. +# Here we use the verification tree from the example directory. +export PLATFORM_TOP_DIR="$ROOTDIR" + +# Set the printable name for the project that will be used +# in the human-readable documentation. +export PROJECT_NAME="PMP" + +# Set the alphanumerical identifier of the project that +# will be used to construct file names etc. +export PROJECT_IDENT="PMP" + +# Set the destination directory of Markdown files for this project. +# Since it will be used by VPTOOL, it shall NOT be a relative path. +export MARKDOWN_OUTPUT_DIR=`readlink -f "$ROOTDIR/../source"` + +# Run VPTOOL overriding the default theme from Yaml config with 'winxpblue'. +# FIXME: Introduce a suitably named shell variable that points to the root +# directory of the tool set (TOOL_TOP etc.) +# FORNOW use a hardcoded relative path. +sh $ROOTDIR/../../../core-v-verif/tools/vptool/vptool.sh $* diff --git a/verif/docs/VerifPlans/csr_access/VP_IP000.yml b/verif/docs/VerifPlans/csr_access/VP_IP000.yml index a62965d9d..6ea386da3 100644 --- a/verif/docs/VerifPlans/csr_access/VP_IP000.yml +++ b/verif/docs/VerifPlans/csr_access/VP_IP000.yml @@ -109,7 +109,7 @@ subfeatures: !!omap cores: 8 coverage_loc: '' comments: '' -vptool_gitrev: '$Id: b0efb3ae3f9057b71a577d43c2b77f1cfb2ef82f $' -io_fmt_gitrev: '$Id: 7ee5d68801f5498a957bcbe23fcad87817a364c5 $' -config_gitrev: '$Id: 0422e19126dae20ffc4d5a84e4ce3de0b6eb4eb5 $' -ymlcfg_gitrev: '$Id: 286c689bd48b7a58f9a37754267895cffef1270c $' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/csr_access/VP_IP001.yml b/verif/docs/VerifPlans/csr_access/VP_IP001.yml index 8b1641969..39fff3010 100644 --- a/verif/docs/VerifPlans/csr_access/VP_IP001.yml +++ b/verif/docs/VerifPlans/csr_access/VP_IP001.yml @@ -83,7 +83,7 @@ subfeatures: !!omap cores: 8 coverage_loc: '' comments: '' -vptool_gitrev: '$Id: b0efb3ae3f9057b71a577d43c2b77f1cfb2ef82f $' -io_fmt_gitrev: '$Id: 7ee5d68801f5498a957bcbe23fcad87817a364c5 $' -config_gitrev: '$Id: 0422e19126dae20ffc4d5a84e4ce3de0b6eb4eb5 $' -ymlcfg_gitrev: '$Id: 286c689bd48b7a58f9a37754267895cffef1270c $' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/csr_access/VP_IP002.yml b/verif/docs/VerifPlans/csr_access/VP_IP002.yml index 51ed9fa8d..2d6de3ffa 100644 --- a/verif/docs/VerifPlans/csr_access/VP_IP002.yml +++ b/verif/docs/VerifPlans/csr_access/VP_IP002.yml @@ -108,7 +108,7 @@ subfeatures: !!omap cores: 8 coverage_loc: '' comments: '' -vptool_gitrev: '$Id: b0efb3ae3f9057b71a577d43c2b77f1cfb2ef82f $' -io_fmt_gitrev: '$Id: 7ee5d68801f5498a957bcbe23fcad87817a364c5 $' -config_gitrev: '$Id: 0422e19126dae20ffc4d5a84e4ce3de0b6eb4eb5 $' -ymlcfg_gitrev: '$Id: 286c689bd48b7a58f9a37754267895cffef1270c $' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/csr_access/VP_IP003.yml b/verif/docs/VerifPlans/csr_access/VP_IP003.yml index 3099b330b..8b2c03333 100644 --- a/verif/docs/VerifPlans/csr_access/VP_IP003.yml +++ b/verif/docs/VerifPlans/csr_access/VP_IP003.yml @@ -119,7 +119,7 @@ subfeatures: !!omap cores: 8 coverage_loc: '' comments: '' -vptool_gitrev: '$Id: b0efb3ae3f9057b71a577d43c2b77f1cfb2ef82f $' -io_fmt_gitrev: '$Id: 7ee5d68801f5498a957bcbe23fcad87817a364c5 $' -config_gitrev: '$Id: 0422e19126dae20ffc4d5a84e4ce3de0b6eb4eb5 $' -ymlcfg_gitrev: '$Id: 286c689bd48b7a58f9a37754267895cffef1270c $' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/csr_access/VP_IP004.yml b/verif/docs/VerifPlans/csr_access/VP_IP004.yml index 2250afd03..e21f85d7f 100644 --- a/verif/docs/VerifPlans/csr_access/VP_IP004.yml +++ b/verif/docs/VerifPlans/csr_access/VP_IP004.yml @@ -121,7 +121,7 @@ subfeatures: !!omap cores: 8 coverage_loc: '' comments: '' -vptool_gitrev: '$Id: b0efb3ae3f9057b71a577d43c2b77f1cfb2ef82f $' -io_fmt_gitrev: '$Id: 7ee5d68801f5498a957bcbe23fcad87817a364c5 $' -config_gitrev: '$Id: 0422e19126dae20ffc4d5a84e4ce3de0b6eb4eb5 $' -ymlcfg_gitrev: '$Id: 286c689bd48b7a58f9a37754267895cffef1270c $' +vptool_gitrev: '$Id: a8b561f68549658061625891c533e7d45996bc9e $' +io_fmt_gitrev: '$Id: 61ab4e53ca49e21d56c416f0af0fa04d148e8001 $' +config_gitrev: '$Id: 5192fced2cfa10be5e18e827922e31e7489ed987 $' +ymlcfg_gitrev: '$Id: ce5e73bd5e8e0099334cb657afb7a624a99afbda $' diff --git a/verif/docs/VerifPlans/csr_access/dvplan_csr-access.md b/verif/docs/VerifPlans/csr_access/dvplan_csr-access.md deleted file mode 100644 index 861c79e61..000000000 --- a/verif/docs/VerifPlans/csr_access/dvplan_csr-access.md +++ /dev/null @@ -1,730 +0,0 @@ - CORE-V CV32A6-step1 Design Verification Plan documentation - -[CORE-V CV32A6-step1 Design Verification Plan ![Logo](_static/openhw-landscape.svg)](#) - -Contents: - -* [Introduction](index.html#document-dvplan_intro) -* [Module: CSR ACCESS VERIFICATION](index.html#document-dvplan_csr-access) - -[CORE-V CV32A6-step1 Design Verification Plan](#) - -* [](#) -* CORE-V CV32A6-step1 Design Verification Plan documentation - -* * * - -CV32A6-step1 Design Verification Plan[](#cv32a6-step1-design-verification-plan "Permalink to this headline") -============================================================================================================= - -Introduction[](#introduction "Permalink to this headline") ------------------------------------------------------------ - -The objective of this document is to describe what must be covered to verify CVA6 RISC-V processor. - -### License[](#license "Permalink to this headline") - -Copyright 2022 Thales - -SPDX-License-Identifier: Apache-2.0 WITH SHL-2.1 - -Licensed under the Solderpad Hardware License v 2.1 (the “License”); you may not use this file except in compliance with the License, or, at your option, the Apache License version 2.0. You may obtain a copy of the License at [https://solderpad.org/licenses/SHL-2.1/](https://solderpad.org/licenses/SHL-2.1/). - -Unless required by applicable law or agreed to in writing, any work distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - -### Standards Compliance[](#standards-compliance "Permalink to this headline") - -To ease the reading, the reference to these specifications can be implicit in the requirements below. For the sake of precision, the requirements identify the versions of RISC-V extensions from these specifications. - -* **\[CVA6req\]** “CVA6 requirement specification”, [https://github.com/openhwgroup/cva6/blob/master/docs/specifications/cva6\_requirement\_specification.rst](https://github.com/openhwgroup/cva6/blob/master/docs/specifications/cva6_requirement_specification.rst), HASH#767c465. - -* **\[CVA6design\]** “CVA6 design document”, TO BE COMPLETED - -* **\[RVunpriv\]** “The RISC-V Instruction Set Manual, Volume I: User-Level ISA, Document Version 20191213”, Editors Andrew Waterman and Krste Asanović, RISC-V Foundation, December 13, 2019. - -* **\[RVpriv\]** “The RISC-V Instruction Set Manual, Volume II: Privileged Architecture, Document Version 20211203”, Editors Andrew Waterman, Krste Asanović and John Hauser, RISC-V Foundation, December 4, 2021. - -* **\[RVdbg\]** “RISC-V External Debug Support, Document Version 0.13.2”, Editors Tim Newsome and Megan Wachs, RISC-V Foundation, March 22, 2019. - -* **\[RVcompat\]** “RISC-V Architectural Compatibility Test Framework”, [https://github.com/riscv-non-isa/riscv-arch-test](https://github.com/riscv-non-isa/riscv-arch-test). - -* **\[AXI\]** AXI Specification, [https://developer.arm.com/documentation/ihi0022/hc](https://developer.arm.com/documentation/ihi0022/hc). - -* **\[CV-X-IF\]** Placeholder for the CV-X-IF coprocessor interface currently prepared at OpenHW Group; current version in [https://docs.openhwgroup.org/projects/openhw-group-core-v-xif/](https://docs.openhwgroup.org/projects/openhw-group-core-v-xif/). - -* **\[OpenPiton\]** “OpenPiton Microarchitecture Specification”, Princeton University, [https://parallel.princeton.edu/openpiton/docs/micro\_arch.pdf](https://parallel.princeton.edu/openpiton/docs/micro_arch.pdf). - - -CV32A6 is a 32-bit processor fully compliant with RISC-V specifications: \[RVunpriv\], \[RVpriv\] and \[RVdbg\] and passes \[RVcompat\] compatibility tests, as requested by \[GEN-10\] in \[CVA6req\]. - -### Getting start verification[](#getting-start-verification "Permalink to this headline") - -\[TO BE COMPLETED\] - -### Documentation framework[](#documentation-framework "Permalink to this headline") - -The framework of this document is aligned with the CVA6 design document \[CVA6design\]. - -Description of the framework: - -* Processor is a subsystem - -* Processor subsystems are split into several modules - -* Modules are verified separately - - -### Contributors[](#contributors "Permalink to this headline") - -Jean-Roch Coulon - Thales - -\[TO BE COMPLETED\] - -Module: CSR ACCESS VERIFICATION[](#module-csr-access-verification "Permalink to this headline") ------------------------------------------------------------------------------------------------- - -### Feature: CVA6\_Machine\_mode\_RW\_CSRs(mstatus, misa, mideleg, medeleg, mie, mtvec, mcounteren, mepc, mcause, mtval, mip,pmpaddr\[0..7\], pmpcfg\[0..1\])[](#feature-cva6-machine-mode-rw-csrs-mstatus-misa-mideleg-medeleg-mie-mtvec-mcounteren-mepc-mcause-mtval-mip-pmpaddr-0-7-pmpcfg-0-1 "Permalink to this headline") - -#### Sub-feature: 000\_Power-on-reset (POR) values of CSR[](#sub-feature-000-power-on-reset-por-values-of-csr "Permalink to this headline") - -##### Item: 000[](#item-000 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Upon reset, RISC-V CVA6 Machine mode RW CSRs must initialize to their respective POR value. - -* **Verification Goals** - - Verify that the Machine Mode RW CSR POR value must match with the value specified in the RISC-V CVA6 user manual. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F000\_S000\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 001\_Testing CSR with inverted reset value[](#sub-feature-001-testing-csr-with-inverted-reset-value "Permalink to this headline") - -##### Item: 000[](#id1 "Permalink to this headline") - -* **Requirement location:** - -* **Feature Description** - - Check the behaviour of the RISC-V Machine mode CVA6 CSRs,when reset inverted values are written to respective CSRs. - -* **Verification Goals** - - 1. Verify CSR reading post write operation. - - 2. Verify if the core correctly handles inverted reset values or not. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_csr-access\_F000\_S003\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 002\_CSR write and read operations[](#sub-feature-002-csr-write-and-read-operations "Permalink to this headline") - -##### Item: 000[](#id2 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - check the correctness of RISCV CVA6 Machine Mode RW CSRs by writing random values like 0xa5a5a5a5, 0x5a5a5a5a, 0xffa1ae40.. and read using the CSR instructions defined in the instruction set architecture (ISA). - -* **Verification Goals** - - 1.Verify that CSR can be written using the appropriate CSR write instructions. - - 2.Ensure correct read operations using CSR read instructions. - - 3.Ensure that read values of the CSR should be as per CVA6 user manual - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F000\_S001\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 003\_CSR access in different privilege modes[](#sub-feature-003-csr-access-in-different-privilege-modes "Permalink to this headline") - -##### Item: 000[](#id3 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Accessing RISC-V CVA6 Machine Mode CSRs in different privilege modes (User, Supervisor and Machine modes). - -* **Verification Goals** - - 1.Ensure that Machine mode CSRs can only be accessed in the Machine mode according to the RISCV specification. - - 2.Verify that trying to access Machine Mode CSRs in lower privilege mode raises an illegal instruction exception. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F000\_S002\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -### Feature: CVA6\_Machine\_mode\_RO\_CSRs(mvendorid, marchid, mimpid, mhartid)[](#feature-cva6-machine-mode-ro-csrs-mvendorid-marchid-mimpid-mhartid "Permalink to this headline") - -#### Sub-feature: 000\_Power-on-reset (POR) values of CSR[](#id4 "Permalink to this headline") - -##### Item: 000[](#id5 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Upon reset,RISC-V CVA6 Machine RO(read only) CSR must initialize to their respective POR value. - -* **Verification Goals** - - Verify that the Machine RO(Read only) CSR POR value must match with the value specified in the RISC-V CVA6 User Manual. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F001\_S000\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 001\_CSR write and read operations[](#sub-feature-001-csr-write-and-read-operations "Permalink to this headline") - -##### Item: 000[](#id6 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Check the correctness of RISCV CVA6 read only CSR by writing random values like 0xa5a5a5a5, 0x5a5a5a5a, 0xffa1ae40.. and confirm whether write into RO CSRs is possible or not. - -* **Verification Goals** - - 1.Attempt to write a RO CSR. - 2.Check to see that an illegal instruction exception occurred. - 3.Immediately after returning from the exception handler, check to see that the CSR value is not changed. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F001\_S001\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 002\_CSR access in different privilege modes[](#sub-feature-002-csr-access-in-different-privilege-modes "Permalink to this headline") - -##### Item: 000[](#id7 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Accessing RISC-V Machine read only CSRs in different privilege modes (User, Supervisor and Machine modes). - -* **Verification Goals** - - 1.Ensure that Machine mode read only CSRs can only be accessed in Machine mode according to the RISC-V specification and does not alter the value of the CSR. - - 2.Verify that trying to access a Machine read only CSRs in an lower privilege mode raises an illegal instruction exception. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F001\_S002\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -### Feature: CVA6\_Supervisor\_mode\_RW\_CSRs(sstatus,stvec, sip, sie, scounteren, sscratch, sepc, scause, stval, satp)[](#feature-cva6-supervisor-mode-rw-csrs-sstatus-stvec-sip-sie-scounteren-sscratch-sepc-scause-stval-satp "Permalink to this headline") - -#### Sub-feature: 000\_Power-on-reset (POR) values of CSR[](#id8 "Permalink to this headline") - -##### Item: 000[](#id9 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Upon reset, RISC-V CVA6 Supervisor mode RW CSRs must initialize to their respective POR value. - -* **Verification Goals** - - Verify that the Supervisor Mode RW CSRs POR value must match with the value specified in the RISC-V CVA6 user manual. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F004\_S000\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 001\_Testing CSR with inverted reset value[](#id10 "Permalink to this headline") - -##### Item: 000[](#id11 "Permalink to this headline") - -* **Requirement location:** - -* **Feature Description** - - Check the behaviour of the RISC-V Supervisor mode CVA6 CSRs,when reset inverted values are written to respective CSRs. - -* **Verification Goals** - - Ensure that the written value can be read back (that is, the R/W CSR actually stored the value of ~PoR). - -* **Pass/Fail Criteria:** Check RM - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** Inverted PoR value - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 002\_CSR write and read operations[](#id12 "Permalink to this headline") - -##### Item: 000[](#id13 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Check the correctness of RISCV CVA6 Supervisor Mode RW CSR by writing random values like 0xa5a5a5a5, 0x5a5a5a5a, 0xffa1ae40.. and read using the CSR instructions defined in the instruction set architecture (ISA). - -* **Verification Goals** - - 1.Verify that CSR can be written using the appropriate CSR write instructions. - 2.Ensure correct read operations using CSR read instructions. - 3.Ensure that read values of the CSR should be as per CVA6 user manual. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F004\_S001\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 003\_CSR access in different privilege modes[](#id14 "Permalink to this headline") - -##### Item: 000[](#id15 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Accessing RISC-V CVA6 Supervisor Mode CSRs in different privilege modes (User,Supervisor and Machine modes). - -* **Verification Goals** - - 1.Ensure that Supervisor Mode CSRs can only be accessed in supervisor mode and in higher privilege mode according to the RISCV specification. - 2.Verify that trying to access a Supervisor Mode CSR in an lower privilege mode raises an illegal instruction exception. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F004\_S002\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -### Feature: CVA6\_User\_Mode\_Counter\_CSRs(cycle, instret, cycleh, instreth)[](#feature-cva6-user-mode-counter-csrs-cycle-instret-cycleh-instreth "Permalink to this headline") - -#### Sub-feature: 000\_Power-on-reset (POR) values of CSR[](#id16 "Permalink to this headline") - -##### Item: 000[](#id17 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Upon reset, RISC-V CVA6 User mode counter CSRs must initialize to their respective POR value. - -* **Verification Goals** - - Verify that the User Mode counter CSR POR value must match with the value specified in the RISC-V CVA6 user manual. - As cycle will increment on the posedge of each clock and instret will increment after every instruction is retired. For these CSRs, the best technique to check reset value is by “visual inspection” - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** NDY (Not Defined Yet) - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F003\_S000\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 001\_Counter \_CSRs\_functionality\_checking[](#sub-feature-001-counter-csrs-functionality-checking "Permalink to this headline") - -##### Item: 000[](#id18 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - This feature pertains to the verification of functionality of RISC-V cycle, cycleh, instret and instreth Control Status Register (CSR). In a RISC-V architecture - - 1.’cycle’ and ‘cycleh’ are user-level CSR that hold low 32 bits and high 32 bits respectively of the count of clock cycles executed by the processor. - 2.’instret’ and ‘instreth’ are also user-level CSR that count the total number of instructions executed by the processor. - - The functionality of user mode counter CSR is being tested by performing two continuous reads and checking whether the value in the second read is greater than the value in the first read. - -* **Verification Goals** - - 1.Verify that these CSR are properly initialized. - 2.Initiate a second read from the counter CSR immediately after the first read. - 3.Ensure that the value of the second read from counter CSR is greater than the value of the initial read. - 4.Confirm that user mode counter CSRs are incrementing. - - Note: This algorithm is only an “approximate test” of the functionality of these CSRs. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** NDY (Not Defined Yet) - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F003\_S001\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 002\_CSR access in different privilege modes[](#id19 "Permalink to this headline") - -##### Item: 000[](#id20 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Accessing RISC-V CVA6 user Mode counter CSR in different privilege modes (User, Supervisor and Machine modes). - -* **Verification Goals** - - Ensure that User mode counter CSRs can be accessed in user and Supervisor modes by configuring MCOUNTEREN CSR. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_CSR\_VERIFICATION\_F003\_S002\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 003\_Verify the user mode counter CSRs behaviour after reaching maximum values[](#sub-feature-003-verify-the-user-mode-counter-csrs-behaviour-after-reaching-maximum-values "Permalink to this headline") - -##### Item: 000[](#id21 "Permalink to this headline") - -* **Requirement location:** - -* **Feature Description** - - check the behaviour of the RISC-V User mode counter CSRs when it reaches to maximum value. - -* **Verification Goals** - - Ensure that user mode counter CSRs is updated to reset value as mentioned in CVA6 user manual after reaching to maximum value. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_csr-access\_F003\_S003\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -### Feature: CVA6\_Machine\_mode\_counter\_csr(mcycle,mcycleh,minstret,minstreth)[](#feature-cva6-machine-mode-counter-csr-mcycle-mcycleh-minstret-minstreth "Permalink to this headline") - -#### Sub-feature: 000\_Power-on-reset (POR) values of CSR[](#id22 "Permalink to this headline") - -##### Item: 000[](#id23 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Upon reset, RISC-V CVA6 Machine mode counter CSRs must initialize to their respective POR value. - -* **Verification Goals** - - Verify that the Machine Mode counter CSR POR value must match with the value specified in the RISC-V CVA6 user manual. - As mcycle will increment on the posedge of each clock and minstret will increment after every instruction is retired. For these CSRs, the best technique to check reset value is by “visual inspection” - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_csr-access\_F002\_S000\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 001\_Counter \_CSRs\_functionality\_checking[](#id24 "Permalink to this headline") - -##### Item: 000[](#id25 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - This feature pertains to the verification of functionality of RISC-V mcycle, mcycleh, minstret and minstreth Control Status Register (CSR). In a RISC-V architecture - - 1.’mcycle’ and ‘mcycleh’ are machine-level CSRs that hold low 32 bits and high 32 bits respectively of the count of clock cycles executed by the processor. - - 2.’minstret’ and ‘minstreth’ are also machine-level CSR that count the total number of instructions executed by the processor. - - The functionality of machine mode counter CSR is being tested by performing two continuous reads and checking whether the value in the second read is greater than the value in the first read. - -* **Verification Goals** - - 1.Verify that these CSR are properly initialized. - 2.Initiate a second read from the counter CSR immediately after the first read. - 3.Ensure that the value of the second read from counter CSR is greater than the value of the initial read. - 4.Confirm that Machine Mode counter CSRs are incrementing. - - Note: This algorithm is only an “approximate test” of the functionality of these CSRs. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_csr-access\_F002\_S001\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 002\_CSR access in different privilege modes[](#id26 "Permalink to this headline") - -##### Item: 000[](#id27 "Permalink to this headline") - -* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01\_cva6\_user/CSR\_CV32A60X.html - -* **Feature Description** - - Accessing RISC-V CVA6 user Machine mode counter CSRs in different privilege modes (User, Supervisor and Machine modes). - -* **Verification Goals** - - 1.Ensure that Machine mode CSRs can only be accessed in the Machine mode according to the RISC-V specification. - 2.Verify that trying to access Machine Mode CSRs in lower privilege mode raises an illegal instruction exception. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_csr-access\_F002\_S002\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -#### Sub-feature: 003\_Verify the Machine mode counter CSRs behaviour after reaching maximum value[](#sub-feature-003-verify-the-machine-mode-counter-csrs-behaviour-after-reaching-maximum-value "Permalink to this headline") - -##### Item: 000[](#id28 "Permalink to this headline") - -* **Requirement location:** - -* **Feature Description** - - check the behaviour of the RISC-V Machine mode counter CSRs when it reaches to maximum value. - -* **Verification Goals** - - Ensure that Machine mode counter CSRs is updated to reset value as mentioned in CVA6 user manual after reaching it to maximum value. - -* **Pass/Fail Criteria:** Self-Check - -* **Test Type:** Directed SelfChk - -* **Coverage Method:** Functional Coverage - -* **Applicable Cores:** CV32A6\_v0.1.0 - -* **Unique verification tag:** VP\_csr-access\_F002\_S003\_I000 - -* **Link to Coverage:** - -* **Comments** - - _(none)_ - - -* * * - -© Copyright 2022, Thales Group. - -Built with [Sphinx](https://www.sphinx-doc.org/) using a [theme](https://github.com/readthedocs/sphinx_rtd_theme) provided by [Read the Docs](https://readthedocs.org). - -jQuery(function () { SphinxRtdTheme.Navigation.enable(true); }); \ No newline at end of file diff --git a/verif/docs/VerifPlans/source/dvplan_PMP.md b/verif/docs/VerifPlans/source/dvplan_PMP.md new file mode 100644 index 000000000..4a91a19d0 --- /dev/null +++ b/verif/docs/VerifPlans/source/dvplan_PMP.md @@ -0,0 +1,16607 @@ +# Module: PMP + +## Feature: TRISTAN Restrictions + +### Sub-feature: 000_general + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + the verif plan is written for 32bits architecture only +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S000_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_number of harts + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + there is only 1 hart in cv32a6 +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_mxlen + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + MXLEN is always 32bits +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 003_xlen + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + XLEN=MXLEN=32, so the PMP address registers are XLEN bits long, so no zero-extension needed +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S003_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 004_granularity + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + PMP granularity is 8 bytes (G=1), but the verif plan is written to take G=0 into account (NA4) +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S004_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 005_number of pmp entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + there are 8 HW implemented PMP entries +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S005_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 006_hardwired regions + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + none of the 8 PMP entries is hardwired privileges +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S006_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 007_virtual memory + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + no virtual memory is implemented + as a consequence no page-based virtual memory is implemented +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S007_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 008_physical memory regions + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + the list of all physical memory regions + - system memory regions + - I-$ + - D-$ + - I-scratchpad (preload mode) + - I-scratchpad (functional mode) + - D-scratchpad + - ahb_periph +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S008_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 009_pmp entry disabling + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + we assume an already written PMP entry (i) can be disabled + - if L=0, by clearing pmpcfg(i) + - if L=1, only by hart reset +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S009_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 010_access-faults (violations) + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + The testbench/testcases architecture ensures that: + - any time there is an access-fault type, we check it matches the related access-type + - all violations are trapped at the processor + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP violations are always trapped precisely at the processor +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S010_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 011_testcases modularity + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + The verif plan is written assuming there is a way (like SystemVerilog interaction): + - to factorize the testcases in code blocks (in particular configuration code block and access code block) + - to randomize the code blocks data and addresses + - to randomize the sequence of code blocks +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S011_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 012_access types + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + at the time of writing, + the verif plan makes no distinction between load and load-reserved instructions. they are gathered in the same access type, subtleties unknown + the verif plan makes no distinction between store, store-conditional, and AMO instructions. they are gathered in the same access type, subtleties unknown +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S012_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 013_multiple accesses instructions + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + we assume there is no added value to test multiple accesses instructions +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S013_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 014_misaligned instructions + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + + we assume that instructions are mandatorily aligned +* **Verification Goals** + + +* **Pass/Fail Criteria:** NDY (Not Defined Yet) +* **Test Type:** NDY (Not Defined Yet) +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F000_S014_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +## Feature: PMP granularity + +### Sub-feature: 000_granularity_check + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + + Software may determine the PMP granularity by writing zero to pmp0cfg, then writing all ones to pmpaddr0, then reading back pmpaddr0. + If G is the index of the least-signicant bit set, the PMP granularity is 2G+2 bytes. +* **Verification Goals** + + determine the PMP granularity 2^(G+2) bytes by writing zero to pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). G is the index G of the least-significant bit set +* **Pass/Fail Criteria:** Other +* **Test Type:** Directed Non-SelfChk +* **Coverage Method:** Testcase +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F001_S000_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR07-b + Software may determine the PMP granularity by writing zero to pmp0cfg, then writing all ones to pmpaddr0, then reading back pmpaddr0. + If G is the index of the least-signicant bit set, the PMP granularity is 2G+2 bytes. + + + TST01 (HIGH-PRIO) => FTR07-b + [determine the PMP granularity 2^(G+2) bytes by writing zero to pmp(0)cfg, then writing all ones to pmpaddr(0), then reading back pmpaddr(0). G is the index G of the least-significant bit set] +## Feature: CSRs M-mode only + +### Sub-feature: 000_configure_1_pmp_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + PMP CSRs are only accessible to M-mode +* **Verification Goals** + + configure 1 PMP entry (i) (the 1st one), + - check for each PMP entry (i) reset value (read zero) by reading in M mode + - check for each PMP entry (i) that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for each PMP entry (i) that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for each PMP entry (i) that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F002_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST02-1 (HIGH-PRIO) + [configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first one): with L=0, + - if possible, the PMP entry number is a configurable parameter + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 001_configure_2_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + PMP CSRs are only accessible to M-mode +* **Verification Goals** + + configure 2 PMP entries (the 2 first ones in incrementing order), + - reuse of VP_PMP_F002_S001_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F002_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST02-2 (LOW-PRIO) = 2 times reuse/call of TST02-1 + [configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 002_configure_N_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + PMP CSRs are only accessible to M-mode +* **Verification Goals** + + configure N PMP entries (the N first ones in incrementing order), + - reuse of VP_PMP_F002_S001_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F002_S003_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST02-3 (LOW-PRIO) = N times reuse/call of TST02-1 + [configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): all with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 003_configure_8_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + PMP CSRs are only accessible to M-mode +* **Verification Goals** + + configure all 8 PMP entries (in incrementing order), + - reuse of VP_PMP_F002_S001_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F002_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST02(group) => FTR02-d + [check that all 8 HW implemented PMP entries are writable/readable in M-mode (L=0)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=0)] + - random values may be used + - before any configuration (after hart reset), check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST02-4 (HIGH-PRIO) = 8 times reuse/call of TST02-1 + [configure 8 PMP entries: all with L=0, + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +## Feature: CSRs locked access + +### Sub-feature: 000_configure_1_pmp_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure 1 PMP entry (the 1st one) with L=1, + - write PMP entry (i) with L=1 in M-mode + - A is random, should also be tried with A=OFF when L=1 (to cover feature above) + - check PMP entry (i) written value in M-mode + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked (M-mode check only) + - also check for PMP entry (i) where L=1 and pmp(i)cfg.A=TOR that pmpaddr(i-1) is effectively locked + - apply hart reset + - check for PMP entry (i) reset value (read zero) by reading in M mode + - write PMP entry (i) in M-mode + - check PMP entry (i) written value in M-mode + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, (L) value is a configurable parameter + - so the same sub-functions are reused with varying (i) and (L) parameters +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-1 (HIGH-PRIO) + [configure 1 PMP entry ([FTR02-b1]: maybe mandatorily the first one): with L=1, + - if possible, the PMP entry number is a configurable parameter + - if possible, L value is a configurable parameter + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 001_configure_2_pmp_entries_L1 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure 2 PMP entries (the 2 first ones in incrementing order) with L=1, + - reuse of VP_PMP_F003_S001_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-2 (LOW-PRIO) = 2 times reuse/call of TST02-1 + [configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): both with L=1, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 002_configure_2_pmp_entries_L0_L1 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure 2 PMP entries (the 2 first ones in incrementing order) at least one with L=1 and one with L=0, + - write PMP entry (i) with L=0/1 in M-mode + - A is random, should also be tried with A=OFF when L=1 (to cover feature above) + - check PMP entry (i) written value in M-mode + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable in M mode (read back the written value in M mode) + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked (M-mode check only) + - also check for PMP entry (i) where L=1 and pmp(i)cfg.A=TOR that pmpaddr(i-1) is effectively locked + - apply hart reset + - check for PMP entry (i) reset value (read zero) by reading in M mode + - write PMP entry (i) in M-mode + - check PMP entry (i) written value in M-mode + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, (L) value is a configurable parameter + - so the same sub-functions are reused with varying (i) and (L) parameters +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S003_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-3 (HIGH-PRIO) = 2 times reuse/call of TST02-1 + [configure 2 PMP entries ([FTR02-b1]: maybe mandatorily the 2 first ones): one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 003_configure_N_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure N PMP entries (the N first ones in incrementing order) at least one with L=1 and one with L=0, + - reuse of VP_PMP_F003_S003_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-4 (LOW-PRIO) = N times reuse/call of TST02-1 + [configure N PMP entries ([FTR02-b1]: maybe mandatorily the N first ones): at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +### Sub-feature: 004_configure_8_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + The L bit indicates that the PMP entry is locked, i.e., writes to the configuration register and associated address registers are ignored + If PMP entry (i) is locked, writes to pmp(i)cfg and pmpaddr(i) are ignored + Locked PMP entries remain locked until the hart is reset + + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + + Setting the L bit locks the PMP entry even when the A field is set to OFF + + Additionally, if PMP entry (i) is locked and pmp(i)cfg.A is set to TOR, writes to pmpaddr(i-1) are ignored +* **Verification Goals** + + configure all 8 PMP entries (in incrementing order) at least one with L=1 and one with L=0, + - reuse of VP_PMP_F003_S003_I000 sequence +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F003_S005_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST03(group) => FTR08-a and FTR08-b + [check that HW implemented PMP entries are not writable/readable in M-mode (L=1)] + [check that no HW implemented PMP entry are writable/readable in S or U modes (L=1)] + - before any configuration, check all pmp(i)cfg and pmpaddr(i) are M-mode read zero + - configure PMP entry (i) with L=1 (or 0): pmp(i)cfg and pmpaddr(i) maybe random values + - execute following tests specific checks + - check only hart reset unlocks all => FTR08-b + - check reset values: all pmp(i)cfg and pmpaddr(i) are M-mode read zero + + TST03-5 (HIGH-PRIO) = 8 times reuse/call of TST02-1 + [configure 8 PMP entries: at least one with L=1 and one with L=0, + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are effectively locked whatever the SW mode => FTR08-a + - check for PMP entry (i) where L=1 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes + - check locked PMP entry (i) has no effect on unlocked PMP entry (j) + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for PMP entry (i) where L=0 that pmp(i)cfg and pmpaddr(i) are not writable/readable in S or U modes] +## Feature: CSRs programming order + +### Sub-feature: 000_configure_1_pmp_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first) + All PMP CSR fields are WARL and may be read-only zero (QUESTION: does read-only zero mean not implemented?) +* **Verification Goals** + + configure any PMP entry (i), but the first one + - reuse of VP_PMP_F003_S003_I000 sequence (Feature: "CSRs locked access") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F004_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] + + TST04-1 (LOW-PRIO) extends TST02-1 + [configure any PMP entry, but the first one + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +### Sub-feature: 001_configure_2_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first) + All PMP CSR fields are WARL and may be read-only zero (QUESTION: does read-only zero mean not implemented?) +* **Verification Goals** + + configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - reuse of VP_PMP_F003_S003_I000 sequence (Feature: "CSRs locked access") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F004_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] + + TST04-2 (HIGH-PRIO) extends TST02-2 + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +### Sub-feature: 002_configure_N_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first) + All PMP CSR fields are WARL and may be read-only zero (QUESTION: does read-only zero mean not implemented?) +* **Verification Goals** + + configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - reuse of VP_PMP_F003_S003_I000 sequence (Feature: "CSRs locked access") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F004_S003_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] + + TST04-3 (LOW-PRIO) extends TST02-3 + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only + - check for not configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are M-mode read zero] +### Sub-feature: 003_configure_8_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + + the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first) + All PMP CSR fields are WARL and may be read-only zero (QUESTION: does read-only zero mean not implemented?) +* **Verification Goals** + + configure all 8 PMP entries (highest-numbered ones first) + - reuse of VP_PMP_F003_S003_I000 sequence (Feature: "CSRs locked access") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F004_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST04 => FTR02-b1 and FTR02-b2 + [check if the lowest-numbered PMP CSRs must be programmed first before programming higher-numbered ones] + + TST04-4 (HIGH-PRIO) extends TST02-4 + [configure 8 PMP entries (highest-numbered ones first) + - check for configured PMP entry (i), pmp(i)cfg and pmpaddr(i) are writable/readable in M-mode only] +## Feature: CSRs Hardwired regions + +### Sub-feature: 000_access with L=0 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + Certain regions’ privileges can be hardwired: so only ever be visible in machine mode but in no lower-privilege layers. + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + Implementations may implement zero, 16, or 64 PMP CSRs + + {https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html} + A maximum of 16 PMP entries are supported. + All PMP CSRs are always implemented, but CSRs (or bitfields of CSRs) related to PMP entries with number CVA6Cfg.NrPMPEntries and above are hardwired to zero. + + TRISTAN + 8 PMP entries are implemented +* **Verification Goals** + + configure the first 8 PMP entries with L=0 + - for each PMP entry (i), check several times that pmp(i)cfg and pmpaddr(i) can be written and can be read back exactly the same (in M-mode) + + for the last 8 PMP entries, check that pmp(i)cfg and pmpaddr(i) always read zero after being written (in M-mode with L=0) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F005_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST05 => FTR01-c and FTR01-c-extended + [check all regions are configurable in M-mode to make sure none is hardwired] + [regions hardwired privileges might only ever be visible in M-mode] + + TST05-1 (HIGH-PRIO) extends TST02-4 + - check the written pmp(i)cfg and pmpaddr(i) values can be read exactly the same as written +### Sub-feature: 001_access with L=1 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + Certain regions’ privileges can be hardwired: so only ever be visible in machine mode but in no lower-privilege layers. + + {Section 3.7.1 Page 57 Volume II: RISC-V Privileged Architectures V20211203} + Implementations may implement zero, 16, or 64 PMP CSRs + + {https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html} + A maximum of 16 PMP entries are supported. + All PMP CSRs are always implemented, but CSRs (or bitfields of CSRs) related to PMP entries with number CVA6Cfg.NrPMPEntries and above are hardwired to zero. + + TRISTAN + 8 PMP entries are implemented +* **Verification Goals** + + configure the first 8 PMP entries with L=1 + - for each PMP entry (i), check once that pmp(i)cfg and pmpaddr(i) can be written and can be read back exactly the same (in M-mode) + - apply hart reset + - for each PMP entry (i), check once that pmp(i)cfg and pmpaddr(i) can be written and can be read back exactly the same (in M-mode) + + for the last 8 PMP entries, check that pmp(i)cfg and pmpaddr(i) always read zero after being written (in M-mode with L=1) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F005_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST05 => FTR01-c and FTR01-c-extended + [check all regions are configurable in M-mode to make sure none is hardwired] + [regions hardwired privileges might only ever be visible in M-mode] + + TST05-2 (LOW-PRIO) extends TST03-5 + - check the written pmp(i)cfg and pmpaddr(i) values can be read exactly the same as written (before hart reset) +## Feature: CSRs reserved values + +### Sub-feature: 000_access with L=0 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + + The R, W, and X fields form a collective WARL field for which the combinations with R=0 and W=1 are reserved. +* **Verification Goals** + + repeat following sequence several times on some PMP entries + - write totally random values to pmp(i)cfg and pmpaddr(i), but with L=0 + - check all pmp(i)cfg and pmpaddr(i) can be read back exactly the same as written except: + - except with the reserved combinations [R=0 and W=1] + - except with A=NA4 which must not be selectable as G>0 +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F006_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST06 => FTR04-a + [PMP CSR fields are WARL: PMP entry combinations with R=0 and W=1 are reserved/can’t be read] + [permissions fields could be randomly written; should we try randomization ?] + + TST06-1 (HIGH-PRIO) extends TST02-4 + - write totally random values to pmp(i)cfg and pmpaddr(i) + - check all pmp(i)cfg and pmpaddr(i) can be read exactly the same as written except for the reserved combinations with R=0 and W=1 +### Sub-feature: 001_access with L=1 + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + + The R, W, and X fields form a collective WARL field for which the combinations with R=0 and W=1 are reserved. +* **Verification Goals** + + repeat following sequence several times on some PMP entries + - write totally random values to pmp(i)cfg and pmpaddr(i), but with L=1 + - check all pmp(i)cfg and pmpaddr(i) can be read back exactly the same as written: + - except with the reserved combinations [R=0 and W=1] + - except with A=NA4 which must not be selectable as G>0 + - apply hart reset +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F006_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST06 => FTR04-a + [PMP CSR fields are WARL: PMP entry combinations with R=0 and W=1 are reserved/can’t be read] + [permissions fields could be randomly written; should we try randomization ?] + + TST06-2 (LOW-PRIO) extends TST03-5 + - write totally random values to pmp(i)cfg and pmpaddr(i) + - check all pmp(i)cfg and pmpaddr(i) can be read exactly the same as written except for the reserved combinations with R=0 and W=1 (before hart reset) +## Feature: no cfg matching/defined + +### Sub-feature: 000_no matching entry - M mode access + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + + If no PMP entry matches an M-mode access, the access succeeds +* **Verification Goals** + + check M-mode access succeeds if no PMP entry matches +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F010_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR09-e + [If no PMP entry matches an M-mode access, the access succeeds] + + TST10-1 (HIGH-PRIO) => FTR09-e + [check M-mode access succeeds if no PMP entry matches] +### Sub-feature: 001_no defined entry - M mode access + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + + If no PMP entry matches an M-mode access, the access succeeds + QUESTION: what happens if no PMP entry is implemented ? + ASSUMPTION: access succeeds +* **Verification Goals** + + check M-mode access succeeds if no PMP entry defined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F010_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR09-e-question + [what happens if no PMP entry is implemented ?] + + TST10-2 (HIGH-PRIO) => FTR09-e-question + [check M-mode access succeeds if no PMP entry defined] +### Sub-feature: 002_no matching entry - S/U mode access + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + + If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails +* **Verification Goals** + + check S or U mode access fails when no PMP entry matching and at least one PMP entry implemented +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F010_S003_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR09-f + [If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails] + + TST10-3 (HIGH-PRIO) => FTR09-f + [check S or U mode access fails when no PMP entry matching and at least one PMP entry implemented] +### Sub-feature: 003_no defined entry - S/U mode access + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + + If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails + QUESTION: what happens if no PMP entry is implemented ? + ASSUMPTION: access fails +* **Verification Goals** + + check S or U mode access fails when no PMP entry implemented +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F010_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR09-f-question + [what happens if no PMP entry is implemented ?] + + TST10-4 (HIGH-PRIO) => FTR09-f-question + [check S or U mode access fails when no PMP entry implemented] +## Feature: cfg NA4 access S/U (G=0) + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access instruction fetch inside defined NA4 address range with execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S011_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-11 (HIGH-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception +* **Verification Goals** + + S or U mode single access instruction fetch inside defined NA4 address range without execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=0, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S012_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-12 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access instruction fetch from outside defined NA4 address range with execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from outside all PMP defined regions + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S013_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-13 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check instruction fetch access-fault exception raised] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access instruction fetch inside defined NA4 address range with execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S014_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-14 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception +* **Verification Goals** + + S or U mode single access instruction fetch inside defined NA4 address range without execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=0, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S015_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-15 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access instruction fetch from outside defined NA4 address range with execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from outside all PMP defined regions + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S016_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-1x(group) => FTR01-d + [PMP check on instruction fetch where effective privilege mode is S or U: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in S and U mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-16 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check instruction fetch access-fault exception raised] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S021_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-21 (HIGH-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S022_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-22 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S023_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-23 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S024_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-24 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S025_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-25 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S026_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-2x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-26 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S031_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-31 (HIGH-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S032_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-32 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S033_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-33 (MEDIUM-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S034_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-34 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S035_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-35 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S036_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-3x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in S and U mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-36 (LOW-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S041_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-41 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S042_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-42 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S043_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-43 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S044_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-44 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + S or U mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S045_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-45 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S046_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-4x(group) => FTR01-d + [PMP check on load or load-reserved instruction where effective privilege mode is S or U: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-46 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check load access-fault exception raised] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S051_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-51 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S052_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-52 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, the R/W/X permissions apply only to S and U modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S053_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-53 (LOWEST-PRIO) + [with L=0 => FTR08-e2-2 (refers to FTR09-d2-2), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S054_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-54 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S055_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-55 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks are applied to all accesses whose effective privilege mode is S or U + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + Locked PMP entries remain locked until the hart is reset +* **Verification Goals** + + S or U mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains S or U + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F011_S056_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + FTR08-b + [Locked PMP entries remain locked until the hart is reset] + + TST11-5x(group) => FTR01-d + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is S or U: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains S or U] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST11-56 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check store access-fault exception raised] +## Feature: cfg NA4 access M (G=0) + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access instruction fetch inside defined NA4 address range with execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S011_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-11 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access instruction fetch inside defined NA4 address range without execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=0, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S012_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-12 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access instruction fetch from outside defined NA4 address range with execute permissions and with L=0 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=0, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S013_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-13 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access instruction fetch inside defined NA4 address range with execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S014_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-14 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception +* **Verification Goals** + + M mode single access instruction fetch inside defined NA4 address range without execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=0, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from that region (with exact address-matching) + + CHECK + - check instruction fetch access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S015_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-15 (MEDIUM-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without execute permissions for the PMP region + - fetch an instruction from that region (with exact address-matching) + - check instruction fetch access-fault exception raised => FTR04-b] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access instruction fetch from outside defined NA4 address range with execute permissions and with L=1 + - choose an executable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, X=1, L=1, R/W:random, with reserve on R=0 & W=1 + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - fetch an instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S016_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-1x(group) => FTR01-f + [PMP check on instruction fetch where effective privilege mode is M: + - choose an executable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access instruction fetch in M mode] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-16 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with execute permissions for the PMP region + - fetch an instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S021_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-21 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S022_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-22 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S023_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-23 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S024_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-24 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S025_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-25 (MEDIUM-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S026_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-2x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-26 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S031_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-31 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S032_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-32 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S033_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-33 (LOW-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S034_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-34 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S035_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-35 (MEDIUM-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=0 + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S036_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-3x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in M mode when the bit mstatus.MPRV=0] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-36 (HIGH-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S041_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-41 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S042_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-42 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=0 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=0, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S043_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-43 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S044_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-44 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception +* **Verification Goals** + + M mode single access load or load-reserved instruction inside defined NA4 address range without read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=0, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from that region (with exact address-matching) + + CHECK + - check load access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S045_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-45 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without read permissions for the PMP region + - execute a load or load-reserved instruction from that region (with exact address-matching) + - check load access-fault exception raised => FTR04-c] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access load or load-reserved instruction from outside defined NA4 address range with read permissions and with L=1 + - choose a readable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, R=1, L=1, X/W:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a load or load-reserved instruction from outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S046_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-4x(group) => FTR01-f + [PMP check on load or load-reserved instruction where effective privilege mode is M: + - choose a data readable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data load in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-46 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with read permissions for the PMP region + - execute a load or load-reserved instruction from outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S051_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-51 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S052_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-52 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is clear, any M-mode access matching the PMP entry will succeed + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + If the L bit is clear and the privilege mode of the access is M, the access succeeds +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=0 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=0, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S053_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-53 (LOWEST-PRIO) + [with L=0 => FTR08-e2-1 (refers to FTR09-d1) + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check no access-fault exception + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S054_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-54 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check no access-fault exception] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set + + {Page 58 Volume II: RISC-V Privileged Architectures V20211203} + Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction inside defined NA4 address range without write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=0, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + + CHECK + - check store access-fault exception raised + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S055_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-55 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry without write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to that region (with exact address-matching) + - check store access-fault exception raised => FTR04-d] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 56 Volume II: RISC-V Privileged Architectures V20211203} + PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset + + {Page 60 Section "Locking and Privilege Mode" Volume II: RISC-V Privileged Architectures V20211203} + When the L bit is set, these permissions are enforced for all privilege modes + + {Page 60 Section "Priority and Matching Logic" Volume II: RISC-V Privileged Architectures V20211203} + if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set +* **Verification Goals** + + M mode single access store, store-conditional, or AMO instruction from outside defined NA4 address range with write permissions and with L=1 + - choose a data writable pmp region and address range + - choose only one PMP entry (i) + + CONFIGURATION + - pmpcfg(i): A=NA4, W=1, L=1, X/R:random + - pmpaddr(i): NA4 address range + - mstatus.MPRV=1 and mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE) + + ACCESS + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + + CHECK + - check no access-fault exception (Feature: "no cfg matching") + + REUSABILITY + - if possible, the PMP entry number (i) is a configurable parameter + - if possible, the PMP entry lock (L) is a configurable parameter + - if possible, the PMP entry permissions (R,W,X) are configurable parameters + - if possible, the PMP entry adress-matching mode (A) is a configurable parameter + - if possible, the PMP entry address range (pmpaddr) is a configurable parameter + - if possible, the PMP entry associated access address is a configurable parameter + - so a single CONFIGURATION function and a single ACCESS function can be reused and combined +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F012_S056_I000 +* **Link to Coverage:** +* **Comments** + + <> + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + TST12-5x(group) => FTR01-f + [PMP check on store, store-conditional, or AMO instruction where effective privilege mode is M: + - choose a data writable pmp region and address range + - choose only one PMP entry (i) ([FTR02-b1]: maybe mandatorily the 1st one) + - if possible, the PMP entry number is a configurable parameter + - choose pmpcfg(i).A=NA4 + - single access data store in any mode when the bit mstatus.MPRV=1 and the mstatus.MPP contains M (TODO: CHECK IF MAKING SENSE)] + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST12-56 (LOWEST-PRIO) + [with L=1 => FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1), + - configure the PMP entry with write permissions for the PMP region + - execute a store, store-conditional, or AMO instruction to outside all PMP defined regions + - check no access-fault exception] //TODO: CHECK IF M-MODE ALLOWED +## Feature: cfg NAPOT access S/U + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=NAPOT] + TST13-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=NAPOT] + TST13-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=NAPOT] + TST13-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=NAPOT] + TST13-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F013_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST13-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=NAPOT] + TST13-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=NAPOT] +## Feature: cfg NAPOT access M + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=NAPOT] + TST14-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=NAPOT] + TST14-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=NAPOT] + TST14-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=NAPOT] + TST14-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=NAPOT] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=NAPOT + - pmpaddr(i): any NAPOT address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F014_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST14-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=NAPOT] + TST14-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=NAPOT] +## Feature: cfg TOR access S/U + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=TOR] + TST15-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=TOR] + TST15-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 030_fetch_L0_X1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S061_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-11 (LOW-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 031_fetch_L1_X1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S062_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=TOR] + TST15-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 032_load_L0_R1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S063_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 033_load_L1_R1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S064_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=TOR] + TST15-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 034_store_L0_W1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S065_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 035_store_L1_W1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F015_S066_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST15-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=TOR] + TST15-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +## Feature: cfg TOR access M + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=TOR] + TST16-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i) > pmpaddr(i-1): any TOR address range + - [for i=0] pmpaddr(0) > 0: any TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=TOR] + TST16-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=TOR] +### Sub-feature: 030_fetch_L0_X1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S061_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 031_fetch_L1_X1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S062_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=TOR] + TST16-14 (LOW-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 032_load_L0_R1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S063_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-21 (HIGH-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 033_load_L1_R1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S064_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=TOR] + TST16-24 (LOW-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 034_store_L0_W1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S065_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-31 (HIGH-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +### Sub-feature: 035_store_L1_W1_addr_forbidden + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") + + {Page 59 Volume II: RISC-V Privileged Architectures V20211203} + If pmpaddri−1 ≥ pmpaddri and pmpcfgi.A=TOR, then PMP entry i matches no addresses + If PMP entry 0’s A field is set to TOR, zero is used for the lower bound, and so it matches any address y < pmpaddr(0) +* **Verification Goals** + + reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=TOR + - [for i>0] pmpaddr(i-1) > pmpaddr(i): invalid TOR address range + - [for i=0] pmpaddr(0) = 0: invalid TOR address range + - [for j=unused] pmpaddr(j)=random: only in single entry configuration case (not in reuse case) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F016_S066_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST16-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=TOR] + TST16-34 (LOW-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=TOR] + + + //TO COMPLETE => FTR06-b + TST25 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) > 0 + TST26 = same as TST15+TST16 (groups) with PMP entry (0) with pmpaddr(0) = 0 + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) > 0 + - pmpaddr(0) = 0] + + //TO COMPLETE => FTR06-c + TST27 = same as TST23-2 but with pmpaddr(i) ≤ pmpaddr(i-1) and with pmpcfg(i) and pmpcfg(i-1) correct + [create scenario where PMP entry pmpcfg(i) with TOR: + - pmpaddr(i) ≤ pmpaddr(i-1) and PMP entry pmpcfg(i-1) correct] + [create scenario where PMP entry pmpcfg(0) with TOR: + - pmpaddr(0) >= pmpaddr(1/2/3/…)] +## Feature: cfg OFF access S/U + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-11 (HIGH-PRIO) + [same as TST11-11(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S012_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S012_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-12 (MEDIUM-PRIO) + [same as TST11-12(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S013_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S013_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-13 (MEDIUM-PRIO) + [same as TST11-13(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-14 (LOW-PRIO) + [same as TST11-14(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S015_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S015_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-15 (LOW-PRIO) + [same as TST11-15(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S016_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S016_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-1x(group) + [same as TST11-1x(group), but with pmpcfg(i).A=OFF] + TST17-16 (LOW-PRIO) + [same as TST11-16(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-21 (HIGH-PRIO) + [same as TST11-21(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S022_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S022_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-22 (MEDIUM-PRIO) + [same as TST11-22(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S023_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S023_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-23 (MEDIUM-PRIO) + [same as TST11-23(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-24 (LOW-PRIO) + [same as TST11-24(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S025_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S025_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-25 (LOW-PRIO) + [same as TST11-25(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S026_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S026_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-2x(group) + [same as TST11-2x(group), but with pmpcfg(i).A=OFF] + TST17-26 (LOW-PRIO) + [same as TST11-26(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-31 (HIGH-PRIO) + [same as TST11-31(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S032_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S032_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-32 (MEDIUM-PRIO) + [same as TST11-32(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S033_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S033_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-33 (MEDIUM-PRIO) + [same as TST11-33(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-34 (LOW-PRIO) + [same as TST11-34(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S035_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S035_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-35 (LOW-PRIO) + [same as TST11-35(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S036_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S036_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-3x(group) + [same as TST11-3x(group), but with pmpcfg(i).A=OFF] + TST17-36 (LOW-PRIO) + [same as TST11-36(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S041_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S041_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-41 (LOWEST-PRIO) + [same as TST11-41(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S042_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S042_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-42 (LOWEST-PRIO) + [same as TST11-42(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S043_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S043_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-43 (LOWEST-PRIO) + [same as TST11-43(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S044_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S044_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-44 (LOWEST-PRIO) + [same as TST11-44(group), but with pmpcfg(i).A=OFF + - check load access-fault exception raised] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S045_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S045_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-45 (LOWEST-PRIO) + [same as TST11-45(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S046_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S046_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-4x(group) + [same as TST11-4x(group), but with pmpcfg(i).A=OFF] + TST17-46 (LOWEST-PRIO) + [same as TST11-46(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S051_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S051_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-51 (LOWEST-PRIO) + [same as TST11-51(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S052_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S052_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-52 (LOWEST-PRIO) + [same as TST11-52(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S053_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S053_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e2-2 (refers to FTR09-d2-2) + [When the L bit is clear, the R/W/X permissions apply only to S and U modes] + FTR09-d2-2 (L=0 refers to FTR08-e2-2) + [if the privilege mode of the access is S or U (whatever L), then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-53 (LOWEST-PRIO) + [same as TST11-53(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S054_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S054_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-54 (LOWEST-PRIO) + [same as TST11-54(group), but with pmpcfg(i).A=OFF + - check store access-fault exception raised] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S055_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S055_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-55 (LOWEST-PRIO) + [same as TST11-55(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F011_S056_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F011_S056_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F017_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-d + [PMP checks are applied to all accesses whose effective privilege mode is S or U] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + + TST17-5x(group) + [same as TST11-5x(group), but with pmpcfg(i).A=OFF] + TST17-56 (LOWEST-PRIO) + [same as TST11-56(group), but with pmpcfg(i).A=OFF] +## Feature: cfg OFF access M + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S011_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-11 (LOW-PRIO) + [same as TST12-11(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 001_fetch_L0_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S012_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S012_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S012_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-12 (LOW-PRIO) + [same as TST12-12(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 002_fetch_L0_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S013_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S013_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S013_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-13 (LOW-PRIO) + [same as TST12-13(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 003_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S014_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-14 (HIGH-PRIO) + [same as TST12-14(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 004_fetch_L1_X0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S015_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S015_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S015_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-b + [Attempting to fetch an instruction from a PMP region that does not have execute permissions raises an instruction access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-15 (MEDIUM-PRIO) + [same as TST12-15(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 005_fetch_L1_X1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S016_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S016_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S016_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-1x(group) + [same as TST12-1x(group), but with pmpcfg(i).A=OFF] + TST18-16 (HIGH-PRIO) + [same as TST12-16(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 006_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S021_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-21 (LOW-PRIO) + [same as TST12-21(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 007_load_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S022_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S022_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S022_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-22 (LOW-PRIO) + [same as TST12-22(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 008_load_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S023_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S023_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S023_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-23 (LOW-PRIO) + [same as TST12-23(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 009_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S024_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-24 (HIGH-PRIO) + [same as TST12-24(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 010_load_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S025_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S025_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S025_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-25 (MEDIUM-PRIO) + [same as TST12-25(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 011_load_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S026_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S026_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S026_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-2x(group) + [same as TST12-2x(group), but with pmpcfg(i).A=OFF] + TST18-26 (HIGH-PRIO) + [same as TST12-26(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 012_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S031_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-31 (LOW-PRIO) + [same as TST12-31(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 013_store_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S032_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S032_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S032_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-32 (LOW-PRIO) + [same as TST12-32(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 014_store_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S033_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S033_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S033_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-33 (LOW-PRIO) + [same as TST12-33(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S034_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-34 (HIGH-PRIO) + [same as TST12-34(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 016_store_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S035_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S035_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S035_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-35 (MEDIUM-PRIO) + [same as TST12-35(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 017_store_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S036_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S036_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S036_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-3x(group) + [same as TST12-3x(group), but with pmpcfg(i).A=OFF] + TST18-36 (HIGH-PRIO) + [same as TST12-36(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 018_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S041_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S041_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S041_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-41 (LOWEST-PRIO) + [same as TST12-41(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 019_load_MPP_L0_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S042_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S042_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S042_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-42 (LOWEST-PRIO) + [same as TST12-42(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 020_load_MPP_L0_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S043_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S043_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S043_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-43 (LOWEST-PRIO) + [same as TST12-43(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 021_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S044_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S044_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S044_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-44 (LOWEST-PRIO) + [same as TST12-44(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 022_load_MPP_L1_R0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S045_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S045_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S045_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-c + [Attempting to execute a load or load-reserved instruction which accesses a physical address within a PMP region without read permissions raises a load access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-45 (LOWEST-PRIO) + [same as TST12-45(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 023_load_MPP_L1_R1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S046_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S046_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S046_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-4x(group) + [same as TST12-4x(group), but with pmpcfg(i).A=OFF] + TST18-46 (LOWEST-PRIO) + [same as TST12-46(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 024_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S051_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S051_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S051_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-51 (LOWEST-PRIO) + [same as TST12-51(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 025_store_MPP_L0_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S052_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S052_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S052_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-52 (LOWEST-PRIO) + [same as TST12-52(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 026_store_MPP_L0_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S053_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S053_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S053_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e2-1 (refers to FTR09-d1) + [When the L bit is clear, any M-mode access matching the PMP entry will succeed] + FTR09-d1 (refers to FTR08-e2-1) + [If the L bit is clear and the privilege mode of the access is M, the access succeeds] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-53 (LOWEST-PRIO) + [same as TST12-53(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 027_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S054_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S054_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S054_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-54 (LOWEST-PRIO) + [same as TST12-54(group), but with pmpcfg(i).A=OFF + - check instruction fetch access-fault exception raised] +### Sub-feature: 028_store_MPP_L1_W0_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S055_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S055_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S055_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR04-d + [Attempting to execute a store, store-conditional, or AMO instruction which accesses a physical address within a PMP region without write permissions raises a store access-fault exception] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-55 (LOWEST-PRIO) + [same as TST12-55(group), but with pmpcfg(i).A=OFF] +### Sub-feature: 029_store_MPP_L1_W1_addr_miss + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F012_S056_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F012_S056_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - pmpcfg(i): A=OFF + - pmpaddr(i): NA4 address range +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F018_S056_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + FTR01-f (refers to FTR08-e1) + [PMP checks may additionally apply to M-mode accesses, in which case the PMP registers themselves are locked, so that even M-mode software cannot change them until the hart is reset] + + FTR08-e1 (refers to FTR01-f) (refers to FTR09-d2-1) + [When the L bit is set, these permissions are enforced for all privilege modes] + FTR09-d2-1 (refers to FTR08-e1) (refers to FTR01-f) + [if the L bit is set, then the access succeeds only if the R, W, or X bit corresponding to the access type is set] + + FTR02-b1 + [the lowest-numbered PMP CSRs must be implemented first (QUESTION: does it mean programmed first)] + + + TST18-5x(group) + [same as TST12-5x(group), but with pmpcfg(i).A=OFF] + TST18-56 (LOWEST-PRIO) + [same as TST12-56(group), but with pmpcfg(i).A=OFF] +## Feature: cfg NA4 not selectable + +### Sub-feature: 000_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S011_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S011_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S011_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S014_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S014_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check instruction fetch access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S014_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S021_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S021_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S021_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 003_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S024_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S024_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S024_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 004_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S031_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S031_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S031_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 005_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S034_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S034_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S034_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 006_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S041_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S041_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S041_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 007_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S044_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S044_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check load access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S044_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 008_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S051_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S051_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S051_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 009_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S054_I000 feature description (Cf. Feature: "cfg NA4 access S/U") +* **Verification Goals** + + reuse of VP_PMP_F019_S054_I000 verification goals (Cf. Feature: "cfg NA4 access S/U") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S054_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 010_fetch_L0_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S011_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S011_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S011_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 011_fetch_L1_X1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S014_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S014_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S014_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 012_load_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S021_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S021_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S021_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 013_load_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S024_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S024_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S024_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 014_store_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S031_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S031_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S031_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 015_store_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S034_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S034_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S034_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 016_load_MPP_L0_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S041_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S041_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S041_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 017_load_MPP_L1_R1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S044_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S044_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S044_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 018_store_MPP_L0_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S051_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S051_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S051_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 019_store_MPP_L1_W1_addr_hit + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of VP_PMP_F019_S054_I000 feature description (Cf. Feature: "cfg NA4 access M") +* **Verification Goals** + + reuse of VP_PMP_F019_S054_I000 verification goals (Cf. Feature: "cfg NA4 access M") + + CONFIGURATION + - check that pmpcfg(i).A=OFF (by reading back) + + CHECK UPDATE + - check store access-fault exception raised (TODO: is M mode access prevented by A=OFF) +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F019_S054_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +## Feature: multi entries NA4 + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NA4 access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST21-1 = extension of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) + [configure only one (any, but the first one) PMP entry + - use A=NA4 for the PMP entry configuration + - execute the chosen kind of access + - should be same result] +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F021_S001_I000 feature description (Cf. Feature: "multi entries NA4") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST21-2 = extension of compatible pair of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - use A=NA4 for each PMP entry configuration + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST21-3 = extension of compatible group(N) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - use A=NA4 for each PMP entry configuration + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +### Sub-feature: 003_8_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose all 8 PMP entries + + reuse of VP_PMP_F021_S001_I000 feature description (Cf. Feature: "multi entries NA4") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST21(group) + [create scenarios where PMP entries with A=2 (NA4) and with/without matching permissions + - check only NA4 defined addresses are matching] + TST21-4 = extension of compatible group(8) of (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-13, TST11-23, TST11-33, TST11-43, TST11-53, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST11-16, TST11-26, TST11-36, TST11-46, TST11-56, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-13, TST12-23, TST12-33, TST12-43, TST12-53, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST12-16, TST12-26, TST12-36, TST12-46, TST12-56) + [configure 8 PMP entries (highest-numbered ones first) + - use A=NA4 for each PMP entry configuration + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] +### Sub-feature: 004_2_intersecting_entries_fail + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NA4 access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should generate the access-type related access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S005_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-1 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +### Sub-feature: 005_2_intersecting_entries_succeed + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NA4 access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should not generate any access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F021_S006_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-2 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] +## Feature: multi entries NAPOT + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NAPOT access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] + TST22-1 = extension of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) + [configure only one (any, but the first one) PMP entry + - use A=NAPOT for the PMP entry configuration + - execute the chosen kind of access + - should be same result] +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F022_S001_I000 feature description (Cf. Feature: "multi entries NAPOT") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] + TST22-2 = extension of compatible pair of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - use A=NAPOT for each PMP entry configuration + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] + TST22-3 = extension of compatible group(N) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - use A=NAPOT for each PMP entry configuration + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +### Sub-feature: 003_8_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose all 8 PMP entries + + reuse of VP_PMP_F022_S001_I000 feature description (Cf. Feature: "multi entries NAPOT") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Testcase +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST22(group) + [create scenarios where PMP entries with A=3 (NAPOT) and with/without matching permissions + - check only NAPOT defined addresses are matching] + TST22-4 = extension of compatible group(8) of (TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-13, TST13-23, TST13-33, TST13-43, TST13-53, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST13-16, TST13-26, TST13-36, TST13-46, TST13-56, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-13, TST14-23, TST14-33, TST14-43, TST14-53, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST14-16, TST14-26, TST14-36, TST14-46, TST14-56) + [configure 8 PMP entries (highest-numbered ones first) + - use A=NAPOT for each PMP entry configuration + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] +### Sub-feature: 004_2_intersecting_entries_fail + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NAPOT access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should generate the access-type related access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S005_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-1 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +### Sub-feature: 005_2_intersecting_entries_succeed + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NAPOT access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should not generate any access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F022_S006_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-2 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] +## Feature: multi entries TOR + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg TOR access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] + TST23-1 = extension of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) + [configure only one (any, but the first one) PMP entry + - execute the chosen kind of access + - should be same result] +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F023_S001_I000 feature description (Cf. Feature: "multi entries TOR") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] + TST23-2 = extension of compatible pair of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 2 results] +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] + TST23-3 = extension of compatible group(N) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute the N kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same N results] +### Sub-feature: 003_8_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose all 8 PMP entries + + reuse of VP_PMP_F023_S001_I000 feature description (Cf. Feature: "multi entries TOR") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST23(group) => + [create scenarios where PMP entries with A=1 (TOR) and with/without matching permissions + - pmpaddr(i−1) < pmpaddr(i), pmpcfg(i).A=TOR and pmpcfg(i-1) with/without matching permissions + - check only TOR defined addresses are matching] + TST23-4 = extension of compatible group(8) of (TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-13, TST15-23, TST15-33, TST15-43, TST15-53, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST15-16, TST15-26, TST15-36, TST15-46, TST15-56, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-13, TST16-23, TST16-33, TST16-43, TST16-53, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST16-16, TST16-26, TST16-36, TST16-46, TST16-56) + [configure 8 PMP entries (highest-numbered ones first) + - execute the 8 kinds of accesses (if possible to chain due to potential access-fault exception) + - should be same 8 results] +### Sub-feature: 004_2_intersecting_entries_fail + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg TOR access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should generate the access-type related access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S005_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-1 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +### Sub-feature: 005_2_intersecting_entries_succeed + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg TOR access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should not generate any access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F023_S006_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-2 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] +## Feature: multi entries OFF + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg OFF access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F024_S001_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g + TST24-1 = extension of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? + [configure only one (any, but the first one) PMP entry + - execute the chosen kind of access + - check appropriate access-fault exception raised] +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F024_S001_I000 feature description (Cf. Feature: "multi entries OFF") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F024_S002_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g + TST24-2 = extension of compatible pair of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? + [configure 2 non-adjacent PMP entries (highest-numbered ones first) (avoid the first PMP entry) + - execute the 2 kinds of accesses (if possible to chain due to access-fault) + - check 2 appropriate access-fault exceptions raised] +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g + TST24-3 = extension of compatible group(N) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? + [configure N PMP entries (highest-numbered ones first) (as non-adjacent as possible, and avoid the first PMP entry) + - execute the N kinds of accesses (if possible to chain due to access-fault) + - check N appropriate access-fault exceptions raised] +### Sub-feature: 003_8_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose all 8 PMP entries + + reuse of VP_PMP_F024_S001_I000 feature description (Cf. Feature: "multi entries OFF") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F024_S004_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST24(group) => FTR09-g + [create scenarios where PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for those PMP entries] + [create scenarios where all PMP entries with A=0 (OFF) and with matching permissions + - check no address matching for all PMP entries] + [check S or U mode access fails when all A=OFF with at least one PMP entry implemented] => FTR09-g + TST24-4 = extension of compatible group(8) of (TST17-11, TST17-21, TST17-31, TST17-41, TST17-51, + TST17-13, TST17-23, TST17-33, TST17-43, TST17-53, + TST17-14, TST17-24, TST17-34, TST17-44, TST17-54, + TST17-16, TST17-26, TST17-36, TST17-46, TST17-56, + TST18-14, TST18-24, TST18-34, TST18-44, TST18-54, //TODO: M-mode may not raise an exception + TST18-16, TST18-26, TST18-36, TST18-46, TST18-56) //TODO: M-mode may not raise an exception + //TODO: SHOULD WE ADD (TST18-11, TST18-21, TST18-31, TST18-41, TST18-51, + TST18-13, TST18-23, TST18-33, TST18-43, TST18-53) ? + [configure 8 PMP entries (highest-numbered ones first) + - execute the 8 kinds of accesses (if possible to chain due to access-fault) + - check 8 appropriate access-fault exceptions raised] +## Feature: multi entries ALL + +### Sub-feature: 000_1_entry + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose a single PMP entry + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F025_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_2_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + reuse of VP_PMP_F025_S001_I000 feature description (Cf. Feature: "multi entries ALL") +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F025_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_N_isolated_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any N PMP entries (2> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-1 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - configure the highest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - execute the associated access + - check associated access-fault exception raised] +### Sub-feature: 005_2_intersecting_entries_succeed + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + {Page 57 Section "3.7.1 Physical Memory Protection CSRs" Volume II: RISC-V Privileged Architectures V20211203} + + Up to 64 PMP entries are supported +* **Verification Goals** + + choose any 2 PMP entries + + CONFIGURATION and ACCESS (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + - for the least-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario without access-fault + - for the highest-numbered pmp entry, apply any CONFIGURATION+ACCESS scenario with access-fault + - make sure the pmp entries address ranges are overlapping/intersecting (at least at 4 consecutive bytes) + - for each pmp entry, execute one access in its associated pmp address region but outside the overlapping/intersecting address range + - execute one additional access inside the overlapping/intersecting address range + - NB: obviously, pmp entry configurations with different access-modes (S/U vs. M) cannot be easily mixed in same test + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + CHECK + - for each pmp entry, access outside the overlapping/intersecting address range should give the expected CHECK result + - access inside the overlapping/intersecting address range should not generate any access-fault + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** ENV Capability +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F025_S006_I000 +* **Link to Coverage:** +* **Comments** + + << link to the old pmp_verif_plan.txt and pmp_verif_plan_features.txt files (not up-to-date) : reading below not mandatory but may help for better understanding >> + + TST51(group) => FTR09-a, FTR09-b and FTR09-c + [create scenarios where 2 PMP entries with same pmpaddr + - one without matching permissions or with A=OFF + - one with matching permissions and A=NA4/NAPOT/TOR + - any of them can be the lowest-numbered PMP entry] + TST51-2 + [configure 2 PMP entries + - configure the lowest-numbered PMP entry with (TST11-11, TST11-21, TST11-31, TST11-41, TST11-51, + TST11-14, TST11-24, TST11-34, TST11-44, TST11-54, + TST12-11, TST12-21, TST12-31, TST12-41, TST12-51, + TST12-14, TST12-24, TST12-34, TST12-44, TST12-54, + TST13-11, TST13-21, TST13-31, TST13-41, TST13-51, + TST13-14, TST13-24, TST13-34, TST13-44, TST13-54, + TST14-11, TST14-21, TST14-31, TST14-41, TST14-51, + TST14-14, TST14-24, TST14-34, TST14-44, TST14-54, + TST15-11, TST15-21, TST15-31, TST15-41, TST15-51, + TST15-14, TST15-24, TST15-34, TST15-44, TST15-54, + TST16-11, TST16-21, TST16-31, TST16-41, TST16-51, + TST16-14, TST16-24, TST16-34, TST16-44, TST16-54) + - configure the highest-numbered PMP entry with (TST11-12, TST11-22, TST11-32, TST11-42, TST11-52, + TST11-15, TST11-25, TST11-35, TST11-45, TST11-55, + TST12-12, TST12-22, TST12-32, TST12-42, TST12-52, + TST12-15, TST12-25, TST12-35, TST12-45, TST12-55, + TST13-12, TST13-22, TST13-32, TST13-42, TST13-52, + TST13-15, TST13-25, TST13-35, TST13-45, TST13-55, + TST14-12, TST14-22, TST14-32, TST14-42, TST14-52, + TST14-15, TST14-25, TST14-35, TST14-45, TST14-55, + TST15-12, TST15-22, TST15-32, TST15-42, TST15-52, + TST15-15, TST15-25, TST15-35, TST15-45, TST15-55, + TST16-12, TST16-22, TST16-32, TST16-42, TST16-52, + TST16-15, TST16-25, TST16-35, TST16-45, TST16-55, + TST17-12, TST17-22, TST17-32, TST17-42, TST17-52, + TST17-15, TST17-25, TST17-35, TST17-45, TST17-55, + TST18-12, TST18-22, TST18-32, TST18-42, TST18-52, + TST18-15, TST18-25, TST18-35, TST18-45, TST18-55) + - execute the associated access + - check no access-fault exception] +## Feature: entry reconfiguration + +### Sub-feature: 000_reconfigure_N_pmp_entries + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + reuse of feature descriptions (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + reuse of feature descriptions (Cf. Feature: "CSRs M-mode only") + reuse of feature descriptions (Cf. Feature: "CSRs locked access") + reuse of feature descriptions (Cf. Feature: "multi entries NA4/NAPOT/TOR/OFF") +* **Verification Goals** + + configure any N PMP entries, possibly some with L=1 + + CONFIGURATION and ACCESS + - for each pmp entry, apply any CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + RECONFIGURATION and ACCESS + - for each pmp entry with L=0, apply any other CONFIGURATION+ACCESS scenario above (Cf. Feature: "cfg NA4/NAPOT/TOR/OFF access S/U/M") + - make sure the pmp entries address ranges are not overlapping/intersecting + - NB: obviously, pmp entry configurations with different mstatus.MPRV/MPP values cannot be mixed in same test + + RESET + - if there is any pmp entry with L=1, apply hart reset (or only PMP reset if possible) + - and restart with CONFIGURATION and RESET + + CHECK + - for each pmp entry, we should obtain the expected CHECK result + + REUSABILITY + - if possible, the number of PMP entries (N) is a configurable parameter + - so a single test function can be reused +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Constrained Random +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32E40P, CV32E40S, CV32E40X, CV32A6_v0.1.0, CV32A6-step2, CV64A6-step3 +* **Unique verification tag:** VP_PMP_F031_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + diff --git a/verif/docs/VerifPlans/source/dvplan_csr-access.md b/verif/docs/VerifPlans/source/dvplan_csr-access.md index 3db4f93f7..278a48e80 100644 --- a/verif/docs/VerifPlans/source/dvplan_csr-access.md +++ b/verif/docs/VerifPlans/source/dvplan_csr-access.md @@ -1,67 +1,451 @@ # Module: CSR ACCESS VERIFICATION -## Feature: machineScratch(MSCRATCH) +## Feature: CVA6_Machine_mode_RW_CSRs(mstatus, misa, mideleg, medeleg, mie, mtvec, mcounteren, mepc, mcause, mtval, mip,pmpaddr[0..7], pmpcfg[0..1]) -### Sub-feature: 000_MSCRATCH +### Sub-feature: 000_Power-on-reset (POR) values of CSR #### Item: 000 -* **Requirement location:** riscv-privileged-20211203 +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html * **Feature Description** - To verify the Power-on Reset value for MSCRATCH CSR. - - Address Offset : 0x340 - Width (bits) : 32 - Access Type : RW - Reset Value : 0x00000000 - priviliged mode : Machine + Upon reset, RISC-V CVA6 Machine mode RW CSRs must initialize to their respective POR value. * **Verification Goals** - Read MSCRATCH CSR to check default POR value that should be equal to 0x00000000. -* **Pass/Fail Criteria:** Check RM + Verify that the Machine Mode RW CSR POR value must match with the value specified in the RISC-V CVA6 user manual. +* **Pass/Fail Criteria:** Self-Check * **Test Type:** Directed SelfChk -* **Coverage Method:** N/A +* **Coverage Method:** Functional Coverage * **Applicable Cores:** CV32A6_v0.1.0 -* **Unique verification tag:** VP_csr-test-ident_F000_S000_I000 +* **Unique verification tag:** VP_CSR_VERIFICATION_F000_S000_I000 * **Link to Coverage:** * **Comments** *(none)* -#### Item: 001 +### Sub-feature: 001_Testing CSR with inverted reset value -* **Requirement location:** riscv-privileged-20211203 -* **Feature Description** - - Verifying R/W access of a MSCRATCH CSR by writing random valid data like 0xFFFFFFFF, 0XA5A5A5A5, 0X5A5A5A5A ... and Read back CSR values to check correctness. -* **Verification Goals** - - The read values of MSCRATCH CSR should matches with written random data values. -* **Pass/Fail Criteria:** NDY (Not Defined Yet) -* **Test Type:** NDY (Not Defined Yet) -* **Coverage Method:** NDY (Not Defined Yet) -* **Applicable Cores:** CV32A6_v0.1.0 -* **Unique verification tag:** VP_csr-test-ident_F000_S000_I001 -* **Link to Coverage:** -* **Comments** - - *(none)* - -#### Item: 002 + + +#### Item: 000 * **Requirement location:** * **Feature Description** - Verifying MSCRATCH CSR in other privilige modes(supervisor, user) + Check the behaviour of the RISC-V Machine mode CVA6 CSRs,when reset inverted values are written to respective CSRs. * **Verification Goals** - It is expected that accessing Machine Mode CSRs in lower privilige modes will raise an exception. -* **Pass/Fail Criteria:** Check RM + 1. Verify CSR reading post write operation. + 2. Verify if the core correctly handles inverted reset values or not. +* **Pass/Fail Criteria:** Self-Check * **Test Type:** Directed SelfChk -* **Coverage Method:** N/A +* **Coverage Method:** Functional Coverage * **Applicable Cores:** CV32A6_v0.1.0 -* **Unique verification tag:** VP_csr-test-ident_F000_S000_I002 +* **Unique verification tag:** VP_csr-access_F000_S003_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_CSR write and read operations + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + check the correctness of RISCV CVA6 Machine Mode RW CSRs by writing random values like 0xa5a5a5a5, 0x5a5a5a5a, 0xffa1ae40.. and read using the CSR instructions defined in the instruction set architecture (ISA). +* **Verification Goals** + + 1.Verify that CSR can be written using the appropriate CSR write instructions. + + 2.Ensure correct read operations using CSR read instructions. + + 3.Ensure that read values of the CSR should be as per CVA6 user manual +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F000_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 003_CSR access in different privilege modes + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Accessing RISC-V CVA6 Machine Mode CSRs in different privilege modes (User, Supervisor and Machine modes). +* **Verification Goals** + + 1.Ensure that Machine mode CSRs can only be accessed in the Machine mode according to the RISCV specification. + + 2.Verify that trying to access Machine Mode CSRs in lower privilege mode raises an illegal instruction exception. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F000_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +## Feature: CVA6_Machine_mode_RO_CSRs(mvendorid, marchid, mimpid, mhartid) + +### Sub-feature: 000_Power-on-reset (POR) values of CSR + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Upon reset,RISC-V CVA6 Machine RO(read only) CSR must initialize to their respective POR value. +* **Verification Goals** + + Verify that the Machine RO(Read only) CSR POR value must match with the value specified in the RISC-V CVA6 User Manual. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F001_S000_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_CSR write and read operations + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Check the correctness of RISCV CVA6 read only CSR by writing random values like 0xa5a5a5a5, 0x5a5a5a5a, 0xffa1ae40.. and confirm whether write into RO CSRs is possible or not. +* **Verification Goals** + + 1.Attempt to write a RO CSR. + 2.Check to see that an illegal instruction exception occurred. + 3.Immediately after returning from the exception handler, check to see that the CSR value is not changed. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F001_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_CSR access in different privilege modes + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Accessing RISC-V Machine read only CSRs in different privilege modes (User, Supervisor and Machine modes). +* **Verification Goals** + + 1.Ensure that Machine mode read only CSRs can only be accessed in Machine mode according to the RISC-V specification and does not alter the value of the CSR. + + 2.Verify that trying to access a Machine read only CSRs in an lower privilege mode raises an illegal instruction exception. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F001_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +## Feature: CVA6_Supervisor_mode_RW_CSRs(sstatus,stvec, sip, sie, scounteren, sscratch, sepc, scause, stval, satp) + +### Sub-feature: 000_Power-on-reset (POR) values of CSR + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Upon reset, RISC-V CVA6 Supervisor mode RW CSRs must initialize to their respective POR value. +* **Verification Goals** + + Verify that the Supervisor Mode RW CSRs POR value must match with the value specified in the RISC-V CVA6 user manual. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F004_S000_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_Testing CSR with inverted reset value + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + Check the behaviour of the RISC-V Supervisor mode CVA6 CSRs,when reset inverted values are written to respective CSRs. +* **Verification Goals** + + Ensure that the written value can be read back (that is, the R/W CSR actually stored the value of ~PoR). +* **Pass/Fail Criteria:** Check RM +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** Inverted PoR value +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_CSR write and read operations + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Check the correctness of RISCV CVA6 Supervisor Mode RW CSR by writing random values like 0xa5a5a5a5, 0x5a5a5a5a, 0xffa1ae40.. and read using the CSR instructions defined in the instruction set architecture (ISA). +* **Verification Goals** + + 1.Verify that CSR can be written using the appropriate CSR write instructions. + 2.Ensure correct read operations using CSR read instructions. + 3.Ensure that read values of the CSR should be as per CVA6 user manual. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F004_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 003_CSR access in different privilege modes + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Accessing RISC-V CVA6 Supervisor Mode CSRs in different privilege modes (User,Supervisor and Machine modes). +* **Verification Goals** + + 1.Ensure that Supervisor Mode CSRs can only be accessed in supervisor mode and in higher privilege mode according to the RISCV specification. + 2.Verify that trying to access a Supervisor Mode CSR in an lower privilege mode raises an illegal instruction exception. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F004_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +## Feature: CVA6_User_Mode_Counter_CSRs(cycle, instret, cycleh, instreth) + +### Sub-feature: 000_Power-on-reset (POR) values of CSR + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Upon reset, RISC-V CVA6 User mode counter CSRs must initialize to their respective POR value. +* **Verification Goals** + + Verify that the User Mode counter CSR POR value must match with the value specified in the RISC-V CVA6 user manual. + As cycle will increment on the posedge of each clock and instret will increment after every instruction is retired. For these CSRs, the best technique to check reset value is by "visual inspection" +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F003_S000_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_Counter _CSRs_functionality_checking + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + This feature pertains to the verification of functionality of RISC-V cycle, cycleh, instret and instreth Control Status Register (CSR). In a RISC-V architecture + + 1.’cycle’ and ‘cycleh’ are user-level CSR that hold low 32 bits and high 32 bits respectively of the count of clock cycles executed by the processor. + 2.’instret’ and ‘instreth’ are also user-level CSR that count the total number of instructions executed by the processor. + + The functionality of user mode counter CSR is being tested by performing two continuous reads and checking whether the value in the second read is greater than the value in the first read. +* **Verification Goals** + + 1.Verify that these CSR are properly initialized. + 2.Initiate a second read from the counter CSR immediately after the first read. + 3.Ensure that the value of the second read from counter CSR is greater than the value of the initial read. + 4.Confirm that user mode counter CSRs are incrementing. + + Note: This algorithm is only an "approximate test" of the functionality of these CSRs. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** NDY (Not Defined Yet) +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F003_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_CSR access in different privilege modes + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Accessing RISC-V CVA6 user Mode counter CSR in different privilege modes (User, Supervisor and Machine modes). +* **Verification Goals** + + Ensure that User mode counter CSRs can be accessed in user and Supervisor modes by configuring MCOUNTEREN CSR. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_CSR_VERIFICATION_F003_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 003_Verify the user mode counter CSRs behaviour after reaching maximum values + + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + check the behaviour of the RISC-V User mode counter CSRs when it reaches to maximum value. +* **Verification Goals** + + Ensure that user mode counter CSRs is updated to reset value as mentioned in CVA6 user manual after reaching to maximum value. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_csr-access_F003_S003_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +## Feature: CVA6_Machine_mode_counter_csr(mcycle,mcycleh,minstret,minstreth) + +### Sub-feature: 000_Power-on-reset (POR) values of CSR + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Upon reset, RISC-V CVA6 Machine mode counter CSRs must initialize to their respective POR value. +* **Verification Goals** + + Verify that the Machine Mode counter CSR POR value must match with the value specified in the RISC-V CVA6 user manual. + As mcycle will increment on the posedge of each clock and minstret will increment after every instruction is retired. For these CSRs, the best technique to check reset value is by "visual inspection" +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_csr-access_F002_S000_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 001_Counter _CSRs_functionality_checking + + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + This feature pertains to the verification of functionality of RISC-V mcycle, mcycleh, minstret and minstreth Control Status Register (CSR). In a RISC-V architecture + + 1.’mcycle’ and ‘mcycleh’ are machine-level CSRs that hold low 32 bits and high 32 bits respectively of the count of clock cycles executed by the processor. + + 2.’minstret’ and ‘minstreth’ are also machine-level CSR that count the total number of instructions executed by the processor. + + The functionality of machine mode counter CSR is being tested by performing two continuous reads and checking whether the value in the second read is greater than the value in the first read. +* **Verification Goals** + + 1.Verify that these CSR are properly initialized. + 2.Initiate a second read from the counter CSR immediately after the first read. + 3.Ensure that the value of the second read from counter CSR is greater than the value of the initial read. + 4.Confirm that Machine Mode counter CSRs are incrementing. + + Note: This algorithm is only an "approximate test" of the functionality of these CSRs. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_csr-access_F002_S001_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 002_CSR access in different privilege modes + +#### Item: 000 + +* **Requirement location:** https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/CSR_CV32A60X.html +* **Feature Description** + + Accessing RISC-V CVA6 user Machine mode counter CSRs in different privilege modes (User, Supervisor and Machine modes). +* **Verification Goals** + + 1.Ensure that Machine mode CSRs can only be accessed in the Machine mode according to the RISC-V specification. + 2.Verify that trying to access Machine Mode CSRs in lower privilege mode raises an illegal instruction exception. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_csr-access_F002_S002_I000 +* **Link to Coverage:** +* **Comments** + + *(none)* + +### Sub-feature: 003_Verify the Machine mode counter CSRs behaviour after reaching maximum value + +#### Item: 000 + +* **Requirement location:** +* **Feature Description** + + check the behaviour of the RISC-V Machine mode counter CSRs when it reaches to maximum value. +* **Verification Goals** + + Ensure that Machine mode counter CSRs is updated to reset value as mentioned in CVA6 user manual after reaching it to maximum value. +* **Pass/Fail Criteria:** Self-Check +* **Test Type:** Directed SelfChk +* **Coverage Method:** Functional Coverage +* **Applicable Cores:** CV32A6_v0.1.0 +* **Unique verification tag:** VP_csr-access_F002_S003_I000 * **Link to Coverage:** * **Comments** diff --git a/verif/env/corev-dv/target/rv64imafdc/riscv_core_setting.sv b/verif/env/corev-dv/target/rv64imafdc/riscv_core_setting.sv new file mode 100644 index 000000000..6ab432b43 --- /dev/null +++ b/verif/env/corev-dv/target/rv64imafdc/riscv_core_setting.sv @@ -0,0 +1,188 @@ +/* + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +//----------------------------------------------------------------------------- +// Processor feature configuration +//----------------------------------------------------------------------------- +// XLEN +parameter int XLEN = 64; + +// Parameter for SATP mode, set to BARE if address translation is not supported +parameter satp_mode_t SATP_MODE = SV39; + +// Supported Privileged mode +privileged_mode_t supported_privileged_mode[] = {USER_MODE, SUPERVISOR_MODE, MACHINE_MODE}; + +// Unsupported instructions +riscv_instr_name_t unsupported_instr[]; + +// ISA supported by the processor +riscv_instr_group_t supported_isa[$] = {RV32I, RV32M, RV64I, RV64M, RV32C, RV64C, RV32A, RV64A, + RV32F, RV64F, RV32D, RV64D}; +// Interrupt mode support +mtvec_mode_t supported_interrupt_mode[$] = {DIRECT, VECTORED}; + +// The number of interrupt vectors to be generated, only used if VECTORED interrupt mode is +// supported +int max_interrupt_vector_num = 16; + +// Physical memory protection support +bit support_pmp = 0; + +// Enhanced physical memory protection support +bit support_epmp = 0; + +// Debug mode support +bit support_debug_mode = 0; + +// Support delegate trap to user mode +bit support_umode_trap = 0; + +// Support sfence.vma instruction +bit support_sfence = 1; + +// Support unaligned load/store +bit support_unaligned_load_store = 1'b1; + +// GPR setting +parameter int NUM_FLOAT_GPR = 32; +parameter int NUM_GPR = 32; +parameter int NUM_VEC_GPR = 32; + +// ---------------------------------------------------------------------------- +// Vector extension configuration +// ---------------------------------------------------------------------------- + +// Parameter for vector extension +parameter int VECTOR_EXTENSION_ENABLE = 0; + +parameter int VLEN = 512; + +// Maximum size of a single vector element +parameter int ELEN = 32; + +// Minimum size of a sub-element, which must be at most 8-bits. +parameter int SELEN = 8; + +// Maximum size of a single vector element (encoded in vsew format) +parameter int VELEN = int'($ln(ELEN)/$ln(2)) - 3; + +// Maxium LMUL supported by the core +parameter int MAX_LMUL = 8; + +// ---------------------------------------------------------------------------- +// Multi-harts configuration +// ---------------------------------------------------------------------------- + +// Number of harts +parameter int NUM_HARTS = 1; + +// ---------------------------------------------------------------------------- +// Previleged CSR implementation +// ---------------------------------------------------------------------------- + +// Implemented previlieged CSR list +`ifdef DSIM +privileged_reg_t implemented_csr[] = { +`else +const privileged_reg_t implemented_csr[] = { +`endif + // User mode CSR + USTATUS, // User status + UIE, // User interrupt-enable register + UTVEC, // User trap-handler base address + USCRATCH, // Scratch register for user trap handlers + UEPC, // User exception program counter + UCAUSE, // User trap cause + UTVAL, // User bad address or instruction + UIP, // User interrupt pending + // Supervisor mode CSR + SSTATUS, // Supervisor status + SEDELEG, // Supervisor exception delegation register + SIDELEG, // Supervisor interrupt delegation register + SIE, // Supervisor interrupt-enable register + STVEC, // Supervisor trap-handler base address + SCOUNTEREN, // Supervisor counter enable + SSCRATCH, // Scratch register for supervisor trap handlers + SEPC, // Supervisor exception program counter + SCAUSE, // Supervisor trap cause + STVAL, // Supervisor bad address or instruction + SIP, // Supervisor interrupt pending + SATP, // Supervisor address translation and protection + // Machine mode mode CSR + MVENDORID, // Vendor ID + MARCHID, // Architecture ID + MIMPID, // Implementation ID + MHARTID, // Hardware thread ID + MSTATUS, // Machine status + MISA, // ISA and extensions + MEDELEG, // Machine exception delegation register + MIDELEG, // Machine interrupt delegation register + MIE, // Machine interrupt-enable register + MTVEC, // Machine trap-handler base address + MCOUNTEREN, // Machine counter enable + MSCRATCH, // Scratch register for machine trap handlers + MEPC, // Machine exception program counter + MCAUSE, // Machine trap cause + MTVAL, // Machine bad address or instruction + MIP, // Machine interrupt pending + // Floating point CSR + FCSR // Floating point control and status +}; + +// Implementation-specific custom CSRs +bit [11:0] custom_csr[] = { +}; + +// ---------------------------------------------------------------------------- +// Supported interrupt/exception setting, used for functional coverage +// ---------------------------------------------------------------------------- + +`ifdef DSIM +interrupt_cause_t implemented_interrupt[] = { +`else +const interrupt_cause_t implemented_interrupt[] = { +`endif + U_SOFTWARE_INTR, + S_SOFTWARE_INTR, + M_SOFTWARE_INTR, + U_TIMER_INTR, + S_TIMER_INTR, + M_TIMER_INTR, + U_EXTERNAL_INTR, + S_EXTERNAL_INTR, + M_EXTERNAL_INTR +}; + +`ifdef DSIM +exception_cause_t implemented_exception[] = { +`else +const exception_cause_t implemented_exception[] = { +`endif + INSTRUCTION_ACCESS_FAULT, + ILLEGAL_INSTRUCTION, + BREAKPOINT, + LOAD_ADDRESS_MISALIGNED, + LOAD_ACCESS_FAULT, + STORE_AMO_ADDRESS_MISALIGNED, + STORE_AMO_ACCESS_FAULT, + ECALL_UMODE, + ECALL_SMODE, + ECALL_MMODE, + INSTRUCTION_PAGE_FAULT, + LOAD_PAGE_FAULT, + STORE_AMO_PAGE_FAULT +}; diff --git a/verif/env/uvme/cvxif_vseq/custom_instructions_cvxif_1_0_0.rst b/verif/env/uvme/cvxif_vseq/custom_instructions_cvxif_1_0_0.rst index ee53871c8..406dd5014 100644 --- a/verif/env/uvme/cvxif_vseq/custom_instructions_cvxif_1_0_0.rst +++ b/verif/env/uvme/cvxif_vseq/custom_instructions_cvxif_1_0_0.rst @@ -70,25 +70,25 @@ Except for 4 of them using opcode `MADD, MSUB, NMADD, NMSUB` **Format**: addi rd, rs1, rs2, rs3 -> |rs3|00|rs2|rs1|000|rd|100_0111| - **Description**: add register rs1, rs2 to rs3, and store the result in rd. + **Description**: subtract register rs2 and rs3 from rs1 and store the result in rd. - **Pseudocode**: x[rd] = x[rs1] + x[rs2] + x[rs3] + **Pseudocode**: x[rd] = x[rs1] - x[rs2] - x[rs3] - **CUS_ADD_RS3_NMADD**: Custom Add with RS3 opcode == NMADD **Format**: addi rd, rs1, rs2, rs3 -> |rs3|00|rs2|rs1|000|rd|100_1111| - **Description**: add register rs1, rs2 to rs3, and store the result in rd. + **Description**: add register rs1, rs2 to rs3, negate the sum, and store the result in rd. - **Pseudocode**: x[rd] = x[rs1] + x[rs2] + x[rs3] + **Pseudocode**: x[rd] = ¬(x[rs1] + x[rs2] + x[rs3]) - **CUS_ADD_RS3_NMSUB**: Custom Add with RS3 opcode == NMSUB **Format**: addi rd, rs1, rs2, rs3 -> |rs3|00|rs2|rs1|000|rd|100_1011| - **Description**: add register rs1, rs2 to rs3, and store the result in rd. + **Description**: subtract register rs2 and rs3 from rs1, negate the difference, and store the result in rd. - **Pseudocode**: x[rd] = x[rs1] + x[rs2] + x[rs3] + **Pseudocode**: x[rd] = ¬(x[rs1] - x[rs2] - x[rs3]) - **CUS_ADD_RS3_RTYPE**: Custom Add with RS3, rd is x10 (a0) diff --git a/verif/env/uvme/cvxif_vseq/uvme_cvxif_vseq.sv b/verif/env/uvme/cvxif_vseq/uvme_cvxif_vseq.sv index 9a9e460ae..de4da8a1d 100644 --- a/verif/env/uvme/cvxif_vseq/uvme_cvxif_vseq.sv +++ b/verif/env/uvme/cvxif_vseq/uvme_cvxif_vseq.sv @@ -378,31 +378,31 @@ task uvme_cvxif_vseq_c::do_instr_result(); end "CUS_ADD_RS3_MSUB": begin if (req_item.register.rs_valid == 3'b111) begin - resp_item.result.data = req_item.register.rs[0] + req_item.register.rs[1] + req_item.register.rs[2]; + resp_item.result.data = req_item.register.rs[0] - req_item.register.rs[1] - req_item.register.rs[2]; resp_item.result.rd = req_item.issue_req.instr[11:7]; end else if (req_item.register.rs_valid == 2'b11) begin - resp_item.result.data = req_item.register.rs[0] + req_item.register.rs[1]; + resp_item.result.data = req_item.register.rs[0] - req_item.register.rs[1]; resp_item.result.rd = req_item.issue_req.instr[11:7]; end end "CUS_ADD_RS3_NMADD": begin if (req_item.register.rs_valid == 3'b111) begin - resp_item.result.data = req_item.register.rs[0] + req_item.register.rs[1] + req_item.register.rs[2]; + resp_item.result.data = ~(req_item.register.rs[0] + req_item.register.rs[1] + req_item.register.rs[2]); resp_item.result.rd = req_item.issue_req.instr[11:7]; end else if (req_item.register.rs_valid == 2'b11) begin - resp_item.result.data = req_item.register.rs[0] + req_item.register.rs[1]; + resp_item.result.data = ~(req_item.register.rs[0] + req_item.register.rs[1]); resp_item.result.rd = req_item.issue_req.instr[11:7]; end end "CUS_ADD_RS3_NMSUB": begin if (req_item.register.rs_valid == 3'b111) begin - resp_item.result.data = req_item.register.rs[0] + req_item.register.rs[1] + req_item.register.rs[2]; + resp_item.result.data = ~(req_item.register.rs[0] - req_item.register.rs[1] - req_item.register.rs[2]); resp_item.result.rd = req_item.issue_req.instr[11:7]; end else if (req_item.register.rs_valid == 2'b11) begin - resp_item.result.data = req_item.register.rs[0] + req_item.register.rs[1]; + resp_item.result.data = ~(req_item.register.rs[0] - req_item.register.rs[1]); resp_item.result.rd = req_item.issue_req.instr[11:7]; end end diff --git a/verif/env/uvme/uvme_cva6_cfg.sv b/verif/env/uvme/uvme_cva6_cfg.sv index 946c63b4b..1f597e49c 100644 --- a/verif/env/uvme/uvme_cva6_cfg.sv +++ b/verif/env/uvme/uvme_cva6_cfg.sv @@ -131,8 +131,7 @@ class uvme_cva6_cfg_c extends uvma_core_cntrl_cfg_c; HPDCache_supported == (RTLCVA6Cfg.DCacheType == 2); MmuPresent == RTLCVA6Cfg.MmuPresent; - // TODO : add RTL paramater related to this field fix issue#2500 - sw_int_supported == 0; + sw_int_supported == RTLCVA6Cfg.SoftwareInterruptEn; } constraint ext_const { diff --git a/verif/env/uvme/uvme_cva6_sb.sv b/verif/env/uvme/uvme_cva6_sb.sv index ddc7eeeca..cf15c8f53 100644 --- a/verif/env/uvme/uvme_cva6_sb.sv +++ b/verif/env/uvme/uvme_cva6_sb.sv @@ -241,7 +241,7 @@ function void uvme_cva6_sb_c::check_pc_trap(uvma_isacov_instr_c instr, if (instr_prev.trap) begin if (mtvec_change) begin if(cfg.xlen == 32) begin - if (instr.rvfi.pc_rdata[31:2] == mtvec_value[31:2]) begin + if (instr.rvfi.pc_rdata[RTLCVA6Cfg.VLEN-1:2] == mtvec_value[RTLCVA6Cfg.VLEN-1:2]) begin //we only support MTVEC Direct mode `uvm_info(get_type_name(), $sformatf("After a trap, PC matches MTVEC value"), UVM_DEBUG) end diff --git a/verif/regress/benchmark.sh b/verif/regress/benchmark.sh index 282bafdec..353726a37 100644 --- a/verif/regress/benchmark.sh +++ b/verif/regress/benchmark.sh @@ -55,18 +55,18 @@ GCC_CFLAGS=( GCC_OPTS="${GCC_COMMON_SRC[*]} ${GCC_CFLAGS[*]}" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/dhrystone/dhrystone_main.c --gcc_opts "$BDIR/dhrystone/dhrystone.c $GCC_OPTS -I$BDIR/dhrystone/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/median/median_main.c --gcc_opts "$BDIR/median/median.c $GCC_OPTS -I$BDIR/median/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/mm/mm.c --gcc_opts "$BDIR/mm/mm_main.c $GCC_OPTS -I$BDIR/mm/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/mt-matmul/mt-matmul.c --gcc_opts "$BDIR/mt-matmul/matmul.c $GCC_OPTS -I$BDIR/mt-matmul/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/mt-vvadd/mt-vvadd.c --gcc_opts "$BDIR/mt-vvadd/vvadd.c $GCC_OPTS -I$BDIR/mt-vvadd/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/multiply/multiply_main.c --gcc_opts "$BDIR/multiply/multiply.c $GCC_OPTS -I$BDIR/multiply/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/pmp/pmp.c --gcc_opts " $GCC_OPTS -I$BDIR/pmp/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/qsort/qsort_main.c --gcc_opts " $GCC_OPTS -I$BDIR/qsort/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/rsort/rsort.c --gcc_opts " $GCC_OPTS -I$BDIR/rsort/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/spmv/spmv_main.c --gcc_opts " $GCC_OPTS -I$BDIR/spmv/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/towers/towers_main.c --gcc_opts " $GCC_OPTS -I$BDIR/towers/" -python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/vvadd/vvadd_main.c --gcc_opts " $GCC_OPTS -I$BDIR/vvadd/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/dhrystone/dhrystone_main.c --sv_seed 1 --gcc_opts "$BDIR/dhrystone/dhrystone.c $GCC_OPTS -I$BDIR/dhrystone/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/median/median_main.c --sv_seed 1 --gcc_opts "$BDIR/median/median.c $GCC_OPTS -I$BDIR/median/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/mm/mm.c --sv_seed 1 --gcc_opts "$BDIR/mm/mm_main.c $GCC_OPTS -I$BDIR/mm/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/mt-matmul/mt-matmul.c --sv_seed 1 --gcc_opts "$BDIR/mt-matmul/matmul.c $GCC_OPTS -I$BDIR/mt-matmul/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/mt-vvadd/mt-vvadd.c --sv_seed 1 --gcc_opts "$BDIR/mt-vvadd/vvadd.c $GCC_OPTS -I$BDIR/mt-vvadd/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/multiply/multiply_main.c --sv_seed 1 --gcc_opts "$BDIR/multiply/multiply.c $GCC_OPTS -I$BDIR/multiply/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/pmp/pmp.c --sv_seed 1 --gcc_opts " $GCC_OPTS -I$BDIR/pmp/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/qsort/qsort_main.c --sv_seed 1 --gcc_opts " $GCC_OPTS -I$BDIR/qsort/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/rsort/rsort.c --sv_seed 1 --gcc_opts " $GCC_OPTS -I$BDIR/rsort/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/spmv/spmv_main.c --sv_seed 1 --gcc_opts " $GCC_OPTS -I$BDIR/spmv/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/towers/towers_main.c --sv_seed 1 --gcc_opts " $GCC_OPTS -I$BDIR/towers/" +python3 cva6.py $CVA6_FLAGS --c_tests $BDIR/vvadd/vvadd_main.c --sv_seed 1 --gcc_opts " $GCC_OPTS -I$BDIR/vvadd/" make clean make -C verif/sim clean_all diff --git a/verif/regress/coremark.sh b/verif/regress/coremark.sh index b21ec7e86..23038dbf3 100644 --- a/verif/regress/coremark.sh +++ b/verif/regress/coremark.sh @@ -92,6 +92,7 @@ python3 cva6.py \ --iss="$DV_SIMULATORS" \ --iss_yaml=cva6.yaml \ --c_tests "$src0" \ + --sv_seed 1 \ --gcc_opts "${srcA[*]} ${cflags[*]}" \ --iss_timeout=2000 \ $DV_OPTS diff --git a/verif/regress/dhrystone.sh b/verif/regress/dhrystone.sh index 36938edf7..3451777ce 100644 --- a/verif/regress/dhrystone.sh +++ b/verif/regress/dhrystone.sh @@ -69,5 +69,6 @@ python3 cva6.py \ --iss="$DV_SIMULATORS" \ --iss_yaml=cva6.yaml \ --c_tests "$src0" \ + --sv_seed 1 \ --gcc_opts "${srcA[*]} ${cflags[*]}" \ $DV_OPTS diff --git a/verif/regress/dhrystone_smoke.sh b/verif/regress/dhrystone_smoke.sh index fdc7f82f7..a78bf0bc7 100644 --- a/verif/regress/dhrystone_smoke.sh +++ b/verif/regress/dhrystone_smoke.sh @@ -62,4 +62,5 @@ python3 cva6.py \ --iss="$DV_SIMULATORS" \ --iss_yaml=cva6.yaml \ --c_tests "$src0" \ + --sv_seed 1 \ --gcc_opts "${srcA[*]} ${cflags[*]}" diff --git a/verif/regress/pmp_cv32a65x_tests.sh b/verif/regress/pmp_cv32a65x_tests.sh new file mode 100644 index 000000000..5e65fb700 --- /dev/null +++ b/verif/regress/pmp_cv32a65x_tests.sh @@ -0,0 +1,41 @@ +##----------------------------------------------------------------------------- +## Copyright 2024 Robert Bosch GmbH +## +## SPDX-License-Identifier: SHL-0.51 +## +## Original Author: Konstantinos Leventos - Robert Bosch France SAS +##----------------------------------------------------------------------------- + +# Where the tools are +if ! [ -n "$RISCV" ]; then + echo "Error: RISCV variable undefined" + return +fi + +# Install the required tools +source ./verif/regress/install-spike.sh + +# Setup sim env +source ./verif/sim/setup-env.sh + +if ! [ -n "$DV_SIMULATORS" ]; then + DV_SIMULATORS=vcs-uvm +fi + +if ! [ -n "$UVM_VERBOSITY" ]; then + UVM_VERBOSITY=UVM_NONE +fi + +export DV_OPTS="$DV_OPTS --issrun_opts=+debug_disable=1+UVM_VERBOSITY=$UVM_VERBOSITY" + +export DV_TARGET=cv32a65x + +make clean +cd verif/sim/ +make clean_all + +python3 cva6.py --testlist=../tests/testlist_pmp-$DV_TARGET.yaml --target $DV_TARGET --iss_yaml=cva6.yaml --iss=$DV_SIMULATORS $DV_OPTS --linker=../../config/gen_from_riscv_config/cv32a60x/linker/link.ld + +make clean_all +cd - +make clean diff --git a/verif/sim/Makefile b/verif/sim/Makefile index 642b83f31..1a71754c0 100644 --- a/verif/sim/Makefile +++ b/verif/sim/Makefile @@ -382,6 +382,9 @@ questa-uvm: generate_cov_dash: urg -warn none -hvp_proj cva6_embedded -format both -group instcov_for_score -hvp_attributes weight+description+Comment -dir vcs_results/default/vcs.d/simv.vdb -plan cva6.hvp -tgl portsonly +generate_verdi_cov: + -verdi -cov -format both -group instcov_for_score -covdir vcs_results/default/vcs.d/simv.vdb -plan cva6.hvp -tgl portsonly + vcs_clean_all: @echo "[VCS] Cleanup (entire vcs_work dir)" rm -rf $(CVA6_REPO_DIR)/verif/sim/vcs_results/ verdiLog/ simv* *.daidir *.vpd *.fsdb *.db csrc ucli.key vc_hdrs.h novas* inter.fsdb uart diff --git a/verif/sim/cva6.py b/verif/sim/cva6.py index b1ca40c2b..4c5075ec8 100644 --- a/verif/sim/cva6.py +++ b/verif/sim/cva6.py @@ -431,6 +431,13 @@ def analyze_tandem_report(yaml_path): except KeyError: logging.info("Incomplete TANDEM YAML report") +def log_uvm_seed(sv_seed , filename="uvm_seed.log"): + try: + with open(filename, 'a') as file: + timestamp = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') + file.write(f"{timestamp} - UVM Seed: {sv_seed}\n") + except IOError as error: + print(f"Failed to log UVM seed: {error}") def generate_yaml_report(yaml_path, target, isa, test, testlist, iss, initial_creation , iteration = None): if not initial_creation: @@ -775,7 +782,7 @@ def parse_args(cwd): help="switch AXI agent mode: yes for Active, no for Passive") parser.add_argument("--gen_sv_seed", type=int, default=0, help="Run test N times with random seed") - parser.add_argument("--sv_seed", type=str, default="1", + parser.add_argument("--sv_seed", type=str, default=str(random.getrandbits(31)), help="Run test with a specific seed") parser.add_argument("--isa_extension", type=str, default="", help="Choose additional z, s, x extensions") @@ -1105,6 +1112,8 @@ def main(): else: logging.error('gen_sv_seed can not take a negative value') + log_uvm_seed(args.sv_seed) + issrun_opts = "\""+args.issrun_opts+"\"" global isspostrun_opts diff --git a/verif/sim/dv b/verif/sim/dv index f0c570d11..7e54b678a 160000 --- a/verif/sim/dv +++ b/verif/sim/dv @@ -1 +1 @@ -Subproject commit f0c570d11236f94f9c5449870223a5ac717cc580 +Subproject commit 7e54b678ab7499040336255550cdbd99ae887431 diff --git a/verif/tb/uvmt/cva6_tb_wrapper.sv b/verif/tb/uvmt/cva6_tb_wrapper.sv index fa8250a8e..708267b96 100644 --- a/verif/tb/uvmt/cva6_tb_wrapper.sv +++ b/verif/tb/uvmt/cva6_tb_wrapper.sv @@ -247,7 +247,9 @@ module cva6_tb_wrapper import uvmt_cva6_pkg::*; #( assign cvxif_if.compressed_valid = cvxif_req.compressed_valid; assign cvxif_if.compressed_req = cvxif_req.compressed_req; assign cvxif_if.issue_valid = cvxif_req.issue_valid; - assign cvxif_if.issue_req = cvxif_req.issue_req; + assign cvxif_if.issue_req.instr = cvxif_req.issue_req.instr; + assign cvxif_if.issue_req.hartid = cvxif_req.issue_req.hartid; + assign cvxif_if.issue_req.id = cvxif_req.issue_req.id; assign cvxif_if.register_valid = cvxif_req.register_valid; assign cvxif_if.register = cvxif_req.register; assign cvxif_if.commit_valid = cvxif_req.commit_valid; diff --git a/verif/tests/custom/cv_xif/cvxif_macros.h b/verif/tests/custom/cv_xif/cvxif_macros.h index be2a692c2..631144227 100644 --- a/verif/tests/custom/cv_xif/cvxif_macros.h +++ b/verif/tests/custom/cv_xif/cvxif_macros.h @@ -1,4 +1,4 @@ -// Copyright 2021 Thales DIS design services SAS +// Copyright 2022 Thales DIS design services SAS // // Licensed under the Solderpad Hardware Licence, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -8,21 +8,67 @@ // Original Author: Zineb EL KACIMI (zineb.el-kacimi@external.thalesgroup.com) // Contributor : Guillaume Chauvon +# Add user macros, routines in this file -#define LOAD_RS(rs,value) li rs, value -#define COMP_RS(rs1,rs2,rd) xor rd, rs1, rs2 +# Mappings of custom_* mnemonics to .insn pseudo-op of GAS -#define CUS_NOP() .word 0b##0000000##00000####00000##000##00000##1111011 -#define CUS_ADD(rs1,rs2,rd) .word 0b##0000000##rs2####rs1##001##rd##1111011 -#define CUS_ADD_RS1(rs1,rs2,rd) .word 0b##0000001##rs2####rs1##001##rd##1111011 // only use rs1 : rs1 + rs1 => rd -#define CUS_ADD_RS2(rs1,rs2,rd) .word 0b##0000010##rs2####rs1##001##rd##1111011 // only use rs2 : rs2 + rs2 => rd -#define CUS_ADD_MULTI(rs1,rs2,rd) .word 0b##0000011##rs2####rs1##001##rd##1111011 -#define CUS_ADD_RS3_MADD(rs1,rs2,rs3,rd) .word 0b##rs3##00##rs2####rs1##000##rd##1000011 //MADD -#define CUS_ADD_RS3_MSUB(rs1,rs2,rs3,rd) .word 0b##rs3##00##rs2####rs1##000##rd##1000111 //MSUB -#define CUS_ADD_RS3_NMSUB(rs1,rs2,rs3,rd) .word 0b##rs3##00##rs2####rs1##000##rd##1001011 //NMSUB -#define CUS_ADD_RS3_NMADD(rs1,rs2,rs3,rd) .word 0b##rs3##00##rs2####rs1##000##rd##1001111 //NMADD -#define CUS_ADD_RS3_RTYPE(rs1,rs2,rs3) .word 0b##0000100##rs2####rs1##001##rs3##1111011 +# CUS_ADD rd, rs1, rs2 -> .insn r CUSTOM_3, 0x1, 0x0, rd, rs1, rs2 +.macro cus_add rd, rs1, rs2 + .insn r CUSTOM_3, 0x1, 0x0, \rd, \rs1, \rs2 +.endm -#define CUS_CADD(rs1, rs2) .half 0b##111##1##rs1##rs2##00 // -> Extend to CUS_ADD(rs1,rs2,x10) -#define CUS_CNOP() .half 0b##111##0##00000##00000##00 // -> Extend to CUS_NOP +# CUS_NOP -> .insn r CUSTOM_3, 0x0, 0x0, x0, x0, x0 +.macro cus_nop + .insn r CUSTOM_3, 0x0, 0x0, x0, x0, x0 +.endm + +# CUS_DOUBLE_RS1 rd, rs1, rs2 -> .insn r CUSTOM_3, 0x1, 0x1, rd, rs1, rs2 +.macro cus_double_rs1 rd, rs1, rs2 + .insn r CUSTOM_3, 0x1, 0x1, \rd, \rs1, \rs2 +.endm + +# CUS_DOUBLE_RS2 rd, rs1, rs2 -> .insn r CUSTOM_3, 0x1, 0x2, rd, rs1, rs2 +.macro cus_double_rs2 rd, rs1, rs2 + .insn r CUSTOM_3, 0x1, 0x2, \rd, \rs1, \rs2 +.endm + +# CUS_ADD_MULTI rd, rs1, rs2 -> .insn r CUSTOM_3, 0x1, 0x3, rd, rs1, rs2 +.macro cus_add_multi rd, rs1, rs2 + .insn r CUSTOM_3, 0x1, 0x3, \rd, \rs1, \rs2 +.endm + +# CUS_ADD_RS3_MADD rd, rs1, rs2, rs3 -> .insn r MADD, 0x0, 0x0, rd, rs1, rs2, rs3 +.macro cus_add_rs3_madd rd, rs1, rs2, rs3 + .insn r MADD, 0x0, 0x0, \rd, \rs1, \rs2, \rs3 +.endm + +# CUS_ADD_RS3_MSUB rd, rs1, rs2, rs3 -> .insn r MSUB, 0x0, 0x0, rd, rs1, rs2, rs3 +.macro cus_add_rs3_msub rd, rs1, rs2, rs3 + .insn r MSUB, 0x0, 0x0, \rd, \rs1, \rs2, \rs3 +.endm + +# CUS_ADD_RS3_NMADD rd, rs1, rs2, rs3 -> .insn r NMADD, 0x0, 0x0, rd, rs1, rs2, rs3 +.macro cus_add_rs3_nmadd rd, rs1, rs2, rs3 + .insn r NMADD, 0x0, 0x0, \rd, \rs1, \rs2, \rs3 +.endm + +# CUS_ADD_RS3_NMSUB rd, rs1, rs2, rs3 -> .insn r NMSUB, 0x0, 0x0, rd, rs1, rs2, rs3 +.macro cus_add_rs3_nmsub rd, rs1, rs2, rs3 + .insn r NMSUB, 0x0, 0x0, \rd, \rs1, \rs2, \rs3 +.endm + +# CUS_ADD_RS3_RTYPE rs3, rs1, rs2 -> .insn r MADD, 0x1, 0x4, rs3, rs1, rs2 +.macro cus_add_rs3_rtype rs1, rs2, rs3 + .insn r MADD, 0x1, 0x4, \rs3, \rs1, \rs2 +.endm + +# CUS_CNOP -> .insn cr 0x0, 0xe, x0, x0 +.macro cus_cnop + .insn cr 0x0, 0xe, x0, x0 +.endm + +# CUS_CADD rs1, rs2 -> .insn cr 0x0, 0xf, rs1, rs2 +.macro cus_cadd rs1, rs2 + .insn cr 0x0, 0xf, \rs1, \rs2 +.endm \ No newline at end of file diff --git a/verif/tests/custom/pmp/decreasing_entries_test.S b/verif/tests/custom/pmp/decreasing_entries_test.S new file mode 100644 index 000000000..9ad2c3dc7 --- /dev/null +++ b/verif/tests/custom/pmp/decreasing_entries_test.S @@ -0,0 +1,98 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# decreasing_entries_test.S (TST04-4) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Configure PMP using decreasing entries of TOR. + + # From 0xB000_0000 to 0xC000_0000 Read-Write-Execute. + li t0, 0x30000000 + csrw pmpaddr7, t0 + + # From 0xA000_0000 to 0xB000_0000 Read-Write-Execute. + li t0, 0x2c000000 + csrw pmpaddr6, t0 + + # From 0x9000_0000 to 0xA000_0000 Read-Write-Execute. + li t0, 0x28000000 + csrw pmpaddr5, t0 + + # From 0x8000_0000 to 0x9000_0000 Read-Write-Execute. + li t0, 0x24000000 + csrw pmpaddr4, t0 + + # From 0x0002_0000 to 0x8000_0000 no Permissions. + li t0, 0x20000000 + csrw pmpaddr3, t0 + + # From 0x0001_0000 to 0x0002_0000 only Execute. + li t0, 0x00008000 + csrw pmpaddr2, t0 + + # From 0x0000_1000 to 0x0001_0000 no Permissions. + li t0, 0x00004000 + csrw pmpaddr1, t0 + + # From 0x0000_0000 to 0x0000_1000 only Execute. + li t0, 0x00000400 + csrw pmpaddr0, t0 + + + # Addr 4-7 configs, written in cfg1, with LOCK OFF, and TOR. + li t0, 0x0f0f0f0f + csrw pmpcfg1, t0 + + # Addr 0-3 configs, written in cfg0, with LOCK OFF, and TOR. + li t0, 0x080c080c + csrw pmpcfg0, t0 + + + # Do the READ-WRITE test. + + # Check 1 read-write test, at 0x8800_0000. + li t1, 0x88000000 + li t2, 0xEFFACED1 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 2 read-write test, at 0x9800_0000. + li t1, 0x98000000 + li t2, 0xACCEDED2 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 3 read-write test, at 0xA800_0000. + li t1, 0xA8000000 + li t2, 0xDEFACED3 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 4 read-write test, at 0xB800_0000. + li t1, 0xB8000000 + li t2, 0xDEC0DED4 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp/defined_matches_test.S b/verif/tests/custom/pmp/defined_matches_test.S new file mode 100644 index 000000000..2df2a8451 --- /dev/null +++ b/verif/tests/custom/pmp/defined_matches_test.S @@ -0,0 +1,48 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# defined_matches_test.S (TST10-1, TST10-2) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Check a Memory Access succeeds if no PMP entry is defined. + li t1, 0x90000000 + li t2, 0xC0D1F1ED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Set up a PMP entry using NAPOT, from 0x8000_0000 to 0xA0000_0000, Read-Write-Execute. + li t0, 0x0000001f + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + li t0, 0x23ffffff + csrw pmpaddr0, t0 + csrr t1, pmpaddr0 + bne t0, t1, fail + + # Check a memory access succeeds if no PMP entry matches. + li t1, 0xB0000000 + li t2, 0xCA5CADED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp/double_entries_test.S b/verif/tests/custom/pmp/double_entries_test.S new file mode 100644 index 000000000..a7e7ef988 --- /dev/null +++ b/verif/tests/custom/pmp/double_entries_test.S @@ -0,0 +1,72 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# double_entries_test.S (TST04-2) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Set up PMP using NAPOT, from 0xB000_0000 to 0xC000_0000, Read-Write. + li t0, 0x001b0000 + csrw pmpcfg1, t0 + csrr t1, pmpcfg1 + bne t0, t1, fail + li t0, 0x2dffffff + csrw pmpaddr6, t0 + csrr t1, pmpaddr6 + bne t0, t1, fail + + # Set up PMP using NAPOT, from 0x8000_0000 to 0x9000_0000, Read-Write. + li t0, 0x001b0000 + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + li t0, 0x21ffffff + csrw pmpaddr2, t0 + csrr t1, pmpaddr2 + bne t0, t1, fail + + # Read-Write check in 0xB800_0000. + li t1, 0xB8000000 + li t2, 0xC0D1F1ED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Read-Write check in 0x8800_0000. + li t1, 0x88000000 + li t2, 0xCA5CADED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check that all other addr / cfg are zero. + csrr t0, pmpaddr0 + bne t0, zero, fail + csrr t0, pmpaddr1 + bne t0, zero, fail + csrr t0, pmpaddr3 + bne t0, zero, fail + csrr t0, pmpaddr4 + bne t0, zero, fail + csrr t0, pmpaddr5 + bne t0, zero, fail + csrr t0, pmpaddr7 + bne t0, zero, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp/exact_csrr_test.S b/verif/tests/custom/pmp/exact_csrr_test.S new file mode 100644 index 000000000..a5839c029 --- /dev/null +++ b/verif/tests/custom/pmp/exact_csrr_test.S @@ -0,0 +1,99 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# exact_csrr_test.S (TST05-1) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Write in addresses and check what is written. + + # Checking PMP ADDR 0 + li t0, 0xFACADE00 + csrw pmpaddr0, t0 + csrr t1, pmpaddr0 + bne t0, t1, fail + csrw pmpaddr0, zero + + # Checking PMP ADDR 1 + li t0, 0xFACADE02 + csrw pmpaddr1, t0 + csrr t1, pmpaddr1 + bne t0, t1, fail + csrw pmpaddr1, zero + + # Checking PMP ADDR 2 + li t0, 0xFACADE04 + csrw pmpaddr2, t0 + csrr t1, pmpaddr2 + bne t0, t1, fail + csrw pmpaddr2, zero + + # Checking PMP ADDR 3 + li t0, 0xFACADE06 + csrw pmpaddr3, t0 + csrr t1, pmpaddr3 + bne t0, t1, fail + csrw pmpaddr3, zero + + # Checking PMP ADDR 4 + li t0, 0xFACADE08 + csrw pmpaddr4, t0 + csrr t1, pmpaddr4 + bne t0, t1, fail + csrw pmpaddr4, zero + + # Checking PMP ADDR 5 + li t0, 0xFACADE0A + csrw pmpaddr5, t0 + csrr t1, pmpaddr5 + bne t0, t1, fail + csrw pmpaddr5, zero + + # Checking PMP ADDR 6 + li t0, 0xFACADE0C + csrw pmpaddr6, t0 + csrr t1, pmpaddr6 + bne t0, t1, fail + csrw pmpaddr6, zero + + # Checking PMP ADDR 7 + li t0, 0xFACADE0E + csrw pmpaddr7, t0 + csrr t1, pmpaddr7 + bne t0, t1, fail + csrw pmpaddr7, zero + + + # Write in configurations and check what is written, except for the reserved combinations with R=0 and W=1. + + # Checking PMP CFG 0 + li t0, 0x01030304 + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + csrw pmpcfg0, zero + + # Checking PMP CFG 1 + li t0, 0x04050507 + csrw pmpcfg1, t0 + csrr t1, pmpcfg1 + bne t0, t1, fail + csrw pmpcfg1, zero + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp/granularity_test.S b/verif/tests/custom/pmp/granularity_test.S new file mode 100644 index 000000000..e341d0c8a --- /dev/null +++ b/verif/tests/custom/pmp/granularity_test.S @@ -0,0 +1,44 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# granularity_test.S (TST01) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Configure PMP to find its granularity. + + # Write all zeroes in cfg0. + li t0, 0 + csrw pmpcfg0, t0 + + # Write all ones in addr0. + li t1, -1 + csrw pmpaddr0, t1 + + # Read the value back. + csrr t2, pmpaddr0 + + # Check for granularity 8 = 2^(1+2) <=> G = 1. + # As per: https://docs.openhwgroup.org/projects/cva6-user-manual/01_cva6_user/PMP.html + # Which states: The PMP grain is 2**G+2. Only a PMP granularity of 8 bytes (G=1) is supported in CVA6. + # And from the RISC-V Spec: G is the index of the least-significant bit set, the PMP granularity is 2^(G+2) bytes. + li t3, 0xFFFFFFFE + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp/locked_outside_napot_test.S b/verif/tests/custom/pmp/locked_outside_napot_test.S new file mode 100644 index 000000000..cc653b1cf --- /dev/null +++ b/verif/tests/custom/pmp/locked_outside_napot_test.S @@ -0,0 +1,45 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# locked_outside_napot_test.S (TST14-26, TST14-36) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Set up PMP using NAPOT, from 0x8000_0000 to 0xB000_0000. + li t2, 0x25ffffff + csrw pmpaddr0, t2 + + # Configure it with LOCK ON, Read-Write-Execute. + li t0, 0x0000009f + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + + # Check pmpaddr after switching to NAPOT (and lock) + csrr t0, pmpaddr0 + bne t0, t2, fail + + # Check a memory access succeeds when outside the LOCKED entry. + li t1, 0xB8000000 + li t2, 0xC0D1F1ED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp/locked_outside_tor_test.S b/verif/tests/custom/pmp/locked_outside_tor_test.S new file mode 100644 index 000000000..6db06b956 --- /dev/null +++ b/verif/tests/custom/pmp/locked_outside_tor_test.S @@ -0,0 +1,61 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# locked_outside_tor_test.S (TST16-26, TST16-36) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # From 0x0000_0000 to 0x0000_1000 only Execute. + li t0, 0x00000400 + csrw pmpaddr0, t0 + + # From 0x0000_1000 to 0x0001_0000 no Permissions. + li t0, 0x00004000 + csrw pmpaddr1, t0 + + # From 0x0001_0000 to 0x0002_0000 only Execute. + li t0, 0x00008000 + csrw pmpaddr2, t0 + + # From 0x0002_0000 to 0x8000_0000 no Permissions. + li t0, 0x20000000 + csrw pmpaddr3, t0 + + # From 0x8000_0000 to 0xB000_0000 Read-Write-Execute. + li t0, 0x2C000000 + csrw pmpaddr4, t0 + + # Configure the TOR areas with LOCK ON. + li t0, 0x888c888c + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + li t0, 0x0000008f + csrw pmpcfg1, t0 + csrr t1, pmpcfg1 + bne t0, t1, fail + + # Check a memory access succeeds when outside the LOCKED entry. + li t1, 0xB8000000 + li t2, 0xC0D1F1ED + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp/lsu_napot_test.S b/verif/tests/custom/pmp/lsu_napot_test.S new file mode 100644 index 000000000..9a7c97fb4 --- /dev/null +++ b/verif/tests/custom/pmp/lsu_napot_test.S @@ -0,0 +1,111 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# lsu_napot_test.S (TST14-11, TST14-21, TST14-31) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Configure PMP using NAPOT. + + # From 0x0000_0000 to 0x0000_1000 only Execute. + li t0, 0x000001ff + csrw pmpaddr0, t0 + + # From 0x0001_0000 to 0x0002_0000 only Execute. + li t0, 0x00005fff + csrw pmpaddr1, t0 + + # From 0x8000_0000 to 0xC000_0000 Read-Write-Execute. + li t0, 0x27ffffff + csrw pmpaddr2, t0 + + + # Addr 0-2 configs, written in cfg0, with LOCK OFF, and NAPOT. + li t0, 0x001f1c1c + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + + + # Do the READ-WRITE test. + + # Check 1 read-write test, at 0x8000_0000. + li t1, 0x80000000 + li t2, 0xEFFACED1 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 2 read-write test, at 0x9000_0000. + li t1, 0x90000000 + li t2, 0xACCEDED2 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 3 read-write test, at 0xA000_0000. + li t1, 0xA0000000 + li t2, 0xDEFACED3 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 4 read-write test, at 0xB000_0000. + li t1, 0xB0000000 + li t2, 0xDEC0DED4 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + + # Do the EXEC "RET" test. + + # Exec test 1, at 0x0000_0800. + li t0, 0x00000800 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 2, at 0x0001_8000. + li t0, 0x00018000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 3, at 0x9800_0000. + li t0, 0x98000000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 4, at 0xA800_0000. + li t0, 0xA8000000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/pmp/lsu_tor_test.S b/verif/tests/custom/pmp/lsu_tor_test.S new file mode 100644 index 000000000..7989e6623 --- /dev/null +++ b/verif/tests/custom/pmp/lsu_tor_test.S @@ -0,0 +1,125 @@ +# ------------------------------------------------------------------------------ +# Copyright 2024 Robert Bosch GmbH +# +# SPDX-License-Identifier: SHL-0.51 +# +# Original Author: Konstantinos LEVENTOS - Robert Bosch France SAS +# ------------------------------------------------------------------------------ +# lsu_tor_test.S (TST16-11, TST16-21, TST16-31) +# ------------------------------------------------------------------------------ + + .text + .globl main +main: + + # Configure PMP using TOR. + + # From 0x0000_0000 to 0x0000_1000 only Execute. + li t0, 0x00000400 + csrw pmpaddr0, t0 + + # From 0x0000_1000 to 0x0001_0000 no Permissions. + li t0, 0x00004000 + csrw pmpaddr1, t0 + + # From 0x0001_0000 to 0x0002_0000 only Execute. + li t0, 0x00008000 + csrw pmpaddr2, t0 + + # From 0x0002_0000 to 0x8000_0000 no Permissions. + li t0, 0x20000000 + csrw pmpaddr3, t0 + + # From 0x8000_0000 to 0xC000_0000 Read-Write-Execute. + li t0, 0x30000000 + csrw pmpaddr4, t0 + + + # Addr 0-3 configs, written in cfg0, with LOCK OFF, and TOR. + li t0, 0x080c080c + csrw pmpcfg0, t0 + csrr t1, pmpcfg0 + bne t0, t1, fail + + # Addr 4 config, written in cfg1, with LOCK OFF, and TOR. + li t0, 0x0000000f + csrw pmpcfg1, t0 + csrr t1, pmpcfg1 + bne t0, t1, fail + + + # Do the READ-WRITE test. + + # Check 1 read-write test, at 0x8000_0000. + li t1, 0x80000000 + li t2, 0xEFFACED1 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 2 read-write test, at 0x9000_0000. + li t1, 0x90000000 + li t2, 0xACCEDED2 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 3 read-write test, at 0xA000_0000. + li t1, 0xA0000000 + li t2, 0xDEFACED3 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + # Check 4 read-write test, at 0xB000_0000. + li t1, 0xB0000000 + li t2, 0xDEC0DED4 + sw t2, 0(t1) + lw t3, 0(t1) + bne t2, t3, fail + + + # Do the EXEC "RET" test. + + # Exec test 1, at 0x0000_0800. + li t0, 0xA0000800 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 2, at 0x0001_8000. + li t0, 0xB0018000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 3, at 0x9800_0000. + li t0, 0x98000000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + # Exec test 4, at 0xA800_0000. + li t0, 0xA8000000 + li t1, 0x8082 + sw t1, 0(t0) + lw t2, 0(t0) + bne t1, t2, fail + jalr t0 + + +pass: + # Success post-processing + li a0, 0x0; + jal exit; + +fail: + # Failure post-processing + li a0, 0x1; + jal exit; diff --git a/verif/tests/custom/zcmt/cm_jalt.S b/verif/tests/custom/zcmt/cm_jalt.S new file mode 100644 index 000000000..46e1ff79a --- /dev/null +++ b/verif/tests/custom/zcmt/cm_jalt.S @@ -0,0 +1,62 @@ +.globl _start +_start: + la t0, trap_handler + csrw mtvec, t0 + + la a1, target1 + la t0, __jvt_base$ + + sw a1, 128(t0) //cm.jalt entry start from index >=32 + + csrw jvt, t0 + + fence.i + # Perform jump using the index from JVT + cm.jalt 32 + + li t1, 1 + addi x20,x20, 9 + j write_tohost + + + + +exit: + j write_tohost + +write_tohost: + li x1, 1 + la t0, tohost + sw x1, 0(t0) + j write_tohost + + +# Jump Vector Table (JVT) Section +# Create a separate section for the JVT +.section .riscv.jvt, "ax" +.align 6 # Align the JVT on a 64-byte boundary (6 = 2^6 = 64) +__jvt_base$: + .word 0x80000054 + .word 0x80000800 + .word 0x80000802 + .word 0x80000804 + +# Target Addresses (Where cm.jalt will jump) +target0: + li x5, 99 + j write_tohost +target1: + li x2, 99 + j write_tohost + +target2: + addi x2,x20, 5 + j write_tohost + + +trap_handler: + j exit + + +.align 6; .global tohost; tohost: .dword 0; +.align 6; .global fromhost; fromhost: .dword 0; diff --git a/verif/tests/custom/zcmt/cm_jalt_long.S b/verif/tests/custom/zcmt/cm_jalt_long.S new file mode 100644 index 000000000..51f0e3f00 --- /dev/null +++ b/verif/tests/custom/zcmt/cm_jalt_long.S @@ -0,0 +1,59 @@ +.globl _start +_start: + la t0, trap_handler + csrw mtvec, t0 + + la a1, target1 + la t0, __jvt_base$ + + sw a1, 128(t0) //cm.jalt entry start from index >=32 + + csrw jvt, t0 + + fence.i + # Perform jump using the index from JVT + cm.jalt 32 + + li t1, 1 + addi x20,x20, 9 + j write_tohost + + +exit: + j write_tohost + +write_tohost: + li x1, 1 + la t0, tohost + sw x1, 0(t0) + j write_tohost + + +# Jump Vector Table (JVT) Section +# Create a separate section for the JVT +.section .riscv.jvt, "ax" +.align 6 # Align the JVT on a 64-byte boundary (6 = 2^6 = 64) +__jvt_base$: + .word 0x80000054 + .word 0x80000800 + .word 0x80000802 + .word 0x80000804 + +# Target Addresses (Where cm.jalt will jump) +.align 20 +target1: + li x2, 99 + lui t0, %hi(write_tohost) # Load upper 20 bits of target address into t0 + addi t0, t0, %lo(write_tohost) # Add the lower 12 bits to t0 + jalr x0, 0(t0) + + + +trap_handler: + lui t0, %hi(write_tohost) # Load upper 20 bits of target address into t0 + addi t0, t0, %lo(write_tohost) # Add the lower 12 bits to t0 + jalr x0, 0(t0) + + +.align 6; .global tohost; tohost: .dword 0; +.align 6; .global fromhost; fromhost: .dword 0; \ No newline at end of file diff --git a/verif/tests/custom/zcmt/cm_jalt_long_ret.S b/verif/tests/custom/zcmt/cm_jalt_long_ret.S new file mode 100644 index 000000000..7dfc6f0a4 --- /dev/null +++ b/verif/tests/custom/zcmt/cm_jalt_long_ret.S @@ -0,0 +1,57 @@ +.globl _start +_start: + la t0, trap_handler + csrw mtvec, t0 + + la a1, target1 + la t0, __jvt_base$ + + sw a1, 128(t0) //cm.jalt entry start from index >=32 + + csrw jvt, t0 + + fence.i + # Perform jump using the index from JVT + cm.jalt 32 + + li t1, 1 + addi x20,x20, 9 + j write_tohost + + +exit: + j write_tohost + +write_tohost: + li x1, 1 + la t0, tohost + sw x1, 0(t0) + j write_tohost + + +# Jump Vector Table (JVT) Section +# Create a separate section for the JVT +.section .riscv.jvt, "ax" +.align 6 # Align the JVT on a 64-byte boundary (6 = 2^6 = 64) +__jvt_base$: + .word 0x80000054 + .word 0x80000800 + .word 0x80000802 + .word 0x80000804 + +# Target Addresses (Where cm.jalt will jump) +.align 20 +target1: + li x2, 99 + ret + + + +trap_handler: + lui t0, %hi(write_tohost) # Load upper 20 bits of target address into t0 + addi t0, t0, %lo(write_tohost) # Add the lower 12 bits to t0 + jalr x0, 0(t0) + + +.align 6; .global tohost; tohost: .dword 0; +.align 6; .global fromhost; fromhost: .dword 0; \ No newline at end of file diff --git a/verif/tests/custom/zcmt/cm_jalt_ret.S b/verif/tests/custom/zcmt/cm_jalt_ret.S new file mode 100644 index 000000000..82eaf36cc --- /dev/null +++ b/verif/tests/custom/zcmt/cm_jalt_ret.S @@ -0,0 +1,62 @@ +.globl _start +_start: + la t0, trap_handler + csrw mtvec, t0 + + la a1, target1 + la t0, __jvt_base$ + + sw a1, 128(t0) //cm.jalt entry start from index >=32 + + csrw jvt, t0 + + fence.i + # Perform jump using the index from JVT + cm.jalt 32 + + li t1, 1 + addi x20,x20, 9 + j write_tohost + + + + +exit: + j write_tohost + +write_tohost: + li x1, 1 + la t0, tohost + sw x1, 0(t0) + j write_tohost + + +# Jump Vector Table (JVT) Section +# Create a separate section for the JVT +.section .riscv.jvt, "ax" +.align 6 # Align the JVT on a 64-byte boundary (6 = 2^6 = 64) +__jvt_base$: + .word 0x80000054 + .word 0x80000800 + .word 0x80000802 + .word 0x80000804 + +# Target Addresses (Where cm.jalt will jump) +target0: + li x5, 9 + j write_tohost +target1: + li x2, 99 + ret + +target2: + addi x2,x20, 5 + j write_tohost + + +trap_handler: + j exit + + +.align 6; .global tohost; tohost: .dword 0; +.align 6; .global fromhost; fromhost: .dword 0; diff --git a/verif/tests/custom/zcmt/cm_jt.S b/verif/tests/custom/zcmt/cm_jt.S new file mode 100644 index 000000000..b2dd88a49 --- /dev/null +++ b/verif/tests/custom/zcmt/cm_jt.S @@ -0,0 +1,58 @@ +.globl _start +_start: + la t0, trap_handler + csrw mtvec, t0 + + la a1, target1 + la t0, __jvt_base$ + + sw a1, 0(t0) + + csrw jvt, t0 + + fence.i + + cm.jt 0 # Perform jump using the index 0 from JVT + + addi x18,x18, 3 + j target2 + +exit: + j write_tohost + +write_tohost: + li x1, 1 + la t0, tohost + sw x1, 0(t0) + j write_tohost + + + +# Jump Vector Table (JVT) Section +# Create a separate section for the JVT +.section .riscv.jvt, "ax" +.align 6 # Align the JVT on a 64-byte boundary (6 = 2^6 = 64) +__jvt_base$: + .word 0x80000054 + .word 0x80000800 + .word 0x80000802 + .word 0x80000804 + +# Target Addresses (Where cm.jt will jump) +target0: + j write_tohost +target1: + addi x6,x0, 7 + j write_tohost + +target2: + addi x2,x20, 5 + j write_tohost + + +trap_handler: + j exit + + +.align 6; .global tohost; tohost: .dword 0; +.align 6; .global fromhost; fromhost: .dword 0; diff --git a/verif/tests/custom/zcmt/cm_jt_long.S b/verif/tests/custom/zcmt/cm_jt_long.S new file mode 100644 index 000000000..5020464ad --- /dev/null +++ b/verif/tests/custom/zcmt/cm_jt_long.S @@ -0,0 +1,52 @@ +.globl _start +_start: + la t0, trap_handler + csrw mtvec, t0 + + la a1, target1 + la t0, __jvt_base$ + + sw a1, 0(t0) + + csrw jvt, t0 + + fence.i + + cm.jt 0 # Perform jump using the index 0 from JVT + + addi x18,x18, 3 + +write_tohost: + li x1, 1 + la t0, tohost + sw x1, 0(t0) + j write_tohost + + + +# Jump Vector Table (JVT) Section +# Create a separate section for the JVT +.section .riscv.jvt, "ax" +.align 6 # Align the JVT on a 64-byte boundary (6 = 2^6 = 64) +__jvt_base$: + .word 0x80000054 + .word 0x80000800 + .word 0x80000802 + .word 0x80000804 + +# Target Addresses (Where cm.jt will jump) +.align 20 +target1: + addi x6,x0, 6 + la t0, write_tohost # Load upper 20 bits of target address into t0 + jalr x0, 0(t0) + + +trap_handler: + lui t0, %hi(write_tohost) # Load upper 20 bits of target address into t0 + addi t0, t0, %lo(write_tohost) # Add the lower 12 bits to t0 + jalr x0, 0(t0) + + +.align 6; .global tohost; tohost: .dword 0; +.align 6; .global fromhost; fromhost: .dword 0; diff --git a/verif/tests/custom/zcmt/jvt_csr.S b/verif/tests/custom/zcmt/jvt_csr.S new file mode 100644 index 000000000..4ccd3d9fd --- /dev/null +++ b/verif/tests/custom/zcmt/jvt_csr.S @@ -0,0 +1,51 @@ +.globl _start +_start: + la t0, trap_handler + csrw mtvec, t0 + la t0, __jvt_base$ + + csrw jvt, t0 + fence.i + csrr x7, jvt + + j exit + +exit: + j write_tohost + +write_tohost: + li x1, 1 + la t0, tohost + sw x1, 0(t0) + j write_tohost + + + +# Jump Vector Table (JVT) Section +# Create a separate section for the JVT +.section .riscv.jvt, "ax" +.align 6 # Align the JVT on a 64-byte boundary (6 = 2^6 = 64) +__jvt_base$: + .word 0x80000054 + .word 0x80000800 + .word 0x80000802 + .word 0x80000804 + +# Target Addresses (Where cm.jt will jump) +target0: + j write_tohost +target1: + addi x6,x0, 7 + j write_tohost + +target2: + addi x2,x20, 5 + j write_tohost + + +trap_handler: + j exit + + +.align 6; .global tohost; tohost: .dword 0; +.align 6; .global fromhost; fromhost: .dword 0; diff --git a/verif/tests/testlist_pmp-cv32a65x.yaml b/verif/tests/testlist_pmp-cv32a65x.yaml new file mode 100644 index 000000000..fa3da4cdd --- /dev/null +++ b/verif/tests/testlist_pmp-cv32a65x.yaml @@ -0,0 +1,77 @@ +# Copyright 2025 Thales CDI +# +# Licensed under the Solderpad Hardware Licence, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# SPDX-License-Identifier: Apache-2.0 WITH SHL-2.0 +# You may obtain a copy of the License at https:#solderpad.org/licenses/ +# +# Original Author: Valentin Thomazic (valentin.thomazic@thalesgroup.com) + +# ================================================================================ +# Regression test list format +# -------------------------------------------------------------------------------- +# testlist : Assembly test list +# test : Assembly test name +# description : Description of this test +# gen_opts : Instruction generator options +# iterations : Number of iterations of this test +# no_iss : Enable/disable ISS simulator (Optional) +# gen_test : Test name used by the instruction generator +# asm_tests : Path to directed, hand-coded assembly test file or directory +# rtl_test : RTL simulation test name +# cmp_opts : Compile options passed to the instruction generator +# sim_opts : Simulation options passed to the instruction generator +# no_post_compare : Enable/disable comparison of trace log and ISS log (Optional) +# compare_opts : Options for the RTL & ISS trace comparison +# gcc_opts : gcc compile options +# -------------------------------------------------------------------------------- + +common_test_config: &common_test_config + path_var: TESTS_PATH + gcc_opts: "-static -mcmodel=medany -fvisibility=hidden -nostdlib -nostartfiles ../tests/custom/common/syscalls.c ../tests/custom/common/crt.S -I../tests/custom/env -I../tests/custom/common -lgcc" + +testlist: + - test: decreasing_entries_test + <<: *common_test_config + iterations: 1 + asm_tests: /custom/pmp/decreasing_entries_test.S + + - test: defined_matches + <<: *common_test_config + iterations: 0 + asm_tests: /custom/pmp/defined_matches.S + + - test: double_entries_test + <<: *common_test_config + iterations: 0 + asm_tests: /custom/pmp/double_entries_test.S + + - test: exact_csrr_test + <<: *common_test_config + iterations: 1 + asm_tests: /custom/pmp/exact_csrr_test.S + + - test: granularity_test + <<: *common_test_config + iterations: 1 + asm_tests: /custom/pmp/granularity_test.S + + - test: locked_outside_napot_test + <<: *common_test_config + iterations: 0 + asm_tests: /custom/pmp/locked_outside_napot_test.S + + - test: locked_outside_tor_test + <<: *common_test_config + iterations: 1 + asm_tests: /custom/pmp/locked_outside_tor_test.S + + - test: lsu_napot_test + <<: *common_test_config + iterations: 0 + asm_tests: /custom/pmp/lsu_napot_test.S + + - test: lsu_tor_test + <<: *common_test_config + iterations: 1 + asm_tests: /custom/pmp/lsu_tor_test.S