From 9ec5c75d5e6b51100ab60f6cefbe8bff9cdbdfd3 Mon Sep 17 00:00:00 2001
From: Robert Norton <robert.norton@microsoft.com>
Date: Thu, 6 Apr 2023 17:40:47 +0100
Subject: [PATCH] Fix another broken match statement.

A quick audit found a similar problem to the one fixed previously (see
 #5 and #6).  This allowed executable capabilities to be sealed with
any otype, not just 1-7. The result would be sealed with the low three
bits of the sealing capability's address.  Rather than using pattern
guards as for the previous fix I used integer literals as this is
easier to read and this code appears in the architecture document.
---
 src/cheri_insts.sail | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/cheri_insts.sail b/src/cheri_insts.sail
index b90b128..b2b4dea 100644
--- a/src/cheri_insts.sail
+++ b/src/cheri_insts.sail
@@ -676,9 +676,9 @@ function clause execute (CSeal(cd, cs1, cs2)) = {
     if cs1_val.permit_execute then
       match (cs2_addr) {
         /* 0 is unsealed */
-        otype_sentry => true,
-        otype_sentry_id => true,
-        otype_sentry_ie => true,
+        1 => true, /* otype_sentry */
+        2 => true, /* otype_sentry_id */
+        3 => true, /* otype_sentry_ie */
         /* 4 and 5 are reserved */
         6 => true,
         7 => true,