From b9ad424d333a7aa6855bc5c8c237230a9078b98e Mon Sep 17 00:00:00 2001 From: Nathaniel Wesley Filardo Date: Wed, 13 Nov 2024 02:08:21 +0000 Subject: [PATCH 1/2] Workaround sail typechecker slowdown See https://github.com/rems-project/sail/issues/771 --- src/cheri_cap_common.sail | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/cheri_cap_common.sail b/src/cheri_cap_common.sail index 104b881..8e59c4f 100644 --- a/src/cheri_cap_common.sail +++ b/src/cheri_cap_common.sail @@ -765,7 +765,8 @@ function capToString (cap) = { ^ (if cap.access_system_regs then "a " else "- ") ^ (if cap.permit_seal then "S" else "-") ^ (if cap.permit_unseal then "U" else "-") - ^ (if cap.perm_user0 then "0)" else "-)") + ^ (if cap.perm_user0 then "0" else "-") + ^ ")" } /*! From 4b0279ee35a42ddcefd774087c3e04aaa8e15bfd Mon Sep 17 00:00:00 2001 From: Nathaniel Wesley Filardo Date: Tue, 12 Nov 2024 21:47:52 +0000 Subject: [PATCH 2/2] Abort if trapping with untagged MTCC This is not going to go well: we'll install an untagged quantity in PCC and immediately trap again, doing the same thing forever. Just bail with a not-implemented error. That's not the cleanest thing in the world, but it's what's readily available at the moment. --- src/cheri_addr_checks.sail | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/src/cheri_addr_checks.sail b/src/cheri_addr_checks.sail index c48fec8..7212a33 100644 --- a/src/cheri_addr_checks.sail +++ b/src/cheri_addr_checks.sail @@ -114,7 +114,22 @@ function ext_fetch_check_pc(start_pc, pc) = { then { /* We need to perform the permission checks only for the first granule. */ if not(PCC.tag) - then Ext_FetchAddr_Error(CapEx_TagViolation) + then { + if MTCC.tag + then Ext_FetchAddr_Error(CapEx_TagViolation) + else { + /* + * We're going to infinite loop, installing an untagged MTCC to PCC + * and coming right back here. Much better to just stop now. + * + * TODO: We'd rather go through the HTIF exit path, but the HTIF + * registers are not available to us at this point in the code, and + * changing that would require changes in the upstream submodule. + * Something to consider when we're rebasing against Zcheripurecap. + */ + not_implemented ("Untagged PCC and MTCC infinite loops; stopping now") + } + } else if isCapSealed(PCC) then internal_error(__FILE__, __LINE__, "PCC should never be sealed") else if not(PCC.permit_execute)