riscv · ved-rivos · Feb 19, 2024 · Feb 29, 2024 · Feb 29, 2024 · Feb 18, 2024
diff --git a/bibliography.adoc b/bibliography.adoc
@@ -1,17 +1,4 @@
 [bibliography]
 == Bibliography
 
-* [[[R1,1]]] The RISC-V Instruction Set Manual Volume II: Privileged
-Architecture Document Version 20211203
-(https://drive.google.com/file/d/1EMip5dZlnypTk7pt4WWUKmtjUKTOkBqh/view[link])
-
-* [[[R2,2]]] Common Terminology for Confidential Computing - Whitepaper,
-Accessed July 10, 2023
-(https://confidentialcomputing.io/wp-content/uploads/sites/10/2023/03/Common-Terminology-for-Confidential-Computing.pdf[link])
-
-* [[[R3,3]]] RISC-V Advanced Interrupt Architecture 1.0
-(https://github.com/riscv/riscv-aia/releases/download/1.0/riscv-interrupts-1.0.pdf[link])
-
-* [[[R4,4]]] RISC-V Confidential VM Extension (CoVE) - Draft specification
-(https://github.com/riscv-non-isa/riscv-ap-tee/blob/main/specification/riscv-cove.pdf[link])
-
+bibliography::[]
diff --git a/chapter2.adoc b/chapter2.adoc
@@ -81,7 +81,7 @@ per the use case requirements (see <<mtt-lookup>>).
 
 [caption="Figure {counter:image}: ", reftext="Figure {image}"]
 [title= "MTT lookup for Supervisor Domain Access", id=mtt-lookup]
-image::fig2.png[]
+image::images/fig2.png[]
 
 The MTT checker is a functional block that looks up the MTT using the physical
 address of the access as an index to retrieve the access permissions for the
@@ -151,7 +151,7 @@ during the transition between domain assignment settings. This
 transitory state should not be visible to lower privilege levels (i.e.
 supervisor domains). There are also security aspects to be considered during
 (re)configuration, e.g., clearing memory used by the current SD before
-assigning it to another SD. Refer to the RISC-V CoVE <<R4>> ABI and threat
+assigning it to another SD. Refer to the RISC-V CoVE cite:[CoVE] ABI and threat
 model as a reference.
 
 A hart/device may perform accesses to memory exclusively accessible to it's

diff --git a/chapter3.adoc b/chapter3.adoc
@@ -148,7 +148,8 @@ their respective sections in this specification.
 ....
 {reg: [
   {bits:  6, name: 'SDICN'},
-  {bits: 25, name: 'WPRI'},
+  {bits:  1, name: 'WPRI'},
   {bits:  1, name: 'SDEDBGALW'},
+  {bits: 25, name: 'WPRI'},
 ], config:{lanes: 4, hspace:1024}}
 ....
diff --git a/chapter4.adoc b/chapter4.adoc
@@ -16,7 +16,7 @@ be sparsely populated.
 
 [caption="Figure {counter:image}: ", reftext="Figure {image}"]
 [title= "`MTT` Structures (overview)", id=mtt-map-rw]
-image::fig3.png[]
+image::images/fig3.png[]
 
 The following MTT L2/L3 entries accomodate a 56 bit PAW.
 
@@ -133,7 +133,7 @@ permission (1 bit) to allow for efficient caching.
 
 [caption="Figure {counter:image}: ", reftext="Figure {image}"]
 [title= "MTT Structures (overview)", id=mtt-map]
-image::fig4.png[]
+image::images/fig4.png[]
 
 [caption="Figure {counter:image}: ", reftext="Figure {image}"]
 [title="`MTTL3` entry"]

diff --git a/chapter6.adoc b/chapter6.adoc
@@ -10,7 +10,7 @@ and protection for DMA that originates from devices under its control.
 
 To uphold isolation properties, the DMA from the devices and the IOMMU
 linked with a supervisor domain must adhere strictly to the access protections
-encoded in the MTT of the respective supervisor domain. Additionally, Using the
+encoded in the MTT of the respective supervisor domain. Additionally, using the
 MTT, the RDSM enforces that the IOMMU memory-mapped programming regions are
 access-restricted to the supervisor domain the IOMMU is assigned to.
 
@@ -51,7 +51,7 @@ represented in the diagram <<fig:IOMTTCHK>>.
 
 [caption="Figure {counter:image}: ", reftext="Figure {image}"]
 [title= "I/O MTT checker placement", id=io-mtt-checker]
-image::IOMTTCHK.png[width=800]
+image::images/IOMTTCHK.png[width=800]
 [[fig:IOMTTCHK]]
 
 The IO Bridge invokes the SDCL function using the SDID request interface (SDR)
@@ -180,7 +180,7 @@ are supported.
 
 The `control` register is used to control classification of DMA requests using
 the identifiers associated with the DMA requests to determine the associated
-supervisor domain ID (`SDID`) and the MTT pointer (`MTTP).
+supervisor domain ID (`SDID`) and the MTT pointer (`MTTP`).
 
 [caption="Register {counter:rimage}: ", reftext="Register {rimage}", title="Control register (`control`)"]
 [wavedrom, , ]
@@ -307,8 +307,9 @@ operations requested through `control.OP`.
   {bits:  2, name: 'SRC_IDM (WARL)'},
   {bits:  2, name: 'TEE_FLT (WARL)'},
   {bits: 24, name: 'SRC_ID'},
-  {bits: 16, name: 'IOMMU_ID (WARL)'},
-  {bits: 16, name: 'SDID (WARL)'}
+  {bits:  8, name: 'IOMMU_ID (WARL)'},
+  {bits:  8, name: 'SDID (WARL)'},
+  {bits: 16, name: 'WPRI'}
 ], config:{lanes: 8, hspace:1024}}
 ....
 

diff --git a/chapter8.adoc b/chapter8.adoc
@@ -3,14 +3,14 @@
 == `Smsdedbg`: Supervisor Domain External Debug
 
 The <<MSDCFG>> CSR contains the `sdedbgalw` bit that controls whether the
-current scheduled SD is allowed to be external-debugged. This bit is context
-switched (along with rest of the `msdcfg`) per SD.
+current scheduled SD is allowed to be external-debugged cite:[ExtDbg]. This bit
+is context switched (along with rest of the `msdcfg`) per SD.
 
 === `Smsdedbg` interaction with external debug security controls (Informative)
 
 [caption="Figure {counter:image}: ", reftext="Figure {image}"]
 [title= "External Debug for Supervisor Domain", id=Smsdedbg_img]
-image::Smsdedbg.png[]
+image::images/Smsdedbg.png[]
 
 This section will be moved into the non-ISA specification for external debug
 security. It is described here as informational.