clarify determination of yLPE on trap return (#1610)

riscv · Aug 23, 2024 · 2eac83e · 2eac83e
1 parent a43be61
commit 2eac83e
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 17 deletions.
diff --git a/src/priv-cfi.adoc b/src/priv-cfi.adoc
@@ -13,7 +13,7 @@ details on these CFI capabilities and the associated Unprivileged ISA.
 
 This section specifies the Privileged ISA for the Zicfilp extension.
 
-[[FCIFIACT]]
+[[FCFIACT]]
 ==== Landing-Pad-Enabled (LPE) State
 
 The term `xLPE` is used to determine if forward-edge CFI using landing pads
@@ -88,23 +88,19 @@ When a trap is taken into privilege mode `x`, the `__x__PELP` is set to `ELP`
 and `ELP` is set to `NO_LP_EXPECTED`.
 
 An `MRET` or `SRET` instruction is used to return from a trap in M-mode or
-S-mode, respectively. When executing an `__x__RET` instruction, if `__x__PP`
-holds the value `y`, then `ELP` is set to the value of `__x__PELP` if `__y__LPE`
-is 1; otherwise, it is set to `NO_LP_EXPECTED`; `__x__PELP` is set to
-`NO_LP_EXPECTED`.
+S-mode, respectively. When executing an `__x__RET` instruction, if the new
+privilege mode is `y`, then `ELP` is set to the value of `__x__PELP` if
+`__y__LPE` (see <<FCFIACT>>) is 1; otherwise, it is set to `NO_LP_EXPECTED`;
+`__x__PELP` is set to `NO_LP_EXPECTED`.
 
 Upon entry into Debug Mode, the `pelp` bit in `dcsr` is updated with the `ELP`
 at the privilege level the hart was previously in, and the `ELP` is set to
-`NO_LP_EXPECTED`. When a hart resumes from Debug Mode, if `dcsr.prv` holds the
-value `y`, then `ELP` is set to the value of `pelp` if `__y__LPE` is 1;
-otherwise, it is set to `NO_LP_EXPECTED`.
-
-When the Smrnmi extension is implemented, a `MNPELP` field (bit 9)
-is provided in the `mnstatus` CSR to hold the previous `ELP` state on a trap to
-the RNMI handler. When a RNMI trap is delivered, the `MNPELP` is set to `ELP`
-and `ELP` set to `NO_LP_EXPECTED`. Upon a `MNRET`, if the `mnstatus.MNPP` holds
-the value `y`, then `ELP` is set to the value of `MNPELP` if `yLPE` is 1;
-otherwise, it is set to `NO_LP_EXPECTED`.
+`NO_LP_EXPECTED`. When a hart resumes from Debug Mode, if the new privilege mode
+is `y`, then `ELP` is set to the value of `pelp` if `__y__LPE` (see <<FCFIACT>>)
+is 1; otherwise, it is set to `NO_LP_EXPECTED`.
+
+See also <<rnmi>> for semantics added to the RNMI trap and the MNRET instruction
+when this extension is implemented.
 
 [NOTE]
 ====

diff --git a/src/rnmi.adoc b/src/rnmi.adoc
@@ -138,8 +138,8 @@ MNRET is an M-mode-only instruction that uses the values in `mnepc` and
 `mnstatus` to return to the program counter, privilege mode, and
 virtualization mode of the interrupted context. This instruction also
 sets `mnstatus`.NMIE. If MNRET changes the privilege mode to a mode less privileged than M, it also sets `mstatus`.MPRV to 0.
-If the Zicfilp extension is implemented, then if `mnstatus`.MNPP holds the
-value __y__, MNRET sets `ELP` to the logical AND of __y__LPE and `mnstatus`.MNPELP.
+If the Zicfilp extension is implemented, then if the new privileged mode
+is __y__, MNRET sets `ELP` to the logical AND of __y__LPE (see <<FCFIACT>>) and `mnstatus`.MNPELP.
 
 === RNMI Operation