added a bounds valid / malformed check method

Author: alexandrecapltd

CHERICC_Fat.bsv

@@ -507,6 +507,17 @@ function BoundsInfo#(CapAddrW) getBoundsInfoFat (CapFat cap, TempFields tf)
 
   Bool repSplit = alwaysRep ? False : ! unpack (reduceOr (addrUpperHi));
 
+  // compute valid / malformed bounds
+  //////////////////////////////////////////////////////////////////////////////
+
+  Bool malformedMSB =    ((exp == resetExp) && (baseBits != 0))
+                      || ((exp == resetExp - 1) && (msb(baseBits) != 0));
+  Bool malformedLSB = (exp > resetExp);
+  `ifdef CAP64
+  malformedLSB = malformedLSB || (exp == 0);
+  `endif
+  Bool malformed = (cap.format != Exp0) && (malformedMSB || malformedLSB);
+
   // return populated BoundsInfo structure
   //////////////////////////////////////////////////////////////////////////////
 
@@ -516,7 +527,8 @@ function BoundsInfo#(CapAddrW) getBoundsInfoFat (CapFat cap, TempFields tf)
                     , repBase: repBase
                     , repTop: repTop
                     , repLength: repLength
-                    , repSplit: repSplit };
+                    , repSplit: repSplit
+		    , malformed: malformed };
 endfunction
 
 function CapAddr getBotFat(CapFat cap, TempFields tf);
@@ -1269,6 +1281,7 @@ instance CHERICap #(CapMem, 0, 0, CapAddrW, CapW, TSub#(MW, 2));
 
   // capability architectural bounds queries
   //////////////////////////////////////////////////////////////////////////////
+  function areCapBoundsValid = error ("areCapBoundsValid not implemented for CapMem");
   function getBoundsInfo = error ("getBoundsInfo not implemented for CapMem");
   //function getBase = error ("getBase not implemented for CapMem");
   //function getTop = error ("getTop not implemented for CapMem");
@@ -1435,6 +1448,7 @@ instance CHERICap #(CapReg, 0, 0, CapAddrW, CapW, TSub#(MW, 2));
 
   // capability architectural bounds queries
   //////////////////////////////////////////////////////////////////////////////
+  function areCapBoundsValid = error ("areCapBoundsValid not implemented for CapReg");
   function getBoundsInfo = error ("getBoundsInfo not implemented for CapReg");
   //function getBase = error ("getBase not implemented for CapReg");
   //function getTop = error ("getTop not implemented for CapReg");
@@ -1575,6 +1589,8 @@ instance CHERICap #(CapPipe, 0, 0, CapAddrW, CapW, TSub#(MW, 2));
     return Exact { exact: result.v, value: cap };
   endfunction
 
+  function areCapBoundsValid (cap) = !getBoundsInfoFat(cap.capFat, cap.tempFields).malformed;
+
   function getBoundsInfo (cap) = getBoundsInfoFat (cap.capFat, cap.tempFields);
 
   function getBase (cap) = getBotFat(cap.capFat, cap.tempFields);

CHERICap.bsv

@@ -82,6 +82,7 @@ typedef struct {
   Bit #(TAdd #(addrW, 1)) repTop;
   Bit #(TAdd #(addrW, 1)) repLength;
   Bool repSplit;
+  Bool malformed;
 } BoundsInfo #(numeric type addrW) deriving (Bits, Eq, FShow);
 
 // helper types and functions
@@ -244,6 +245,8 @@ typeclass CHERICap #( type capT              // type of the CHERICap capability
   // getRepBase (cap) + getRepLength (cap) == getRepTop (cap)
   // isInBounds (cap) ==> isInRepBounds (cap)
 
+  // Return whether the Capability's bounds are valid or malformed
+  function Bool areCapBoundsValid (capT cap);
   // Get all architectural bound information for a capability
   function BoundsInfo #(addrW) getBoundsInfo (capT cap);
   // Get the base

CHERICapWrap.bsv

@@ -48,6 +48,8 @@ function Exact#(`CAPTYPE) capExactRet(Exact#(CapPipe) e_cap) =
 (* noinline *)
 function Bool `W(isValidCap) (`CAPTYPE cap) = isValidCap(cap);
 (* noinline *)
+function Bool `W(areCapBoundsValid) (`CAPTYPE cap) = areCapBoundsValid(capArg(cap));
+(* noinline *)
 function `CAPTYPE `W(setValidCap) (`CAPTYPE cap, Bool valid) = setValidCap(cap, valid);
 (* noinline *)
 function Bool `W(getIntMode) (`CAPTYPE cap) = getIntMode(cap);