diff --git a/riscv-server-platform-ts.pdf b/riscv-server-platform-ts.pdf index 8957429..73d89b1 100644 Binary files a/riscv-server-platform-ts.pdf and b/riscv-server-platform-ts.pdf differ diff --git a/riscv-server-platform.pdf b/riscv-server-platform.pdf index 7679749..b84175e 100644 Binary files a/riscv-server-platform.pdf and b/riscv-server-platform.pdf differ diff --git a/server_platform_requirements.adoc b/server_platform_requirements.adoc index d00861a..13655ad 100644 --- a/server_platform_requirements.adoc +++ b/server_platform_requirements.adoc @@ -12,13 +12,13 @@ in this section apply solely to harts in the application processors of the SoC. [%header, cols="5,25"] |=== | ID# ^| Requirement -| RVA_010 | The RISC-V application processor harts in the SoC MUST support the +| `RVA_010` | The RISC-V application processor harts in the SoC MUST support the RVA23 ISA profile cite:[RVA23]. 2+| _The next major release of the profiles is expected to be RVA24, which is still under construction. This specification should be updated to comply with the RVA24 profiles as the profile definition becomes more finalized._ -| RVA_020 a| The RISC-V application processor harts in the SoC MUST support the +| `RVA_020` a| The RISC-V application processor harts in the SoC MUST support the following extensions: * Sv48 @@ -40,7 +40,7 @@ in this section apply solely to harts in the application processors of the SoC. This requirement is placed here as a placeholder. These mandates may be moved into a new ISA profile specification._ -| RVA_030 | The ISA extensions and associated CSR field widths implemented by +| `RVA_030` | The ISA extensions and associated CSR field widths implemented by any of the RISC-V application processor harts in the SoC MUST be identical. 2+| _The RVA23 profile supports a set of optional extensions. The set of @@ -51,7 +51,7 @@ in this section apply solely to harts in the application processors of the SoC. identical. Having an identical ISA on all harts allows system software to migrate tasks among the harts without constraints._ -| RVA_040 | The RISC-V application processor harts in the SoC MAY support +| `RVA_040` | The RISC-V application processor harts in the SoC MAY support different power and performance characteristics but MUST be otherwise indistinguishable from each other from a software execution viewpoint. @@ -59,12 +59,12 @@ in this section apply solely to harts in the application processors of the SoC. viewpoint allows system software to migrate tasks among the harts without constraints._ -| RVA_050 a| The RISC-V application processor hart MUST support: +| `RVA_050` a| The RISC-V application processor hart MUST support: * Single stepping using the step bit in `dcsr` * Debug scratch register 0 (`dscratch0`) -| RVA_060 a| The RISC-V application processor hart MUST support: +| `RVA_060` a| The RISC-V application processor hart MUST support: * At least 4 instruction address match triggers. * At least 4 load/store address match triggers. @@ -76,7 +76,7 @@ in this section apply solely to harts in the application processors of the SoC. * Trigger filtering using `scontext`. * Trigger filtering using all ASID encodings supported by the hart. -| RVA_070 | The RISC-V application processor MUST support at least 6 hardware +| `RVA_070` | The RISC-V application processor MUST support at least 6 hardware performance counters defined by the Zihpm extension in addition to the three counters defined by Zicntr extension. |=== @@ -87,10 +87,10 @@ in this section apply solely to harts in the application processors of the SoC. [%header, cols="5,25"] |=== | ID# ^| Requirement -| HSOC_010 | The RISC-V SoC MUST comply to the Server SoC specification cite:[ServerSoC]. +| `HSOC_010` | The RISC-V SoC MUST comply to the Server SoC specification cite:[ServerSoC]. 2+| _The Server SoC specification is still under construction. This specification should be updated once the specification versioning info is finalized._ -| HSOC_020 | All peripherals that are intended for assignment to a VM or a user space device driver must be +| `HSOC_020` | All peripherals that are intended for assignment to a VM or a user space device driver must be PCIe devices or be compliant to rules for SoC-integrated PCIe devices (cite:[ServerSoC, Section 2.5.11). |=== @@ -100,25 +100,25 @@ PCIe devices or be compliant to rules for SoC-integrated PCIe devices (cite:[Ser [%header, cols="5,25"] |=== | ID# ^| Requirement -| HPER_010 | For remote-access and system engineering purposes, a fully 16550-compatible cite:[NS16550] UART MUST be implemented. -2+| _This is a stronger requirement than MNG_030 cite:[ServerSoC]. This specification does not provide guidance around how the UART is physically exposed, i.e. via RS232 signalling, USB, a BMC or other mechanism._ -| HPER_020 a| The implemented UART MUST support: +| `HPER_010` | For remote-access and system engineering purposes, a fully 16550-compatible cite:[NS16550] UART MUST be implemented. +2+| _This is a stronger requirement than the Server SoC `MNG_030` requirement cite:[ServerSoC]. This specification does not provide guidance around how the UART is physically exposed, i.e. via RS232 signalling, USB, a BMC or other mechanism._ +| `HPER_020` a| The implemented UART MUST support: * Interrupt-driven operation using a wired interrupt. * Flow control. * Support 115200 baud operation. -| HPER_030 | If a USB controller is implemented, it MUST comply to XHCI 1.2 or later cite:[XHCI]. -| HPER_040 a| Implemented XHCI controllers must: +| `HPER_030` | If a USB controller is implemented, it MUST comply to XHCI 1.2 or later cite:[XHCI]. +| `HPER_040` a| Implemented XHCI controllers must: * Support 64-bit addressing (AC64 = '1'). * Support a 4K PAGESIZE. -| HPER_050 | If a SATA controller is implemented, it must comply to AHCI 1.3.1 or later cite:[AHCI]. -| HPER_060 a| Implemented AHCI controllers must: +| `HPER_050` | If a SATA controller is implemented, it must comply to AHCI 1.3.1 or later cite:[AHCI]. +| `HPER_060` a| Implemented AHCI controllers must: * Support 64-bit addressing (S64A = '1'). -| HPER_070 | A battery-backed RTC or analogous timekeeping mechanism MUST be implemented. +| `HPER_070` | A battery-backed RTC or analogous timekeeping mechanism MUST be implemented. |=== == Server Platform Firmware Requirements @@ -127,10 +127,10 @@ PCIe devices or be compliant to rules for SoC-integrated PCIe devices (cite:[Ser [%header, cols="5,25"] |=== | ID# ^| Requirement -| FIRM_010 | The RISC-V SoC MUST comply to the BRS-I recipe described in the Boot and Runtime Service specification cite:[BRS]. +| `FIRM_010` | The RISC-V SoC MUST comply to the BRS-I recipe described in the Boot and Runtime Service specification cite:[BRS]. 2+| _The Boot and Runtime Services specification is still under construction. This specification should be updated once the specification versioning info is finalized._ -| FIRM_020 | MUST include the ability to boot from disk (block) and network (PXE, HTTP) devices. +| `FIRM_020` | MUST include the ability to boot from disk (block) and network (PXE, HTTP) devices. |=== == Server Platform Security Requirements @@ -143,12 +143,12 @@ TBD: it is expected the high-level RoT / boot flow requirements will come from t [%header, cols="5,25"] |=== | ID# ^| Requirement -| SEC_010 | MUST implement UEFI Secure Boot and Driver Signing (cite:[UEFI] Section 32) -| SEC_020 | MUST back the UEFI Authenticated Variables implementation with +| `SEC_010` | MUST implement UEFI Secure Boot and Driver Signing (cite:[UEFI] Section 32) +| `SEC_020` | MUST back the UEFI Authenticated Variables implementation with a mechanism that cannot be accessed or tampered by an unauthorized software or hardware agent. -| SEC_030 | MUST implement in-band firmare updates as per cite:[BRS]. -| SEC_040 | Firmware update payloads must be digitally signed. -| SEC_050 | Firmware update signatures need to be validated before being applied. -| SEC_060 | It should not be possible to bypass secure boot, authentication or digital signature failures. +| `SEC_030` | MUST implement in-band firmare updates as per cite:[BRS]. +| `SEC_040` | Firmware update payloads must be digitally signed. +| `SEC_050` | Firmware update signatures need to be validated before being applied. +| `SEC_060` | It should not be possible to bypass secure boot, authentication or digital signature failures. |=== diff --git a/server_platform_tests.adoc b/server_platform_tests.adoc index 3138aae..8191302 100644 --- a/server_platform_tests.adoc +++ b/server_platform_tests.adoc @@ -8,15 +8,15 @@ [%header, cols="8,25"] |=== | ID# ^| Algorithm -| ME_RVA_010_010 a| For each application processor hart: +| `ME_RVA_010_010` a| For each application processor hart: . Determine the ISA node in ACPI RHCT table for that hart. . Parse the ISA string in the ISA node and verify that all mandatory extensions are supported. . Verify that the ISA string matches that of hart 0. . Report the ISA string of hart 0 into the test output log. -| ME_RVA_020_010 | See T_RVA_010_010. -| ME_RVA_030_010 a| . The T_RVA_010_010 verifies that all ISA strings are +| `ME_RVA_020_010` | See `T_RVA_010_010`. +| `ME_RVA_030_010` a| . The `T_RVA_010_010` verifies that all ISA strings are identical. . For each ISA extension reported in the ISA string, if there are CSRs associated with that extension, then probe @@ -24,36 +24,36 @@ legal encodings on each application processor hart. The CSR field widths and legal encodings supported by each hart must match that of hart 0. -| ME_RVA_040_010 | See ME_RVA_030_010. -| ME_RVA_050_010 a| No test. -| MF_RVA_060_010 a| Install 4 instruction address match triggers using the debug +| `ME_RVA_040_010` | See `ME_RVA_030_010`. +| `ME_RVA_050_010` a| No test. +| `MF_RVA_060_010` a| Install 4 instruction address match triggers using the debug triggers SBI and verify that each trigger fires. -| MF_RVA_060_020 a| Install 4 load address match triggers using the debug +| `MF_RVA_060_020` a| Install 4 load address match triggers using the debug triggers SBI and verify that each trigger fires. -| MF_RVA_060_030 a| Install 4 store address match triggers using the debug +| `MF_RVA_060_030` a| Install 4 store address match triggers using the debug triggers SBI and verify that each trigger fires. -| MF_RVA_060_040 a| Install an `icount` trigger using the debug triggers SBI and +| `MF_RVA_060_040` a| Install an `icount` trigger using the debug triggers SBI and verify single-step. -| MF_RVA_060_050 a| . Install an interrupt trigger to match supervisor timer +| `MF_RVA_060_050` a| . Install an interrupt trigger to match supervisor timer interrupt using the debug triggers SBI. . Program a timer deadline in `stimecmp` . Verify that the trigger fires on reaching the programmed deadline. -| MF_RVA_060_060 a| . Install an exception trigger to match ECALL to S-mode +| `MF_RVA_060_060` a| . Install an exception trigger to match ECALL to S-mode exception using the debug triggers SBI. . Transition to U-mode and invoke an ECALL. . Verify that the trigger fires. -| MF_RVA_060_070 a| . Verify `hcontext` exists. - . Repeat MF_RVA_060_010 and MF_RVA_060_050 with a matching +| `MF_RVA_060_070` a| . Verify `hcontext` exists. + . Repeat `MF_RVA_060_010` and `MF_RVA_060_050` with a matching and non-matching `hcontext` value. -| ME_RVA_060_080 a| . Install and read-back triggers with VMID values between 0 +| `ME_RVA_060_080` a| . Install and read-back triggers with VMID values between 0 and `VMIDLEN`. -| MF_RVA_060_090 a| . Verify `scontext` exists. +| `MF_RVA_060_090` a| . Verify `scontext` exists. . Repeat MF_RVA_060_010 and MF_RVA_060_050 with a matching and non-matching `scontext` value. -| ME_RVA_060_100 a| . Install and read-back triggers with ASID values between 0 +| `ME_RVA_060_100` a| . Install and read-back triggers with ASID values between 0 and `ASIDLEN`. -| ME_RVA_070_010 a| . Request delegation of all HPM counters using the SBI. +| `ME_RVA_070_010` a| . Request delegation of all HPM counters using the SBI. . Verify at least 6 programmable HPM counter are implemented. . Verify that the `scountovf` CSR is implemented . Verify `cycles` and `instret` are writeable. @@ -69,8 +69,8 @@ [%header, cols="8,25"] |=== | ID# ^| Algorithm -| ME_HSOC_010_010 | The Server SoC tests must pass cite:[ServerSoCTest]. -| ME_HSOC_020_010 | _FIXME_. +| `ME_HSOC_010_010` | The Server SoC tests must pass cite:[ServerSoCTest]. +| `ME_HSOC_020_010` | _FIXME_. |=== <<< @@ -81,13 +81,13 @@ [%header, cols="8,25"] |=== | ID# ^| Algorithm -| ME_HPER_010_010 | _FIXME_. -| MF_HPER_020_010 | _FIXME_. -| MF_HPER_030_010 | _FIXME XHCI test validating register values_. -| MF_HPER_040_010 | _FIXME XHCI test validating register values_. -| MF_HPER_050_010 | _FIXME AHCI test validating register values_. -| MF_HPER_060_010 | _FIXME AHCI test validating register values_. -| MF_HPER_070_010 | _FIXME UEFI RT based test_. +| `ME_HPER_010_010` | _FIXME_. +| `MF_HPER_020_010` | _FIXME_. +| `MF_HPER_030_010` | _FIXME XHCI test validating register values_. +| `MF_HPER_040_010` | _FIXME XHCI test validating register values_. +| `MF_HPER_050_010` | _FIXME AHCI test validating register values_. +| `MF_HPER_060_010` | _FIXME AHCI test validating register values_. +| `MF_HPER_070_010` | _FIXME UEFI RT based test_. |=== <<< @@ -98,9 +98,9 @@ [%header, cols="8,25"] |=== | ID# ^| Algorithm -| ME_FIRM_010_010 | The BRS-I tests must pass cite:[BRSTest]. -| ME_FIRM_020_010 | _FIXME presence tests for block / FS protocols_ -| ME_FIRM_020_020 | _FIXME presence tests for network protocols_ +| `ME_FIRM_010_010` | The BRS-I tests must pass cite:[BRSTest]. +| `ME_FIRM_020_010` | _FIXME presence tests for block / FS protocols_ +| `ME_FIRM_020_020` | _FIXME presence tests for network protocols_ |=== <<< @@ -111,12 +111,12 @@ [%header, cols="8,25"] |=== | ID# ^| Algorithm -| ME_SEC_010_010 | _FIXME_ -| ME_SEC_020_010 | _FIXME_ -| ME_SEC_030_010 | _FIXME_ -| ME_SEC_040_010 | _FIXME_ -| ME_SEC_050_010 | _FIXME_ -| ME_SEC_060_010 | _FIXME_ +| `ME_SEC_010_010` | _FIXME_ +| `ME_SEC_020_010` | _FIXME_ +| `ME_SEC_030_010` | _FIXME_ +| `ME_SEC_040_010` | _FIXME_ +| `ME_SEC_050_010` | _FIXME_ +| `ME_SEC_060_010` | _FIXME_ |=== <<<