|
<< Click to Display Table of Contents >> Navigation: ASA-EMulatR Reference Guide > Introduction > Architecture Overview > Chapter 11 - Architectural Invariants > 11.5 Privilege and PAL Invariants |
Execution is either PAL or non-PAL. There is no intermediate privilege state. Privilege cannot be escalated incrementally.
Enforced by: PC bit 0 = 1 indicates PAL mode, instruction decode checks PAL mode flag, privileged instructions (HW_MFPR, HW_MTPR, HW_LD, HW_ST, HW_REI) fault with OPCDEC outside PAL.
CALL_PAL is the only entry into PAL mode. HW_REI is the only exit from PAL mode. Any other path is illegal and must fault.
Enforced by: PalBoxBase::enterPal() is the sole PAL entry function (sets PC|0x1, IPL=7, CM=KERNEL), AlphaCPU::executeREI() is the sole PAL exit function (restoreContext(), pipeline flush).
PAL entry captures full architectural state (via saveContext()). HW_REI restores full architectural state (via restoreContext()). No partial restoration is permitted. No PAL state leaks into non-PAL execution.
Enforced by: full vector copy of integer registers, FP registers, PS, IPL, PC in both saveContext() and restoreContext(). Shadow registers active only during PAL mode.
See Also: Chapter 8 - PAL and Privileged Boundary.