Pre-release revision

[Mingkai-Li]

• TransCapstone renamed as Capstone-RISC-V, remove support for Pure Capstone
• Full revision of implemention to find logic bugs, e.g., RC update missing
• Add essential documentation
• Debug instructions

[Mingkai-Li]

• Fix inappropriate assumption about the content in a sealed capability, see this PR in the spec.

[Mingkai-Li]

normal_sp is a special one among all the added registers in Capstone-RISC-V. It's neither a CSR nor a CCSR (hence a shadow register), and it's the only shadow register that can potentially contain a capability. For CCSRs, linearity and reference count update are strict. However, for normal_sp, it's reachable only by CAPENTER in the normal world, or CAPEXIT/exception/ineterrupt in the secure world. In other words, it's write-only in normal world, and read-only in secure world. Therefore, linearity and reference count update is ignored for a capability currently in normal_sp.

[Mingkai-Li]

For any store operation, both the memory tag and the reference count (if the memory contains a capability) of the CLEN-bit aligned memory location should be updated accordingly. Also, for existing RISC-V instructions in the normal world, it's worth attention that these updates should be based on the physical address after the MMU translation, instead of the virtual address.

[Mingkai-Li]

• RC update for in a store operation using virtual address

[Mingkai-Li]

Assumptions in the current implementation of Spike:

• All 128-bit memory access (except for floating point) will access a capability.
• RISC-V store operations are required to be aligned to the size of the accessed data.
• Pages are required to be aligned to the size of the page regarding both virtual memory and physical memory.