Skip to content

Commit

Permalink
[csrng] Add per-instance internal state read enable
Browse files Browse the repository at this point in the history 
Previously, the design featured a single read enable switch plus an OTP
fuse controlling read access for all three CTR_DRBG instances. This is
non-ideal as firmware may want to perform known-answer testing of
individual instances after enabling and then lock down instances
individually.

This commit thus adds a per-instance internal state read enable on top
of the previously implemented mechanisms. After enabling, the internal
state of all instances can be read and firmware can disable read access
on a per-instance basis. Once firmware is done with the known-answer
testing, it can lock the per-instance internal state read enable
settings until the next reset.

This resolves lowRISC#21141.

Signed-off-by: Pirmin Vogel <[email protected]>
  • Loading branch information
@vogelpi @AlexJones0
vogelpi authored and AlexJones0 committed Jul 8, 2024
1 parent ef421b8 commit fb67c57
Show file tree
Hide file tree
Showing 7 changed files with 302 additions and 98 deletions.
36 changes: 36 additions & 0 deletions hw/ip/csrng/data/csrng.hjson
View file
Original file line number Diff line number Diff line change
Expand Up @@ -303,6 +303,7 @@
Setting this field to kMultiBitBool4True will enable reading from the !!INT_STATE_VAL register.
Reading the internal state of the enable instances will be enabled
only if the otp_en_csrng_sw_app_read input vector is set to the enable encoding.
Also, the !!INT_STATE_READ_ENABLE bit of the selected instance needs to be set to true for this to work.
'''
resval: false
},
Expand Down Expand Up @@ -497,6 +498,40 @@
}
]
},
{
name: "INT_STATE_READ_ENABLE",
desc: "Internal state read enable register",
swaccess: "rw",
hwaccess: "hro",
regwen: "INT_STATE_READ_ENABLE_REGWEN",
fields: [
{ bits: "2:0",
name: "INT_STATE_READ_ENABLE",
desc: '''
Per-instance internal state read enable.
Defines whether the internal state of the corresponding instance is readable via !!INT_STATE_VAL.
Note that for !!INT_STATE_VAL to provide read access to the internal state, also !!CTRL.READ_INT_STATE needs to be set to `kMultiBitBool4True`.
In addition, the otp_en_csrng_sw_app_read input needs to be set to `kMultiBitBool8True`.
'''
resval: 0x7
}
]
},
{
name: "INT_STATE_READ_ENABLE_REGWEN",
desc: "Internal state read enable REGWEN register",
swaccess: "rw0c",
hwaccess: "none",
fields: [
{ bits: "0",
desc: '''
INT_STATE_READ_ENABLE register configuration enable bit.
If this is cleared to 0, the INT_STATE_READ_ENABLE register cannot be written anymore.
'''
resval: 1,
}
]
},
{ name: "INT_STATE_NUM",
desc: "Internal state number register",
swaccess: "rw",
Expand Down Expand Up @@ -539,6 +574,7 @@
another internal state field can be read.
Note that for !!INT_STATE_VAL to provide read access to the internal state, also !!CTRL.READ_INT_STATE needs to be set to `kMultiBitBool4True`.
In addition, the otp_en_csrng_sw_app_read input needs to be set to `kMultiBitBool8True`.
Also, the !!INT_STATE_READ_ENABLE bit of the selected instance needs to be set to true for this to work.
Otherwise, the register reads as 0.
'''
}
Expand Down
141 changes: 102 additions & 39 deletions hw/ip/csrng/doc/registers.md
View file

Large diffs are not rendered by default.

4 changes: 4 additions & 0 deletions hw/ip/csrng/dv/env/csrng_scoreboard.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -341,6 +341,10 @@ class csrng_scoreboard extends cip_base_scoreboard #(
end
end
end
"int_state_read_enable": begin
end
"int_state_read_enable_regwen": begin
end
"int_state_num": begin
end
"int_state_val": begin
Expand Down
4 changes: 3 additions & 1 deletion hw/ip/csrng/rtl/csrng_core.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -340,6 +340,7 @@ module csrng_core import csrng_pkg::*; #(
logic state_db_reg_rd_id_pulse;
logic [StateId-1:0] state_db_reg_rd_id;
logic [31:0] state_db_reg_rd_val;
logic [NApps-1:0] int_state_read_enable;

logic [30:0] err_code_test_bit;
logic ctr_drbg_upd_es_ack;
Expand Down Expand Up @@ -1226,7 +1227,7 @@ module csrng_core import csrng_pkg::*; #(
assign state_db_reg_rd_id_pulse = reg2hw.int_state_num.qe;
assign hw2reg.int_state_val.d = state_db_reg_rd_val;
assign state_db_is_dump_en = cs_enable_fo[40] && read_int_state && efuse_sw_app_enable[1];

assign int_state_read_enable = reg2hw.int_state_read_enable.q;

csrng_state_db #(
.NApps(NApps),
Expand Down Expand Up @@ -1264,6 +1265,7 @@ module csrng_core import csrng_pkg::*; #(
.state_db_sts_ack_o(state_db_sts_ack),
.state_db_sts_sts_o(state_db_sts_sts),
.state_db_sts_id_o(state_db_sts_id),
.int_state_read_enable_i(int_state_read_enable),

.reseed_counter_o(reseed_counter)
);
Expand Down
61 changes: 36 additions & 25 deletions hw/ip/csrng/rtl/csrng_reg_pkg.sv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,10 @@ package csrng_reg_pkg;
logic re;
} csrng_reg2hw_genbits_reg_t;

typedef struct packed {
logic [2:0] q;
} csrng_reg2hw_int_state_read_enable_reg_t;

typedef struct packed {
logic [3:0] q;
logic qe;
Expand Down Expand Up @@ -339,14 +343,15 @@ package csrng_reg_pkg;

// Register -> HW type
typedef struct packed {
csrng_reg2hw_intr_state_reg_t intr_state; // [181:178]
csrng_reg2hw_intr_enable_reg_t intr_enable; // [177:174]
csrng_reg2hw_intr_test_reg_t intr_test; // [173:166]
csrng_reg2hw_alert_test_reg_t alert_test; // [165:162]
csrng_reg2hw_ctrl_reg_t ctrl; // [161:146]
csrng_reg2hw_cmd_req_reg_t cmd_req; // [145:113]
csrng_reg2hw_reseed_interval_reg_t reseed_interval; // [112:80]
csrng_reg2hw_genbits_reg_t genbits; // [79:47]
csrng_reg2hw_intr_state_reg_t intr_state; // [184:181]
csrng_reg2hw_intr_enable_reg_t intr_enable; // [180:177]
csrng_reg2hw_intr_test_reg_t intr_test; // [176:169]
csrng_reg2hw_alert_test_reg_t alert_test; // [168:165]
csrng_reg2hw_ctrl_reg_t ctrl; // [164:149]
csrng_reg2hw_cmd_req_reg_t cmd_req; // [148:116]
csrng_reg2hw_reseed_interval_reg_t reseed_interval; // [115:83]
csrng_reg2hw_genbits_reg_t genbits; // [82:50]
csrng_reg2hw_int_state_read_enable_reg_t int_state_read_enable; // [49:47]
csrng_reg2hw_int_state_num_reg_t int_state_num; // [46:42]
csrng_reg2hw_int_state_val_reg_t int_state_val; // [41:9]
csrng_reg2hw_fips_force_reg_t fips_force; // [8:6]
Expand Down Expand Up @@ -382,14 +387,16 @@ package csrng_reg_pkg;
parameter logic [BlockAw-1:0] CSRNG_SW_CMD_STS_OFFSET = 7'h 2c;
parameter logic [BlockAw-1:0] CSRNG_GENBITS_VLD_OFFSET = 7'h 30;
parameter logic [BlockAw-1:0] CSRNG_GENBITS_OFFSET = 7'h 34;
parameter logic [BlockAw-1:0] CSRNG_INT_STATE_NUM_OFFSET = 7'h 38;
parameter logic [BlockAw-1:0] CSRNG_INT_STATE_VAL_OFFSET = 7'h 3c;
parameter logic [BlockAw-1:0] CSRNG_FIPS_FORCE_OFFSET = 7'h 40;
parameter logic [BlockAw-1:0] CSRNG_HW_EXC_STS_OFFSET = 7'h 44;
parameter logic [BlockAw-1:0] CSRNG_RECOV_ALERT_STS_OFFSET = 7'h 48;
parameter logic [BlockAw-1:0] CSRNG_ERR_CODE_OFFSET = 7'h 4c;
parameter logic [BlockAw-1:0] CSRNG_ERR_CODE_TEST_OFFSET = 7'h 50;
parameter logic [BlockAw-1:0] CSRNG_MAIN_SM_STATE_OFFSET = 7'h 54;
parameter logic [BlockAw-1:0] CSRNG_INT_STATE_READ_ENABLE_OFFSET = 7'h 38;
parameter logic [BlockAw-1:0] CSRNG_INT_STATE_READ_ENABLE_REGWEN_OFFSET = 7'h 3c;
parameter logic [BlockAw-1:0] CSRNG_INT_STATE_NUM_OFFSET = 7'h 40;
parameter logic [BlockAw-1:0] CSRNG_INT_STATE_VAL_OFFSET = 7'h 44;
parameter logic [BlockAw-1:0] CSRNG_FIPS_FORCE_OFFSET = 7'h 48;
parameter logic [BlockAw-1:0] CSRNG_HW_EXC_STS_OFFSET = 7'h 4c;
parameter logic [BlockAw-1:0] CSRNG_RECOV_ALERT_STS_OFFSET = 7'h 50;
parameter logic [BlockAw-1:0] CSRNG_ERR_CODE_OFFSET = 7'h 54;
parameter logic [BlockAw-1:0] CSRNG_ERR_CODE_TEST_OFFSET = 7'h 58;
parameter logic [BlockAw-1:0] CSRNG_MAIN_SM_STATE_OFFSET = 7'h 5c;

// Reset values for hwext registers and their fields
parameter logic [3:0] CSRNG_INTR_TEST_RESVAL = 4'h 0;
Expand Down Expand Up @@ -426,6 +433,8 @@ package csrng_reg_pkg;
CSRNG_SW_CMD_STS,
CSRNG_GENBITS_VLD,
CSRNG_GENBITS,
CSRNG_INT_STATE_READ_ENABLE,
CSRNG_INT_STATE_READ_ENABLE_REGWEN,
CSRNG_INT_STATE_NUM,
CSRNG_INT_STATE_VAL,
CSRNG_FIPS_FORCE,
Expand All @@ -437,7 +446,7 @@ package csrng_reg_pkg;
} csrng_id_e;

// Register width information to check illegal writes
parameter logic [3:0] CSRNG_PERMIT [22] = '{
parameter logic [3:0] CSRNG_PERMIT [24] = '{
4'b 0001, // index[ 0] CSRNG_INTR_STATE
4'b 0001, // index[ 1] CSRNG_INTR_ENABLE
4'b 0001, // index[ 2] CSRNG_INTR_TEST
Expand All @@ -452,14 +461,16 @@ package csrng_reg_pkg;
4'b 0001, // index[11] CSRNG_SW_CMD_STS
4'b 0001, // index[12] CSRNG_GENBITS_VLD
4'b 1111, // index[13] CSRNG_GENBITS
4'b 0001, // index[14] CSRNG_INT_STATE_NUM
4'b 1111, // index[15] CSRNG_INT_STATE_VAL
4'b 0001, // index[16] CSRNG_FIPS_FORCE
4'b 0011, // index[17] CSRNG_HW_EXC_STS
4'b 0011, // index[18] CSRNG_RECOV_ALERT_STS
4'b 1111, // index[19] CSRNG_ERR_CODE
4'b 0001, // index[20] CSRNG_ERR_CODE_TEST
4'b 0001 // index[21] CSRNG_MAIN_SM_STATE
4'b 0001, // index[14] CSRNG_INT_STATE_READ_ENABLE
4'b 0001, // index[15] CSRNG_INT_STATE_READ_ENABLE_REGWEN
4'b 0001, // index[16] CSRNG_INT_STATE_NUM
4'b 1111, // index[17] CSRNG_INT_STATE_VAL
4'b 0001, // index[18] CSRNG_FIPS_FORCE
4'b 0011, // index[19] CSRNG_HW_EXC_STS
4'b 0011, // index[20] CSRNG_RECOV_ALERT_STS
4'b 1111, // index[21] CSRNG_ERR_CODE
4'b 0001, // index[22] CSRNG_ERR_CODE_TEST
4'b 0001 // index[23] CSRNG_MAIN_SM_STATE
};

endpackage
Loading

0 comments on commit fb67c57

Please sign in to comment.