Entropy_Src D2S Review AIs

[mwbranstad]

Action Items:

• [Martin] Close on chip-level test issue (V1?)
• [Martin] Update testbench to include entropy dropping event due to health check failure
• [Tim, msf] need to add new asset (RNG) and countermeasure names (REGWEN) -> [reggen/doc] Update assets and cm_type lists and associated docs #10070
• [Tim, msf] File issue for potential FIFO enhancement: add prim_count for pointers -> [prim_fifo] Security Enhancement #10069
• [Mark] Remove qualification of FSM invalid state signals and prim_count -> [entropy_src/rtl] d2s review updates #10126
• [Martin] File issue for future improvements: split out fatal error conditions into indication CSRs -> It was determined that the ERROR_CODE status register does this function, so no issue was opened.
• [Mark] use >= instead of == for counters -> [entropy_src/rtl] d2s review updates #10126
• [Martin] file issue to clean up recursively instantiated module [entropy_src, rtl] Replace recursive modules in bucket_ht #10160
• [Chris/Mark] audit MUBIs -> [entropy complex/security] countermeasure lists and labels updated #10118
• [Mark] make LOGIC.INTEGRITY more specific by adding an instance name -> [entropy complex/security] countermeasure lists and labels updated #10118
• [Mark] document fatal FIFO alerts-> [entropy_src/rtl] d2s review updates #10126
• [Mark] document why multiple parameters are not shadowed in the CSRs (maybe in a short security section) -> [entropy_src/rtl] d2s review updates #10126
• [Chris/Mark] go through Hjson and update all CM/ASSET names according to feedback -> [entropy complex/security] countermeasure lists and labels updated #10118
• [Mark] add countermeasure names to RTL comments, format to be used “// SEC_CM: [INSTANCE].ASSET.CM_TYPE”. See also [reggen] Add tooling for checking in-line countermeasure annotations #10071, [entropy complex/security] countermeasure lists and labels updated #10118
• [Msf] create an issue for the tooling extensions needed for checking the above annotations [reggen] Add tooling for checking in-line countermeasure annotations #10071
• [Mark] exchange “entropy_src_cntr_reg” with “prim_count” and hook up to alerts, don’t forget to add labels -> [entropy_src/rtl] d2s review updates #10126
• [Mark] add sha3 CM labels -> [entropy_src/rtl] d2s review updates #10126
• [Mark] add mubi fields to prim_mubi4_sync, then fan out to consumers -> [entropy_src/rtl] d2s review updates #10126
• [Mark] complete PR for issue [entropy_src] RFC: Programming Model for FW_OV_ENTROPY_INSERT #10388 -> [entropy_src/rtl] Add full REGWEN solution #10520

[mwbranstad]

@msfschaffner all the boxes are checked now. Should we close this issue, or are there some additional steps to do before that happens in the security review flow?

[msfschaffner]

@mwbranstad we can close it once the D2S prj.hjson has landed. You could even do this automatically by adding Fixes #10096 to the commit message of the D2S prj.hjson commit.

Edit: I just noticed that you already seem to be using closes XYZ in the PR description - so that is fine. We will close the issues once that PR goes in.

[msfschaffner]

@mwbranstad, a few questions regarding the D2S opens:

1. Should [entropy_src] RFC: Programming Model for FW_OV_ENTROPY_INSERT #10388 be addressed before we declare D2S?
2. Can you add the link to the following issue? I don't seem to find that one [Martin] File issue for future improvements: split out fatal error conditions into indication CSRs
3. In general it would be good to indicate where things have been addressed if possible, either providing the link above per item, or grouping the items as for instance done in: [otp_ctrl] D2S review opens #10420. There are still a couple of items above without link, and since many changes are squashed into large commits it is hard to trace what exactly has been addressed where.

[mwbranstad]

@mwbranstad, a few questions regarding the D2S opens:

1. Should [entropy_src] RFC: Programming Model for FW_OV_ENTROPY_INSERT #10388 be addressed before we declare D2S?
2. Can you add the link to the following issue? I don't seem to find that one [Martin] File issue for future improvements: split out fatal error conditions into indication CSRs
3. In general it would be good to indicate where things have been addressed if possible, either providing the link above per item, or grouping the items as for instance done in: [otp_ctrl] D2S review opens #10420. There are still a couple of items above without link, and since many changes are squashed into large commits it is hard to trace what exactly has been addressed where.

A1: #10388 can be added to the list. It did not start out as a security topic, but morphed into one.
A2: It was determined that the ERROR_CODE status register does this function, so no issue was opened.
A3: Will review again, but thought every AI had either a link or some explanation.

[msfschaffner]

Thanks @mwbranstad. It looks like the only pending item is #10520 - after that entropy_src appears to be good to go.

[msfschaffner]

Ok #10520 has been merged, thanks to @tjaychen's help.
There is one more minor RTL fix that has to go in (#10621) and then we should be g2g here.