Google Git
Sign in
opensecura / 3p / lowrisc / opentitan / 2cba533b1e02a9396dfdc031c62e3b82c9aeb318^! / .
commit2cba533b1e02a9396dfdc031c62e3b82c9aeb318[log] [tgz]
authorTimothy Chen <timothytim@google.com>Thu Mar 10 18:54:15 2022 -0800
committertjaychen <timothytim@google.com>Mon Mar 14 18:46:49 2022 -0700
tree5c2e131abb7e2fe2462a366c0a5fea91cfaf54f6
parent74606dcd1d0f0d175d651b8e5e1046329f3d4a1c [diff]
[keymgr] various d2s fixes

- addresses several items in #11387

Signed-off-by: Timothy Chen <timothytim@google.com>

diff --git a/hw/ip/keymgr/data/keymgr.hjson b/hw/ip/keymgr/data/keymgr.hjson
index ec302cb..98dda86 100644
--- a/hw/ip/keymgr/data/keymgr.hjson
+++ b/hw/ip/keymgr/data/keymgr.hjson

@@ -13,14 +13,15 @@
     { name: "op_done",   desc: "Operation complete" },
   ],
   alert_list: [
-    { name: "fatal_fault_err",
-      desc: "Alert for key manager faults.  These errors cannot be caused by software",
-    },
     { name: "recov_operation_err",
       desc: '''
         Alert for key manager operation errors.  These errors could have been caused by
         software'''
-    }
+    },
+    { name: "fatal_fault_err",
+      desc: "Alert for key manager faults.  These errors cannot be caused by software",
+    },
+
   ],
 
   inter_signal_list: [

diff --git a/hw/ip/keymgr/doc/_index.md b/hw/ip/keymgr/doc/_index.md
index 760a5c2..36a4b5c 100644
--- a/hw/ip/keymgr/doc/_index.md
+++ b/hw/ip/keymgr/doc/_index.md

@@ -54,11 +54,6 @@
 The data input is dependent on each state, see below.
 
 ### Reset
-
-The key manager working state is not directly reset to any value.
-This ensures there is no deterministic hamming delta upon reset.
-Instead at reset time, the state value is simply unknown - which is expected to be some biased value the registers settle to based on silicon corner and environment conditions.
-
 To begin operation, the state must first transition to Initialize.
 The advancement from `Reset` to `Initialized` is irreversible during the current power cycle.
 Until the initialize command is invoked, the key manager rejects all other software commands.
@@ -515,6 +510,11 @@
 At the conclusion of the command, key and valid signals are forwarded by the key manager to the selected destination primitive.
 The key and valid signals remain asserted to the selected destination until software explicitly disables the output via another command, or issues another `generate-output-hw` command with a different destination primitive.
 
+## Caveats
+The keymgr {{< regref WORKING_STATE >}} register allows software to discover the current state of `keymgr`.
+However, since these values are not hardened, they can be attacked.
+As such, software should be careful to not make critical system decisions based on these registers.
+They are meant generally for informational or debug purposes.
 
 ## Register Table
 

diff --git a/hw/ip/keymgr/dv/env/keymgr_env_pkg.sv b/hw/ip/keymgr/dv/env/keymgr_env_pkg.sv
index 2e9963e..6f880aa 100644
--- a/hw/ip/keymgr/dv/env/keymgr_env_pkg.sv
+++ b/hw/ip/keymgr/dv/env/keymgr_env_pkg.sv

@@ -21,7 +21,7 @@
   `include "dv_macros.svh"
 
   // parameters and types
-  parameter string LIST_OF_ALERTS[] = {"fatal_fault_err", "recov_operation_err"};
+  parameter string LIST_OF_ALERTS[] = {"recov_operation_err", "fatal_fault_err"};
   parameter uint NUM_ALERTS = 2;
   parameter uint NUM_EDN = 1;
   parameter uint DIGEST_SHARE_WORD_NUM = keymgr_pkg::KeyWidth / TL_DW;

diff --git a/hw/ip/keymgr/rtl/keymgr.sv b/hw/ip/keymgr/rtl/keymgr.sv
index edf6011..5bc01e2 100644
--- a/hw/ip/keymgr/rtl/keymgr.sv
+++ b/hw/ip/keymgr/rtl/keymgr.sv

@@ -84,7 +84,7 @@
   /////////////////////////////////////
   // Anchor incoming seeds and constants
   /////////////////////////////////////
-  localparam int TotalSeedWidth = KeyWidth * 9;
+  localparam int TotalSeedWidth = KeyWidth * 10;
   seed_t revision_seed;
   seed_t creator_identity_seed;
   seed_t owner_int_identity_seed;
@@ -94,6 +94,7 @@
   seed_t aes_seed;
   seed_t otbn_seed;
   seed_t kmac_seed;
+  seed_t none_seed;
 
   prim_sec_anchor_buf #(
     .Width(TotalSeedWidth)
@@ -106,7 +107,8 @@
            RndCnstHardOutputSeed,
            RndCnstAesSeed,
            RndCnstOtbnSeed,
-           RndCnstKmacSeed}),
+           RndCnstKmacSeed,
+           RndCnstNoneSeed}),
     .out_o({revision_seed,
             creator_identity_seed,
             owner_int_identity_seed,
@@ -115,7 +117,8 @@
             hard_output_seed,
             aes_seed,
             otbn_seed,
-            kmac_seed})
+            kmac_seed,
+            none_seed})
   );
 
   // Register module
@@ -231,6 +234,7 @@
     .entropy_i('0),
     .state_o(lfsr)
   );
+  `ASSERT_INIT(LfsrWidth_A, LfsrWidth == 64)
 
 
   logic [Shares-1:0][RandWidth-1:0] ctrl_rand;
@@ -447,7 +451,7 @@
   assign cipher_sel = keymgr_key_dest_e'(reg2hw.control_shadowed.dest_sel.q);
   assign cipher_seed = cipher_sel == Aes  ? aes_seed  :
                        cipher_sel == Kmac ? kmac_seed :
-                       cipher_sel == Otbn ? otbn_seed : RndCnstNoneSeed;
+                       cipher_sel == Otbn ? otbn_seed : none_seed;
   assign output_key = mubi4_test_true_strict(hw_key_sel) ? hard_output_seed :
                       soft_output_seed;
   assign gen_in = invalid_stage_sel ? {GenLfsrCopies{lfsr[31:0]}} : {reg2hw.key_version,
@@ -669,7 +673,7 @@
   assign fault_alert_test = reg2hw.alert_test.fatal_fault_err.q &
                             reg2hw.alert_test.fatal_fault_err.qe;
   prim_alert_sender #(
-    .AsyncOn(AlertAsyncOn[0]),
+    .AsyncOn(AlertAsyncOn[1]),
     .IsFatal(1)
   ) u_fault_alert (
     .clk_i,
@@ -678,15 +682,15 @@
     .alert_req_i(fault_err_req_q),
     .alert_ack_o(fault_err_ack),
     .alert_state_o(),
-    .alert_rx_i(alert_rx_i[0]),
-    .alert_tx_o(alert_tx_o[0])
+    .alert_rx_i(alert_rx_i[1]),
+    .alert_tx_o(alert_tx_o[1])
   );
 
   logic op_err_alert_test;
   assign op_err_alert_test = reg2hw.alert_test.recov_operation_err.q &
                              reg2hw.alert_test.recov_operation_err.qe;
   prim_alert_sender #(
-    .AsyncOn(AlertAsyncOn[1]),
+    .AsyncOn(AlertAsyncOn[0]),
     .IsFatal(0)
   ) u_op_err_alert (
     .clk_i,
@@ -695,8 +699,8 @@
     .alert_req_i(op_err_req_q),
     .alert_ack_o(op_err_ack),
     .alert_state_o(),
-    .alert_rx_i(alert_rx_i[1]),
-    .alert_tx_o(alert_tx_o[1])
+    .alert_rx_i(alert_rx_i[0]),
+    .alert_tx_o(alert_tx_o[0])
   );
 
   // known asserts
@@ -710,6 +714,7 @@
   `ASSERT_KNOWN(OtbnKeyKnownO_A, otbn_key_o)
   `ASSERT_KNOWN(KmacDataKnownO_A, kmac_data_o)
 
+
   // kmac parameter consistency
   // Both modules must be consistent with regards to masking assumptions
   logic unused_kmac_en_masking;
@@ -720,12 +725,14 @@
   // Ensure all parameters are consistent
   `ASSERT_INIT(FaultCntMatch_A, FaultLastPos == AsyncFaultLastIdx + SyncFaultLastIdx)
   `ASSERT_INIT(ErrCntMatch_A, ErrLastPos == AsyncErrLastIdx + SyncErrLastIdx)
+  `ASSERT_INIT(StageMatch_A, KeyMgrStages == Disable)
 
-  `ASSERT_PRIM_COUNT_ERROR_TRIGGER_ALERT(CtrlCntAlertCheck_A, u_ctrl.u_cnt, alert_tx_o[0])
-  `ASSERT_PRIM_COUNT_ERROR_TRIGGER_ALERT(KmacIfCntAlertCheck_A, u_kmac_if.u_cnt, alert_tx_o[0])
+  `ASSERT_PRIM_COUNT_ERROR_TRIGGER_ALERT(CtrlCntAlertCheck_A, u_ctrl.u_cnt, alert_tx_o[1])
+  `ASSERT_PRIM_COUNT_ERROR_TRIGGER_ALERT(KmacIfCntAlertCheck_A, u_kmac_if.u_cnt, alert_tx_o[1])
   `ASSERT_PRIM_COUNT_ERROR_TRIGGER_ALERT(ReseedCtrlCntAlertCheck_A, u_reseed_ctrl.u_reseed_cnt,
-                                         alert_tx_o[0])
-  `ASSERT_PRIM_FSM_ERROR_TRIGGER_ALERT(CtrlMainFsmCheck_A, u_ctrl.u_state_regs, alert_tx_o[0])
-  `ASSERT_PRIM_FSM_ERROR_TRIGGER_ALERT(CtrlDataFsmCheck_A, u_ctrl.u_data_state_regs, alert_tx_o[0])
-  `ASSERT_PRIM_FSM_ERROR_TRIGGER_ALERT(KmacIfFsmCheck_A, u_kmac_if.u_state_regs, alert_tx_o[0])
+                                         alert_tx_o[1])
+  `ASSERT_PRIM_FSM_ERROR_TRIGGER_ALERT(CtrlMainFsmCheck_A, u_ctrl.u_state_regs, alert_tx_o[1])
+  `ASSERT_PRIM_FSM_ERROR_TRIGGER_ALERT(CtrlDataFsmCheck_A, u_ctrl.u_data_state_regs, alert_tx_o[1])
+  `ASSERT_PRIM_FSM_ERROR_TRIGGER_ALERT(CtrlOpFsmCheck_A, u_ctrl.u_op_state_regs, alert_tx_o[1])
+  `ASSERT_PRIM_FSM_ERROR_TRIGGER_ALERT(KmacIfFsmCheck_A, u_kmac_if.u_state_regs, alert_tx_o[1])
 endmodule // keymgr

diff --git a/hw/ip/keymgr/rtl/keymgr_ctrl.sv b/hw/ip/keymgr/rtl/keymgr_ctrl.sv
index 4e141a4..db98bb5 100644
--- a/hw/ip/keymgr/rtl/keymgr_ctrl.sv
+++ b/hw/ip/keymgr/rtl/keymgr_ctrl.sv

@@ -113,16 +113,7 @@
     StCtrlInvalid        = 10'b1011000111
   } keymgr_ctrl_state_e;
 
-  // Enumeration for operation handling
-  typedef enum logic [1:0] {
-    StIdle,
-    StAdv,
-    StAdvAck,
-    StWait
-  } keymgr_op_state_e;
-
   keymgr_ctrl_state_e state_q, state_d;
-  keymgr_op_state_e op_state_q, op_state_d;
 
   // There are two versions of the key state, one for sealing one for attestation
   // Among each version, there are multiple shares
@@ -206,8 +197,7 @@
                             (~valid_data_chk(kmac_data_i[0]) |
                             (~valid_data_chk(kmac_data_i[1]) & KmacEnMasking));
 
-  assign op_err = sync_err[SyncErrInvalidOp] |
-                  sync_err[SyncErrInvalidIn];
+  assign op_err = |sync_err;
 
   assign op_fault_err = |{sync_fault, async_fault};
 
@@ -275,7 +265,6 @@
   end
 
 
-  // key state is intentionally not reset
   always_ff @(posedge clk_i or negedge rst_ni) begin
     if (!rst_ni) begin
       key_state_q <= '0;
@@ -414,7 +403,7 @@
     wipe_req = 1'b0;
 
     // invalid operation issued
-    invalid_op = 1'b0;
+    invalid_op = '0;
 
     // data update and select signals
     stage_sel_o = Disable;
@@ -445,10 +434,13 @@
 
         // key state is updated when it is an advance call
         // all other operations are invalid, including disable
-        if (advance_sel) begin
+        invalid_op = op_start_i & ~advance_sel;
+
+        // if there was a structural fault before anything began, wipe immediately
+        if (inv_state) begin
+          state_d = StCtrlWipe;
+        end else if (advance_sel) begin
           state_d = StCtrlEntropyReseed;
-        end else if (op_start_i) begin
-          invalid_op = 1'b1;
         end
       end
 
@@ -476,12 +468,8 @@
 
       // load the root key.
       StCtrlRootKey: begin
-        // we cannot directly use inv_state here for 2 reasons
-        // - inv_state is sync'd to the completion of a real kmac operation,
-        //   which is not the case here.
-        // - using inv_state would cause a combo loop between init_o and inv_state.
-        init_o = en_i & ~|async_fault;
-        state_d = !init_o ? StCtrlWipe : StCtrlInit;
+        init_o = 1'b1;
+        state_d = inv_state ? StCtrlWipe : StCtrlInit;
       end
 
       // Beginning from the Init state, operations are accepted.
@@ -663,13 +651,29 @@
   // Operateion state, handle advance and generate
   /////////////////////////
 
-  always_ff @(posedge clk_i or negedge rst_ni) begin
-    if (!rst_ni) begin
-      op_state_q <= StIdle;
-    end else begin
-      op_state_q <= op_state_d;
-    end
-  end
+
+  localparam int OpStateWidth = 8;
+  typedef enum logic [OpStateWidth-1:0] {
+    StIdle   = 8'b10010101,
+    StAdv    = 8'b00101000,
+    StAdvAck = 8'b01000011,
+    StWait   = 8'b11111110
+  } keymgr_op_state_e;
+
+  keymgr_op_state_e op_state_q, op_state_d;
+  logic [OpStateWidth-1:0] op_state_raw_q;
+  logic op_fsm_err;
+  assign op_state_q = keymgr_op_state_e'(op_state_raw_q);
+  prim_sparse_fsm_flop #(
+    .StateEnumT(keymgr_op_state_e),
+    .Width(OpStateWidth),
+    .ResetValue(OpStateWidth'(StIdle))
+  ) u_op_state_regs (
+    .clk_i,
+    .rst_ni,
+    .state_i ( op_state_d     ),
+    .state_o ( op_state_raw_q )
+  );
 
   always_comb begin
     op_state_d = op_state_q;
@@ -682,6 +686,8 @@
     id_en_o = 1'b0;
     gen_en_o = 1'b0;
 
+    op_fsm_err = 1'b0;
+
     unique case (op_state_q)
       StIdle: begin
         op_busy = '0;
@@ -720,8 +726,12 @@
         end
       end
 
-      // What should go here?
-      default:;
+      // error state
+      default: begin
+        // allow completion of transaction
+        op_ack = 1'b1;
+        op_fsm_err = 1'b1;
+      end
 
     endcase // unique case (adv_state_q)
   end
@@ -749,7 +759,7 @@
   // sync errors
   // When an operation encounters a fault, the operation is always rejected as the FSM
   // transitions to wipe.  When an operation is ongoing and en drops, it is also rejected.
-  assign sync_err_d[SyncErrInvalidOp] = err_vld & (invalid_op | disabled | invalid | op_fault_err);
+  assign sync_err_d[SyncErrInvalidOp] = err_vld & (invalid_op | disabled | invalid | inv_state);
   assign sync_err_d[SyncErrInvalidIn] = err_vld & kmac_input_invalid_i;
   always_ff @(posedge clk_i or negedge rst_ni) begin
     if (!rst_ni) begin
@@ -794,19 +804,21 @@
   assign async_fault_d[AsyncFaultKmacDone] = kmac_done_err_i;
   assign async_fault_d[AsyncFaultRegIntg]  = regfile_intg_err_i;
   assign async_fault_d[AsyncFaultShadow ]  = shadowed_storage_err_i;
-  assign async_fault_d[AsyncFaultFsmIntg]  = state_intg_err_q | data_fsm_err;
+  assign async_fault_d[AsyncFaultFsmIntg]  = state_intg_err_q | data_fsm_err | op_fsm_err;
   assign async_fault_d[AsyncFaultCntErr ]  = cnt_err;
   assign async_fault_d[AsyncFaultRCntErr]  = reseed_cnt_err_i;
   assign async_fault_d[AsyncFaultSideErr]  = sideload_fsm_err_i;
 
+  // certain errors/faults can only happen when there's an actual kmac transaction,
+  // others can happen with or without.
   // output to error code register
   assign error_o[ErrInvalidOp]    = op_done_o & sync_err[SyncErrInvalidOp];
-  assign error_o[ErrInvalidIn]    = op_done_o & sync_err[SyncErrInvalidIn];
+  assign error_o[ErrInvalidIn]    = op_ack & sync_err[SyncErrInvalidIn];
   assign error_o[ErrShadowUpdate] = async_err[AsyncErrShadowUpdate];
 
   // output to fault code register
-  assign fault_o[FaultKmacOp]    = op_done_o & sync_fault[SyncFaultKmacOp];
-  assign fault_o[FaultKmacOut]   = op_done_o & sync_fault[SyncFaultKmacOut];
+  assign fault_o[FaultKmacOp]    = op_ack & sync_fault[SyncFaultKmacOp];
+  assign fault_o[FaultKmacOut]   = op_ack & sync_fault[SyncFaultKmacOut];
   assign fault_o[FaultKmacCmd]   = async_fault[AsyncFaultKmacCmd];
   assign fault_o[FaultKmacFsm]   = async_fault[AsyncFaultKmacFsm];
   assign fault_o[FaultKmacDone]  = async_fault[AsyncFaultKmacDone];

diff --git a/hw/ip/keymgr/rtl/keymgr_pkg.sv b/hw/ip/keymgr/rtl/keymgr_pkg.sv
index b5c98c6..1a2f8d9 100644
--- a/hw/ip/keymgr/rtl/keymgr_pkg.sv
+++ b/hw/ip/keymgr/rtl/keymgr_pkg.sv

@@ -13,7 +13,7 @@
   parameter int OtbnKeyWidth = 384;
   parameter int DigestWidth = 128;     // uses truncated hash
   parameter int KmacDataIfWidth = 64;  // KMAC interface data width
-  parameter int KeyMgrStages = 3;      // Number of key manager stages (creator, ownerInt, owner)
+  parameter int KeyMgrStages = 3; // Number of key manager stages (creator, ownerInt, owner)
   parameter int SwBindingWidth = 32 * keymgr_reg_pkg::NumSwBindingReg;
   parameter int SaltWidth = 32 * keymgr_reg_pkg::NumSaltReg;
   parameter int Shares = 2; // number of key shares
@@ -77,7 +77,6 @@
   // key version + salt + key ID + constant
   parameter int GenDataWidth = 32 + SaltWidth + KeyWidth*2;
   parameter int StageWidth = $clog2(KeyMgrStages);
-
   // Max Payload Width to derivation function
   // see security strength description https://keccak.team/keccak.html
   // The max width here is chosen arbitrarily to ensure we do not get out of hand.

diff --git a/hw/ip/keymgr/rtl/keymgr_reg_pkg.sv b/hw/ip/keymgr/rtl/keymgr_reg_pkg.sv
index 7045a2b..c86426c 100644
--- a/hw/ip/keymgr/rtl/keymgr_reg_pkg.sv
+++ b/hw/ip/keymgr/rtl/keymgr_reg_pkg.sv

@@ -37,11 +37,11 @@
     struct packed {
       logic        q;
       logic        qe;
-    } fatal_fault_err;
+    } recov_operation_err;
     struct packed {
       logic        q;
       logic        qe;
-    } recov_operation_err;
+    } fatal_fault_err;
   } keymgr_reg2hw_alert_test_reg_t;
 
   typedef struct packed {
@@ -354,8 +354,8 @@
   parameter logic [0:0] KEYMGR_INTR_TEST_RESVAL = 1'h 0;
   parameter logic [0:0] KEYMGR_INTR_TEST_OP_DONE_RESVAL = 1'h 0;
   parameter logic [1:0] KEYMGR_ALERT_TEST_RESVAL = 2'h 0;
-  parameter logic [0:0] KEYMGR_ALERT_TEST_FATAL_FAULT_ERR_RESVAL = 1'h 0;
   parameter logic [0:0] KEYMGR_ALERT_TEST_RECOV_OPERATION_ERR_RESVAL = 1'h 0;
+  parameter logic [0:0] KEYMGR_ALERT_TEST_FATAL_FAULT_ERR_RESVAL = 1'h 0;
   parameter logic [0:0] KEYMGR_CFG_REGWEN_RESVAL = 1'h 1;
   parameter logic [0:0] KEYMGR_CFG_REGWEN_EN_RESVAL = 1'h 1;
   parameter logic [0:0] KEYMGR_SW_BINDING_REGWEN_RESVAL = 1'h 1;

diff --git a/hw/ip/keymgr/rtl/keymgr_reg_top.sv b/hw/ip/keymgr/rtl/keymgr_reg_top.sv
index 3edcca3..e25c581 100644
--- a/hw/ip/keymgr/rtl/keymgr_reg_top.sv
+++ b/hw/ip/keymgr/rtl/keymgr_reg_top.sv

@@ -118,8 +118,8 @@
   logic intr_test_we;
   logic intr_test_wd;
   logic alert_test_we;
-  logic alert_test_fatal_fault_err_wd;
   logic alert_test_recov_operation_err_wd;
+  logic alert_test_fatal_fault_err_wd;
   logic cfg_regwen_re;
   logic cfg_regwen_qs;
   logic start_we;
@@ -390,22 +390,7 @@
   logic alert_test_qe;
   logic [1:0] alert_test_flds_we;
   assign alert_test_qe = &alert_test_flds_we;
-  //   F[fatal_fault_err]: 0:0
-  prim_subreg_ext #(
-    .DW    (1)
-  ) u_alert_test_fatal_fault_err (
-    .re     (1'b0),
-    .we     (alert_test_we),
-    .wd     (alert_test_fatal_fault_err_wd),
-    .d      ('0),
-    .qre    (),
-    .qe     (alert_test_flds_we[0]),
-    .q      (reg2hw.alert_test.fatal_fault_err.q),
-    .qs     ()
-  );
-  assign reg2hw.alert_test.fatal_fault_err.qe = alert_test_qe;
-
-  //   F[recov_operation_err]: 1:1
+  //   F[recov_operation_err]: 0:0
   prim_subreg_ext #(
     .DW    (1)
   ) u_alert_test_recov_operation_err (
@@ -414,12 +399,27 @@
     .wd     (alert_test_recov_operation_err_wd),
     .d      ('0),
     .qre    (),
-    .qe     (alert_test_flds_we[1]),
+    .qe     (alert_test_flds_we[0]),
     .q      (reg2hw.alert_test.recov_operation_err.q),
     .qs     ()
   );
   assign reg2hw.alert_test.recov_operation_err.qe = alert_test_qe;
 
+  //   F[fatal_fault_err]: 1:1
+  prim_subreg_ext #(
+    .DW    (1)
+  ) u_alert_test_fatal_fault_err (
+    .re     (1'b0),
+    .we     (alert_test_we),
+    .wd     (alert_test_fatal_fault_err_wd),
+    .d      ('0),
+    .qre    (),
+    .qe     (alert_test_flds_we[1]),
+    .q      (reg2hw.alert_test.fatal_fault_err.q),
+    .qs     ()
+  );
+  assign reg2hw.alert_test.fatal_fault_err.qe = alert_test_qe;
+
 
   // R[cfg_regwen]: V(True)
   prim_subreg_ext #(
@@ -2515,9 +2515,9 @@
   assign intr_test_wd = reg_wdata[0];
   assign alert_test_we = addr_hit[3] & reg_we & !reg_error;
 
-  assign alert_test_fatal_fault_err_wd = reg_wdata[0];
+  assign alert_test_recov_operation_err_wd = reg_wdata[0];
 
-  assign alert_test_recov_operation_err_wd = reg_wdata[1];
+  assign alert_test_fatal_fault_err_wd = reg_wdata[1];
   assign cfg_regwen_re = addr_hit[4] & reg_re & !reg_error;
   assign start_we = addr_hit[5] & reg_we & !reg_error;
 

diff --git a/hw/top_earlgrey/data/autogen/top_earlgrey.gen.hjson b/hw/top_earlgrey/data/autogen/top_earlgrey.gen.hjson
index a4a57ca..15959d7 100644
--- a/hw/top_earlgrey/data/autogen/top_earlgrey.gen.hjson
+++ b/hw/top_earlgrey/data/autogen/top_earlgrey.gen.hjson

@@ -14004,7 +14004,7 @@
       lpg_idx: 18
     }
     {
-      name: keymgr_fatal_fault_err
+      name: keymgr_recov_operation_err
       width: 1
       type: alert
       async: "1"
@@ -14013,7 +14013,7 @@
       lpg_idx: 17
     }
     {
-      name: keymgr_recov_operation_err
+      name: keymgr_fatal_fault_err
       width: 1
       type: alert
       async: "1"

diff --git a/hw/top_earlgrey/dv/env/autogen/chip_env_pkg__params.sv b/hw/top_earlgrey/dv/env/autogen/chip_env_pkg__params.sv
index fb7a5b6..461b588 100644
--- a/hw/top_earlgrey/dv/env/autogen/chip_env_pkg__params.sv
+++ b/hw/top_earlgrey/dv/env/autogen/chip_env_pkg__params.sv

@@ -49,8 +49,8 @@
   "kmac_fatal_fault_err",
   "otbn_fatal",
   "otbn_recov",
-  "keymgr_fatal_fault_err",
   "keymgr_recov_operation_err",
+  "keymgr_fatal_fault_err",
   "csrng_recov_alert",
   "csrng_fatal_alert",
   "entropy_src_recov_alert",

diff --git a/hw/top_earlgrey/rtl/autogen/top_earlgrey.sv b/hw/top_earlgrey/rtl/autogen/top_earlgrey.sv
index 5973dc3..4623145 100644
--- a/hw/top_earlgrey/rtl/autogen/top_earlgrey.sv
+++ b/hw/top_earlgrey/rtl/autogen/top_earlgrey.sv

@@ -2297,8 +2297,8 @@
 
       // Interrupt
       .intr_op_done_o (intr_keymgr_op_done),
-      // [44]: fatal_fault_err
-      // [45]: recov_operation_err
+      // [44]: recov_operation_err
+      // [45]: fatal_fault_err
       .alert_tx_o  ( alert_tx[45:44] ),
       .alert_rx_i  ( alert_rx[45:44] ),
 

diff --git a/hw/top_earlgrey/sw/autogen/top_earlgrey.c b/hw/top_earlgrey/sw/autogen/top_earlgrey.c
index f24bb93..da34294 100644
--- a/hw/top_earlgrey/sw/autogen/top_earlgrey.c
+++ b/hw/top_earlgrey/sw/autogen/top_earlgrey.c

@@ -252,8 +252,8 @@
   [kTopEarlgreyAlertIdKmacFatalFaultErr] = kTopEarlgreyAlertPeripheralKmac,
   [kTopEarlgreyAlertIdOtbnFatal] = kTopEarlgreyAlertPeripheralOtbn,
   [kTopEarlgreyAlertIdOtbnRecov] = kTopEarlgreyAlertPeripheralOtbn,
-  [kTopEarlgreyAlertIdKeymgrFatalFaultErr] = kTopEarlgreyAlertPeripheralKeymgr,
   [kTopEarlgreyAlertIdKeymgrRecovOperationErr] = kTopEarlgreyAlertPeripheralKeymgr,
+  [kTopEarlgreyAlertIdKeymgrFatalFaultErr] = kTopEarlgreyAlertPeripheralKeymgr,
   [kTopEarlgreyAlertIdCsrngRecovAlert] = kTopEarlgreyAlertPeripheralCsrng,
   [kTopEarlgreyAlertIdCsrngFatalAlert] = kTopEarlgreyAlertPeripheralCsrng,
   [kTopEarlgreyAlertIdEntropySrcRecovAlert] = kTopEarlgreyAlertPeripheralEntropySrc,

diff --git a/hw/top_earlgrey/sw/autogen/top_earlgrey.h b/hw/top_earlgrey/sw/autogen/top_earlgrey.h
index af9f8f8..d930751 100644
--- a/hw/top_earlgrey/sw/autogen/top_earlgrey.h
+++ b/hw/top_earlgrey/sw/autogen/top_earlgrey.h

@@ -1324,8 +1324,8 @@
   kTopEarlgreyAlertIdKmacFatalFaultErr = 41, /**< kmac_fatal_fault_err */
   kTopEarlgreyAlertIdOtbnFatal = 42, /**< otbn_fatal */
   kTopEarlgreyAlertIdOtbnRecov = 43, /**< otbn_recov */
-  kTopEarlgreyAlertIdKeymgrFatalFaultErr = 44, /**< keymgr_fatal_fault_err */
-  kTopEarlgreyAlertIdKeymgrRecovOperationErr = 45, /**< keymgr_recov_operation_err */
+  kTopEarlgreyAlertIdKeymgrRecovOperationErr = 44, /**< keymgr_recov_operation_err */
+  kTopEarlgreyAlertIdKeymgrFatalFaultErr = 45, /**< keymgr_fatal_fault_err */
   kTopEarlgreyAlertIdCsrngRecovAlert = 46, /**< csrng_recov_alert */
   kTopEarlgreyAlertIdCsrngFatalAlert = 47, /**< csrng_fatal_alert */
   kTopEarlgreyAlertIdEntropySrcRecovAlert = 48, /**< entropy_src_recov_alert */

diff --git a/sw/device/lib/dif/autogen/dif_keymgr_autogen.c b/sw/device/lib/dif/autogen/dif_keymgr_autogen.c
index 8a03041..dde5e8c 100644
--- a/sw/device/lib/dif/autogen/dif_keymgr_autogen.c
+++ b/sw/device/lib/dif/autogen/dif_keymgr_autogen.c

@@ -29,12 +29,12 @@
 
   bitfield_bit32_index_t alert_idx;
   switch (alert) {
-    case kDifKeymgrAlertFatalFaultErr:
-      alert_idx = KEYMGR_ALERT_TEST_FATAL_FAULT_ERR_BIT;
-      break;
     case kDifKeymgrAlertRecovOperationErr:
       alert_idx = KEYMGR_ALERT_TEST_RECOV_OPERATION_ERR_BIT;
       break;
+    case kDifKeymgrAlertFatalFaultErr:
+      alert_idx = KEYMGR_ALERT_TEST_FATAL_FAULT_ERR_BIT;
+      break;
     default:
       return kDifBadArg;
   }

diff --git a/sw/device/lib/dif/autogen/dif_keymgr_autogen.h b/sw/device/lib/dif/autogen/dif_keymgr_autogen.h
index a003397..0645f8b 100644
--- a/sw/device/lib/dif/autogen/dif_keymgr_autogen.h
+++ b/sw/device/lib/dif/autogen/dif_keymgr_autogen.h

@@ -53,14 +53,14 @@
  */
 typedef enum dif_keymgr_alert {
   /**
-   * Alert for key manager faults.  These errors cannot be caused by software
-   */
-  kDifKeymgrAlertFatalFaultErr = 0,
-  /**
    * Alert for key manager operation errors.  These errors could have been
    * caused by software
    */
-  kDifKeymgrAlertRecovOperationErr = 1,
+  kDifKeymgrAlertRecovOperationErr = 0,
+  /**
+   * Alert for key manager faults.  These errors cannot be caused by software
+   */
+  kDifKeymgrAlertFatalFaultErr = 1,
 } dif_keymgr_alert_t;
 
 /**

diff --git a/sw/device/lib/dif/autogen/dif_keymgr_autogen_unittest.cc b/sw/device/lib/dif/autogen/dif_keymgr_autogen_unittest.cc
index 99d1b23..316259e 100644
--- a/sw/device/lib/dif/autogen/dif_keymgr_autogen_unittest.cc
+++ b/sw/device/lib/dif/autogen/dif_keymgr_autogen_unittest.cc

@@ -38,7 +38,7 @@
 class AlertForceTest : public KeymgrTest {};
 
 TEST_F(AlertForceTest, NullArgs) {
-  EXPECT_EQ(dif_keymgr_alert_force(nullptr, kDifKeymgrAlertFatalFaultErr),
+  EXPECT_EQ(dif_keymgr_alert_force(nullptr, kDifKeymgrAlertRecovOperationErr),
             kDifBadArg);
 }
 
@@ -51,14 +51,14 @@
 TEST_F(AlertForceTest, Success) {
   // Force first alert.
   EXPECT_WRITE32(KEYMGR_ALERT_TEST_REG_OFFSET,
-                 {{KEYMGR_ALERT_TEST_FATAL_FAULT_ERR_BIT, true}});
-  EXPECT_EQ(dif_keymgr_alert_force(&keymgr_, kDifKeymgrAlertFatalFaultErr),
+                 {{KEYMGR_ALERT_TEST_RECOV_OPERATION_ERR_BIT, true}});
+  EXPECT_EQ(dif_keymgr_alert_force(&keymgr_, kDifKeymgrAlertRecovOperationErr),
             kDifOk);
 
   // Force last alert.
   EXPECT_WRITE32(KEYMGR_ALERT_TEST_REG_OFFSET,
-                 {{KEYMGR_ALERT_TEST_RECOV_OPERATION_ERR_BIT, true}});
-  EXPECT_EQ(dif_keymgr_alert_force(&keymgr_, kDifKeymgrAlertRecovOperationErr),
+                 {{KEYMGR_ALERT_TEST_FATAL_FAULT_ERR_BIT, true}});
+  EXPECT_EQ(dif_keymgr_alert_force(&keymgr_, kDifKeymgrAlertFatalFaultErr),
             kDifOk);
 }