[aes] Doc clearing sequence upon reset and align STATUS reg reset value
Upon reset, the AES module first performs a PRNG reseed and then clears
key, IV and data registers with pseudo-random data. Only after that, the
module becomes ready for software initialization.
This commit explicitly documents this behavior and changes the reset value
of the IDLE and INPUT_READY fields in the STATUS register. Both should be
low (not idle, not ready to receive inputs) when coming out of reset.
At the end of the clearing sequence, both bits will be high.
This is related to lowRISC/OpenTitan#5646.
Signed-off-by: Pirmin Vogel <vogelpi@lowrisc.org>
diff --git a/hw/ip/aes/data/aes.hjson b/hw/ip/aes/data/aes.hjson
index 4dc6496..6049db5 100644
--- a/hw/ip/aes/data/aes.hjson
+++ b/hw/ip/aes/data/aes.hjson
@@ -192,6 +192,7 @@
The order in which the registers are updated does not matter.
Can only be updated when the AES unit is idle.
If the AES unit is non-idle, writes to these registers are ignored.
+ Upon reset, these registers are cleared with pseudo-random data.
'''
count: "NumRegsKey",
cname: "KEY_SHARE0",
@@ -214,6 +215,7 @@
The order in which the registers are updated does not matter.
Can only be updated when the AES unit is idle.
If the AES unit is non-idle, writes to these registers are ignored.
+ Upon reset, these registers are cleared with pseudo-random data.
'''
count: "NumRegsKey",
cname: "KEY_SHARE1",
@@ -240,6 +242,7 @@
Whenever starting a new message, the corresponding IV value must be provided by the processor.
Once started, the AES unit automatically updates the contents of these registers.
In ECB mode, the IV registers are not used and do not need to be configured.
+ Upon reset, these registers are cleared with pseudo-random data.
'''
count: "NumRegsIv",
cname: "IV",
@@ -258,11 +261,12 @@
name: "DATA_IN",
desc: '''
Input Data Registers.
- If MANUAL_OPERATION=0 (see Control Register), the AES unit automatically starts encryption/decryption after these register have been written.
+ If MANUAL_OPERATION=0 (see Control Register), the AES unit automatically starts encryption/decryption after all Input Data registers have been written.
Each register has to be written at least once.
The order in which the registers are written does not matter.
Loaded into the internal State register upon starting encryption/decryption of the next block.
- After that, the processor can update the Input Data Register.
+ After that, the processor can update the Input Data registers (See INPUT_READY field of Status Register).
+ Upon reset, these registers are cleared with pseudo-random data.
'''
count: "NumRegsData",
cname: "DATA_IN",
@@ -284,6 +288,7 @@
If MANUAL_OPERATION=0 (see Control Register), the AES unit is stalled when the previous output data has not yet been read and is about to be overwritten.
Each register has to be read at least once.
The order in which the registers are read does not matter.
+ Upon reset, these registers are cleared with pseudo-random data.
'''
count: "NumRegsData",
cname: "DATA_OUT",
@@ -494,13 +499,13 @@
# Tag info (CSR test exclusions):
# Updated by the HW.
# Updates based on writes to other regs.
- # -> Exclude all fields (except ALERT_FATAL) from init and write-read checks.
- # Upon reset, internal operations are triggered that temporarily change the IDLE field.
- # -> Exclude IDLE field from init and write-read checks (also in reset test).
+ # -> Exclude all fields (except ALERT_FATAL_FAULT) from init and write-read checks.
+ # Upon reset, internal operations are triggered at the end of which IDLE and INPUT_READY will be 1.
+ # -> Exclude IDLE and INPUT_READY field from init and write-read checks (also in reset test).
fields: [
{ bits: "0",
name: "IDLE",
- resval: "1",
+ resval: "0",
desc: '''
The AES unit is idle (1) or busy (0).
This flag is `0` if one of the following operations is currently running: i) encryption/decryption, ii) register clearing or iii) PRNG reseeding.
@@ -510,6 +515,7 @@
}
{ bits: "1",
name: "STALL",
+ resval: "0"
desc: '''
The AES unit is not stalled (0) or stalled (1) because there is previous
output data that must be read by the processor before the AES unit can
@@ -520,6 +526,7 @@
}
{ bits: "2",
name: "OUTPUT_LOST",
+ resval: "0"
hwaccess: "hrw",
desc: '''
All previous output data has been fully read by the processor (0) or at least one previous output data block has been lost (1).
@@ -532,6 +539,7 @@
}
{ bits: "3",
name: "OUTPUT_VALID",
+ resval: "0"
desc: '''
The AES unit has no valid output (0) or has valid output data (1).
'''
@@ -539,13 +547,13 @@
}
{ bits: "4",
name: "INPUT_READY",
- resval: "1",
+ resval: "0",
desc: '''
- The AES unit is ready (1) to receive new data input via the DATA_IN registers or
- the present values in the DATA_IN registers have not yet been loaded into the
- module (0).
+ The AES unit is ready (1) or not ready (0) to receive new data input via the DATA_IN registers.
+ If the present values in the DATA_IN registers have not yet been loaded into the
+ module this flag is `0` (not ready).
'''
- tags: ["excl:CsrNonInitTests:CsrExclCheck"]
+ tags: ["excl:CsrAllTests:CsrExclCheck"]
}
{ bits: "5",
name: "ALERT_RECOV_CTRL_UPDATE_ERR",
diff --git a/hw/ip/aes/doc/_index.md b/hw/ip/aes/doc/_index.md
index e787cc6..1c1f450 100644
--- a/hw/ip/aes/doc/_index.md
+++ b/hw/ip/aes/doc/_index.md
@@ -328,6 +328,14 @@
This section discusses how software can interface with the AES unit.
+## Clear upon Reset
+
+Upon reset, the AES unit will first reseed the internal PRNG for register clearing via EDN, and then clear all key, IV and data registers with pseudo-random data.
+Only after this sequence has finished, the unit becomes idle (indicated in {{< regref "STATUS.IDLE" >}}).
+The AES unit is then ready for software initialization.
+Note that at this point, the key, IV and data registers' values can no longer be expected to match the reset values.
+
+
## Initialization
Before initialization, software must ensure that the AES unit is idle by checking {{< regref "STATUS.IDLE" >}}.
@@ -364,6 +372,7 @@
1. Does not overwrite previous output data that has not yet been read by the processor.
Then, software must:
+1. Ensure that the INPUT_READY bit in {{< regref "STATUS" >}} is `1`.
1. Write Input Data Block `0` to the Input Data registers {{< regref "DATA_IN_0" >}} - {{< regref "DATA_IN_3" >}}.
Each register must be written at least once.
The order in which these registers are written does not matter.
diff --git a/hw/ip/aes/rtl/aes_reg_top.sv b/hw/ip/aes/rtl/aes_reg_top.sv
index 527cc71..7a6b805 100644
--- a/hw/ip/aes/rtl/aes_reg_top.sv
+++ b/hw/ip/aes/rtl/aes_reg_top.sv
@@ -912,7 +912,7 @@
prim_subreg #(
.DW (1),
.SWACCESS("RO"),
- .RESVAL (1'h1)
+ .RESVAL (1'h0)
) u_status_idle (
.clk_i (clk_i ),
.rst_ni (rst_ni ),
@@ -1012,7 +1012,7 @@
prim_subreg #(
.DW (1),
.SWACCESS("RO"),
- .RESVAL (1'h1)
+ .RESVAL (1'h0)
) u_status_input_ready (
.clk_i (clk_i ),
.rst_ni (rst_ni ),
