Google Git
Sign in
opensecura/3p/lowrisc/opentitan/669cb4ad9febb12ce307cf73fb7431ec5bb3acc5^!/.
commit
669cb4ad9febb12ce307cf73fb7431ec5bb3acc5
[log]
author
Timothy Chen <timothytim@google.com>
Tue Mar 15 18:07:52 2022 -0700
committer
tjaychen <timothytim@google.com>
Wed Mar 16 14:02:34 2022 -0700
tree
60d7c15ff8cfd3b1d9374f3ed20c4729d24d8706
parent
2a2eb5ff7d8db22445086f6cf60cda29b59308b5 [diff]
[keymgr] Continued sampling of otp key

- while in StCtrlInit, continually sample the OTP root key
  until an operation starts or when the keymgr is ready to
  transition to another state.

Signed-off-by: Timothy Chen <timothytim@google.com>

diff --git a/hw/ip/keymgr/doc/_index.md b/hw/ip/keymgr/doc/_index.md
index fdc0dd2..5ccc581 100644
--- a/hw/ip/keymgr/doc/_index.md
+++ b/hw/ip/keymgr/doc/_index.md

@@ -85,6 +85,12 @@
 
 The advancement from this state to the next is irreversible during the current power cycle.
 
+While in the CreatorRootKey state, the key from OTP is continuously captured and sensed.
+This provides some security benefit as the key is constantly background checked by the OTP.
+When an operation begins, the sampling is stopped.
+If at the conclusion of the operation the key manager stays in the same state, sampling begins again.
+If on the other hand key manager transitions to another state, OTP sampling is stopped until reset.
+
 ### OwnerIntermediateKey
 
 This is the second operational state of the key manager.

diff --git a/hw/ip/keymgr/rtl/keymgr_ctrl.sv b/hw/ip/keymgr/rtl/keymgr_ctrl.sv
index d58d6fd..4a0b4e8 100644
--- a/hw/ip/keymgr/rtl/keymgr_ctrl.sv
+++ b/hw/ip/keymgr/rtl/keymgr_ctrl.sv

@@ -221,11 +221,12 @@
   logic wipe_req;
   logic random_req;
   logic random_ack;
+  logic ld_root_key;
 
   // wipe and initialize take precedence
-  assign update_sel = wipe_req   ? KeyUpdateWipe   :
-                      random_req ? KeyUpdateRandom :
-                      init_o     ? KeyUpdateRoot   : op_update_sel;
+  assign update_sel = wipe_req             ? KeyUpdateWipe   :
+                      random_req           ? KeyUpdateRandom :
+                      init_o | ld_root_key ? KeyUpdateRoot   : op_update_sel;
 
   ///////////////////////////
   //  interaction between main fsm and prng
@@ -455,6 +456,9 @@
     // initialization complete
     init_o = 1'b0;
 
+    // during certain states, the otp root key is continuosly loaded
+    ld_root_key = 1'b0;
+
     // if state is ever faulted, hold on to this indication
     // until reset.
     state_intg_err_d = state_intg_err_q;
@@ -517,8 +521,13 @@
         stage_sel_o = advance_sel ? Creator : Disable;
         invalid_op = op_start_i & ~(advance_sel | disable_sel);
 
+        // as long as an operation is not requested, continously load root key
+        // if it is valid.
+        // If an invalidate condition hits, also stop loading key
+        ld_root_key = ~op_start_i;
         if (!en_i || inv_state) begin
           state_d = StCtrlWipe;
+          ld_root_key = '0;
         end else if (dis_state) begin
           state_d = StCtrlDisabled;
         end else if (adv_state) begin
@@ -650,10 +659,10 @@
     working_state_o = StInvalid;
 
     unique case (state_q)
-      StCtrlReset, StCtrlEntropyReseed, StCtrlRandom, StCtrlRootKey:
+      StCtrlReset, StCtrlEntropyReseed, StCtrlRandom:
         working_state_o = StReset;
 
-      StCtrlInit:
+      StCtrlRootKey, StCtrlInit:
         working_state_o = StInit;
 
       StCtrlCreatorRootKey:
@@ -753,7 +762,7 @@
 
   logic vld_state_change_d, vld_state_change_q;
   assign vld_state_change_d = (state_d != state_q) &
-                              (state_d inside {StCtrlInit,
+                              (state_d inside {StCtrlRootKey,
                                                StCtrlCreatorRootKey,
                                                StCtrlOwnerIntKey,
                                                StCtrlOwnerKey});