Google Git
Sign in
opensecura / 3p / lowrisc / opentitan / 4d80330c6d13e4c8490bf5f8e4f0a9727ac5759d
commit4d80330c6d13e4c8490bf5f8e4f0a9727ac5759d[log] [tgz]
authorPirmin Vogel <vogelpi@lowrisc.org>Mon Apr 04 13:04:41 2022 +0200
committerPirmin Vogel <vogelpi@lowrisc.org>Tue Apr 05 10:03:51 2022 +0200
tree208d0377f70ea375e87a5b3e1d6b095c0f1c2c83
parenta01a0cc9621247b40b2a149154496f5cf7377e4d [diff]
[kmac] Ignore entropy refresh requests when running in SW entropy mode

When running in EDN entropy mode, software can manually request the
entropy to be refreshed from EDN.

If instead running in SW entropy mode, SW provides the entropy via CSRs.
SW is still able to request the entropy to be refreshed. Prior to this
commit, the design would then go into the StRandEdn state and request
fresh entropy from EDN, but the entropy received from EDN would be
ignored. Instead, the LFSR would be reseeded using the value provided by
SW via CSRs. If SW "forgot" to update the CSRs, the LFSR
would be reseeded using the same value. This is a bit counter-intuitive
and can be exploitet for SCA. It's safer to just ignore these requests
when running in SW entropy mode.

Signed-off-by: Pirmin Vogel <vogelpi@lowrisc.org>
1 file changed
tree: 208d0377f70ea375e87a5b3e1d6b095c0f1c2c83
  1. .github/
  2. ci/
  3. doc/
  4. hw/
  5. rules/
  6. site/
  7. sw/
  8. test/
  9. third_party/
  10. util/
  11. .bazelignore
  12. .bazelrc
  13. .bazelversion
  14. .clang-format
  15. .dockerignore
  16. .flake8
  17. .gitignore
  18. .style.yapf
  19. .svlint.toml
  20. .svls.toml
  21. _index.md
  22. apt-requirements.txt
  23. azure-pipelines.yml
  24. bazelisk.sh
  25. BUILD.bazel
  26. check_tool_requirements.core
  27. CLA
  28. COMMITTERS
  29. CONTRIBUTING.md
  30. LICENSE
  31. meson-config.txt
  32. meson.build
  33. meson_init.sh
  34. meson_options.txt
  35. python-requirements.txt
  36. README.md
  37. tool_requirements.py
  38. toolchain.txt
  39. topgen-reg-only.core
  40. topgen.core
  41. WORKSPACE
  42. yum-requirements.txt
README.md

OpenTitan

OpenTitan logo

About the project

OpenTitan is an open source silicon Root of Trust (RoT) project. OpenTitan will make the silicon RoT design and implementation more transparent, trustworthy, and secure for enterprises, platform providers, and chip manufacturers. OpenTitan is administered by lowRISC CIC as a collaborative project to produce high quality, open IP for instantiation as a full-featured product. See the OpenTitan site and OpenTitan docs for more information about the project.

About this repository

This repository contains hardware, software and utilities written as part of the OpenTitan project. It is structured as monolithic repository, or “monorepo”, where all components live in one repository. It exists to enable collaboration across partners participating in the OpenTitan project.

Documentation

The project contains comprehensive documentation of all IPs and tools. You can access it online at docs.opentitan.org.

How to contribute

Have a look at [CONTRIBUTING]({{< relref “CONTRIBUTING.md” >}}) and our documentation on project organization and processes for guidelines on how to contribute code to this repository.

Licensing

Unless otherwise noted, everything in this repository is covered by the Apache License, Version 2.0 (see LICENSE for full text).