Google Git
Sign in
opensecura / 3p / lowrisc / opentitan / 3f5f87ea76db303ebbcef11ac1d894b06ec21a59
commit3f5f87ea76db303ebbcef11ac1d894b06ec21a59[log] [tgz]
authorMartin Lueker-Boden <martin.lueker-boden@wdc.com>Mon Sep 05 16:34:19 2022 -0700
committerMartin Lueker-Boden <47870387+martin-lueker@users.noreply.github.com>Wed Sep 07 07:38:13 2022 -0700
tree8aef3ffc659747b1d26160df02512f3d35e0fae7
parentb73727cd502c1a66545c7f84d7861a1474342963 [diff]
[dif/entropy_src] FW_OV_WR_FIFO Management

The entropy_src FW_OV_WR_FIFO can become full after even a single write.
It can also retain entropy that is still wainting at the input of the
SHA3 conditioner.  Thus the FW_OV_WR_FIFO_FULL register should be
checked before writing each word, and before disabling the conditioner.

This commit updates the DIF to make perform these checks more
frequently.

The dif_entropy_src_observe_fifo_write function can now encounter a FIFO
full failure part-way through a write operation.   So an output
paramater has been added to return the number of words successfully
written before the FIFO was detected to be full.

Such FIFO full events are usually transient, but it is important to check
for them, otherwise FW_OV data may be dropped.

All of the dependent tests have also been updated.

The KAT in particular has been updated to keep trying even if the test
has failed, with an arbitrary 256 attempt timeout if the FW_OV FIFO is
frequently full.

Finally, this commit also changes the entropy_src KAT to flush the SHA3
conditioner before loading the test data.  This accounts for the fact
that the conditioner may have absorbed entropy in a previous test, which
is especially likely to happen in the FPGA environment where many tests
are run back to back without a reset.

Signed-off-by: Martin Lueker-Boden <martin.lueker-boden@wdc.com>
Co-authored-by: Douglas Reis <65042207+engdoreis@users.noreply.github.com>
6 files changed
tree: 8aef3ffc659747b1d26160df02512f3d35e0fae7
  1. .github/
  2. ci/
  3. doc/
  4. hw/
  5. release/
  6. rules/
  7. site/
  8. sw/
  9. third_party/
  10. util/
  11. .bazelignore
  12. .bazelrc
  13. .bazelversion
  14. .clang-format
  15. .dockerignore
  16. .flake8
  17. .gitattributes
  18. .gitignore
  19. .style.yapf
  20. .svlint.toml
  21. .svls.toml
  22. _index.md
  23. apt-requirements.txt
  24. azure-pipelines.yml
  25. bazelisk.sh
  26. BUILD.bazel
  27. check_tool_requirements.core
  28. CLA
  29. COMMITTERS
  30. CONTRIBUTING.md
  31. LICENSE
  32. mypy.ini
  33. python-requirements.txt
  34. README.md
  35. tool_requirements.py
  36. topgen-reg-only.core
  37. topgen.core
  38. WORKSPACE
  39. yum-requirements.txt
README.md

OpenTitan

OpenTitan logo

About the project

OpenTitan is an open source silicon Root of Trust (RoT) project. OpenTitan will make the silicon RoT design and implementation more transparent, trustworthy, and secure for enterprises, platform providers, and chip manufacturers. OpenTitan is administered by lowRISC CIC as a collaborative project to produce high quality, open IP for instantiation as a full-featured product. See the OpenTitan site and OpenTitan docs for more information about the project.

About this repository

This repository contains hardware, software and utilities written as part of the OpenTitan project. It is structured as monolithic repository, or “monorepo”, where all components live in one repository. It exists to enable collaboration across partners participating in the OpenTitan project.

Documentation

The project contains comprehensive documentation of all IPs and tools. You can access it online at docs.opentitan.org.

How to contribute

Have a look at CONTRIBUTING and our documentation on project organization and processes for guidelines on how to contribute code to this repository.

Licensing

Unless otherwise noted, everything in this repository is covered by the Apache License, Version 2.0 (see LICENSE for full text).