[csrng/hjson] Update AES countermeasure descriptions
Based on review feedback, the AES countermeasures have been updated
to reflect the AES block coverage for security when used by CSRNG.
Signed-off-by: Mark Branstad <mark.branstad@wdc.com>
diff --git a/hw/ip/aes/data/aes_sec_cm_testplan.hjson b/hw/ip/aes/data/aes_sec_cm_testplan.hjson
index 1d065e5..904e833 100644
--- a/hw/ip/aes/data/aes_sec_cm_testplan.hjson
+++ b/hw/ip/aes/data/aes_sec_cm_testplan.hjson
@@ -29,5 +29,167 @@
milestone: V2S
tests: []
}
+ {
+ name: sec_cm_lc_escalate_en_intersig_mubi
+ desc: "Verify the countermeasure(s) LC_ESCALATE_EN.INTERSIG.MUBI."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_config_shadow
+ desc: "Verify the countermeasure(s) MAIN.CONFIG.SHADOW."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_config_sparse
+ desc: "Verify the countermeasure(s) MAIN.CONFIG.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_aux_config_shadow
+ desc: "Verify the countermeasure(s) AUX.CONFIG.SHADOW."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_aux_config_regwen
+ desc: "Verify the countermeasure(s) AUX.CONFIG.REGWEN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_key_sideload
+ desc: "Verify the countermeasure(s) KEY.SIDELOAD."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_key_sw_unreadable
+ desc: "Verify the countermeasure(s) KEY.SW_UNREADABLE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_iv_config_sw_unreadable
+ desc: "Verify the countermeasure(s) IV.CONFIG.SW_UNREADABLE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_data_reg_sw_unreadable
+ desc: "Verify the countermeasure(s) DATA_REG.SW_UNREADABLE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_key_sec_wipe
+ desc: "Verify the countermeasure(s) KEY.SEC_WIPE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_iv_config_sec_wipe
+ desc: "Verify the countermeasure(s) IV.CONFIG.SEC_WIPE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_data_reg_sec_wipe
+ desc: "Verify the countermeasure(s) DATA_REG.SEC_WIPE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_data_reg_key_sca
+ desc: "Verify the countermeasure(s) DATA_REG.KEY.SCA."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_key_masking
+ desc: "Verify the countermeasure(s) KEY.MASKING."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_fsm_sparse
+ desc: "Verify the countermeasure(s) MAIN.FSM.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_fsm_redun
+ desc: "Verify the countermeasure(s) MAIN.FSM.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_cipher_fsm_sparse
+ desc: "Verify the countermeasure(s) CIPHER.FSM.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_cipher_fsm_redun
+ desc: "Verify the countermeasure(s) CIPHER.FSM.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_cipher_ctr_redun
+ desc: "Verify the countermeasure(s) CIPHER.CTR.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_ctr_fsm_sparse
+ desc: "Verify the countermeasure(s) CTR.FSM.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_ctr_fsm_redun
+ desc: "Verify the countermeasure(s) CTR.FSM.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_ctrl_sparse
+ desc: "Verify the countermeasure(s) CTRL.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_fsm_global_esc
+ desc: "Verify the countermeasure(s) MAIN.FSM.GLOBAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_fsm_local_esc
+ desc: "Verify the countermeasure(s) MAIN.FSM.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_cipher_fsm_local_esc
+ desc: "Verify the countermeasure(s) CIPHER.FSM.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_ctr_fsm_local_esc
+ desc: "Verify the countermeasure(s) CTR.FSM.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_data_reg_local_esc
+ desc: "Verify the countermeasure(s) DATA_REG.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
]
}
diff --git a/hw/ip/csrng/data/csrng.hjson b/hw/ip/csrng/data/csrng.hjson
index efbce00..ce1c2cb 100644
--- a/hw/ip/csrng/data/csrng.hjson
+++ b/hw/ip/csrng/data/csrng.hjson
@@ -135,31 +135,43 @@
desc: "Tilelink end-to-end bus integrity scheme."
}
{ name: "AES_CIPHER.FSM.SPARSE",
- desc: "See the AES module documentation for details."
+ desc: '''
+ The AES cipher core FSM uses a sparse state encoding.
+ See the AES module documentation for AES-specific countermeasures.
+ '''
}
{ name: "AES_CIPHER.FSM.REDUN",
- desc: "See the AES module documentation for details."
- }
- { name: "AES_CIPHER.FSM.LOCAL_ESC",
- desc: "See the AES module documentation for details."
- }
- { name: "AES_CIPHER.CTR.REDUN",
- desc: "See the AES module documentation for details."
- }
- { name: "AES_CIPHER.CTR.LOCAL_ESC",
- desc: "See the AES module documentation for details."
+ desc: '''
+ The AES cipher core FSM uses multiple, independent logic rails.
+ See the AES module documentation for AES-specific countermeasures.
+ '''
}
{ name: "AES_CIPHER.CTRL.SPARSE",
- desc: "See the AES module documentation for details."
+ desc: '''
+ Critical control signals for the AES cipher core such as handshake and MUX control signals use sparse encodings.
+ See the AES module documentation for AES-specific countermeasures.
+ '''
}
- { name: "AES_CIPHER.CTRL.LOCAL_ESC",
- desc: "See the AES module documentation for details."
+ { name: "AES_CIPHER.FSM.LOCAL_ESC",
+ desc: '''
+ The AES cipher core FSM moves to a terminal error state upon local escalation.
+ Can be triggered by AES_CIPHER.FSM.SPARSE, AES_CIPHER.FSM.REDUN, AES_CIPHER.CTR.REDUN and AES_CIPHER.CTRL.SPARSE.
+ See the AES module documentation for AES-specific countermeasures.
+ '''
+ }
+ { name: "AES_CIPHER.CTR.REDUN",
+ desc: '''
+ The AES round counter inside the AES cipher core FSM is protected with multiple, independent logic rails.
+ See the AES module documentation for AES-specific countermeasures.
+ '''
}
{ name: "AES_CIPHER.DATA_REG.LOCAL_ESC",
- desc: "See the AES module documentation for details."
+ desc: '''
+ Upon local escalation, the AES cipher core doesn't output intermediate state.
+ See the AES module documentation for AES-specific countermeasures.
+ '''
}
],
-
regwidth: "32",
registers: [
{ name: "REGWEN",
diff --git a/hw/ip/csrng/data/csrng_sec_cm_testplan.hjson b/hw/ip/csrng/data/csrng_sec_cm_testplan.hjson
index d4b932a..4683c17 100644
--- a/hw/ip/csrng/data/csrng_sec_cm_testplan.hjson
+++ b/hw/ip/csrng/data/csrng_sec_cm_testplan.hjson
@@ -42,14 +42,68 @@
tests: []
}
{
- name: sec_cm_fsm_sparse
- desc: "Verify the countermeasure(s) FSM.SPARSE."
+ name: sec_cm_main_sm_fsm_sparse
+ desc: "Verify the countermeasure(s) MAIN_SM.FSM.SPARSE."
milestone: V2S
tests: []
}
{
- name: sec_cm_ctr_redun
- desc: "Verify the countermeasure(s) CTR.REDUN."
+ name: sec_cm_update_fsm_sparse
+ desc: "Verify the countermeasure(s) UPDATE.FSM.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_blk_enc_fsm_sparse
+ desc: "Verify the countermeasure(s) BLK_ENC.FSM.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_outblk_fsm_sparse
+ desc: "Verify the countermeasure(s) OUTBLK.FSM.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_gen_cmd_ctr_redun
+ desc: "Verify the countermeasure(s) GEN_CMD.CTR.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_drbg_upd_ctr_redun
+ desc: "Verify the countermeasure(s) DRBG_UPD.CTR.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_drbg_gen_ctr_redun
+ desc: "Verify the countermeasure(s) DRBG_GEN.CTR.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_ctrl_mubi
+ desc: "Verify the countermeasure(s) CTRL.MUBI."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_sm_ctr_local_esc
+ desc: "Verify the countermeasure(s) MAIN_SM.CTR.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_constants_lc_gated
+ desc: "Verify the countermeasure(s) CONSTANTS.LC_GATED."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_fsm_lc_gated
+ desc: "Verify the countermeasure(s) FSM.LC_GATED."
milestone: V2S
tests: []
}
@@ -65,5 +119,41 @@
milestone: V2S
tests: []
}
+ {
+ name: sec_cm_aes_cipher_fsm_sparse
+ desc: "Verify the countermeasure(s) AES_CIPHER.FSM.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_aes_cipher_fsm_redun
+ desc: "Verify the countermeasure(s) AES_CIPHER.FSM.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_aes_cipher_ctrl_sparse
+ desc: "Verify the countermeasure(s) AES_CIPHER.CTRL.SPARSE."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_aes_cipher_fsm_local_esc
+ desc: "Verify the countermeasure(s) AES_CIPHER.FSM.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_aes_cipher_ctr_redun
+ desc: "Verify the countermeasure(s) AES_CIPHER.CTR.REDUN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_aes_cipher_data_reg_local_esc
+ desc: "Verify the countermeasure(s) AES_CIPHER.DATA_REG.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
]
}
diff --git a/hw/ip/csrng/rtl/csrng_block_encrypt.sv b/hw/ip/csrng/rtl/csrng_block_encrypt.sv
index 891a7a5..b3143d4 100644
--- a/hw/ip/csrng/rtl/csrng_block_encrypt.sv
+++ b/hw/ip/csrng/rtl/csrng_block_encrypt.sv
@@ -88,11 +88,9 @@
// SEC_CM: AES_CIPHER.FSM.SPARSE
// SEC_CM: AES_CIPHER.FSM.REDUN
+ // SEC_CM: AES_CIPHER.CTRL.SPARSE
// SEC_CM: AES_CIPHER.FSM.LOCAL_ESC
// SEC_CM: AES_CIPHER.CTR.REDUN
- // SEC_CM: AES_CIPHER.CTR.LOCAL_ESC
- // SEC_CM: AES_CIPHER.CTRL.SPARSE
- // SEC_CM: AES_CIPHER.CTRL.LOCAL_ESC
// SEC_CM: AES_CIPHER.DATA_REG.LOCAL_ESC
aes_cipher_core #(
diff --git a/hw/ip/pwrmgr/data/pwrmgr_sec_cm_testplan.hjson b/hw/ip/pwrmgr/data/pwrmgr_sec_cm_testplan.hjson
index 9d173a3..b12ccb8 100644
--- a/hw/ip/pwrmgr/data/pwrmgr_sec_cm_testplan.hjson
+++ b/hw/ip/pwrmgr/data/pwrmgr_sec_cm_testplan.hjson
@@ -30,10 +30,76 @@
tests: []
}
{
+ name: sec_cm_lc_ctrl_intersig_mubi
+ desc: "Verify the countermeasure(s) LC_CTRL.INTERSIG.MUBI."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_rom_ctrl_intersig_mubi
+ desc: "Verify the countermeasure(s) ROM_CTRL.INTERSIG.MUBI."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_rstmgr_intersig_mubi
+ desc: "Verify the countermeasure(s) RSTMGR.INTERSIG.MUBI."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_esc_rx_clk_bkgn_chk
+ desc: "Verify the countermeasure(s) ESC_RX.CLK.BKGN_CHK."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_esc_rx_clk_local_esc
+ desc: "Verify the countermeasure(s) ESC_RX.CLK.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
name: sec_cm_fsm_sparse
desc: "Verify the countermeasure(s) FSM.SPARSE."
milestone: V2S
tests: []
}
+ {
+ name: sec_cm_fsm_local_esc
+ desc: "Verify the countermeasure(s) FSM.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_fsm_global_esc
+ desc: "Verify the countermeasure(s) FSM.GLOBAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_pd_rst_local_esc
+ desc: "Verify the countermeasure(s) MAIN_PD.RST.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_ctrl_config_regwen
+ desc: "Verify the countermeasure(s) CTRL.CONFIG.REGWEN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_wakeup_config_regwen
+ desc: "Verify the countermeasure(s) WAKEUP.CONFIG.REGWEN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_reset_config_regwen
+ desc: "Verify the countermeasure(s) RESET.CONFIG.REGWEN."
+ milestone: V2S
+ tests: []
+ }
]
}
diff --git a/hw/top_earlgrey/ip/pwrmgr/data/autogen/pwrmgr_sec_cm_testplan.hjson b/hw/top_earlgrey/ip/pwrmgr/data/autogen/pwrmgr_sec_cm_testplan.hjson
index 9d173a3..b12ccb8 100644
--- a/hw/top_earlgrey/ip/pwrmgr/data/autogen/pwrmgr_sec_cm_testplan.hjson
+++ b/hw/top_earlgrey/ip/pwrmgr/data/autogen/pwrmgr_sec_cm_testplan.hjson
@@ -30,10 +30,76 @@
tests: []
}
{
+ name: sec_cm_lc_ctrl_intersig_mubi
+ desc: "Verify the countermeasure(s) LC_CTRL.INTERSIG.MUBI."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_rom_ctrl_intersig_mubi
+ desc: "Verify the countermeasure(s) ROM_CTRL.INTERSIG.MUBI."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_rstmgr_intersig_mubi
+ desc: "Verify the countermeasure(s) RSTMGR.INTERSIG.MUBI."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_esc_rx_clk_bkgn_chk
+ desc: "Verify the countermeasure(s) ESC_RX.CLK.BKGN_CHK."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_esc_rx_clk_local_esc
+ desc: "Verify the countermeasure(s) ESC_RX.CLK.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
name: sec_cm_fsm_sparse
desc: "Verify the countermeasure(s) FSM.SPARSE."
milestone: V2S
tests: []
}
+ {
+ name: sec_cm_fsm_local_esc
+ desc: "Verify the countermeasure(s) FSM.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_fsm_global_esc
+ desc: "Verify the countermeasure(s) FSM.GLOBAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_main_pd_rst_local_esc
+ desc: "Verify the countermeasure(s) MAIN_PD.RST.LOCAL_ESC."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_ctrl_config_regwen
+ desc: "Verify the countermeasure(s) CTRL.CONFIG.REGWEN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_wakeup_config_regwen
+ desc: "Verify the countermeasure(s) WAKEUP.CONFIG.REGWEN."
+ milestone: V2S
+ tests: []
+ }
+ {
+ name: sec_cm_reset_config_regwen
+ desc: "Verify the countermeasure(s) RESET.CONFIG.REGWEN."
+ milestone: V2S
+ tests: []
+ }
]
}
