[otbn] Make the life cycle escalation a fatal alert
Before, the incoming life cycle escalation handling was specified as
"like a fatal alert, except for XZY." This commit simplifies the
specification to handle an incoming life cycle escalation in the same
way as a fatal error that was detected within OTBN.
Fixes #7625
Signed-off-by: Philipp Wagner <phw@lowrisc.org>
diff --git a/hw/ip/otbn/data/otbn.hjson b/hw/ip/otbn/data/otbn.hjson
index ae3490e..234ce52 100644
--- a/hw/ip/otbn/data/otbn.hjson
+++ b/hw/ip/otbn/data/otbn.hjson
@@ -250,6 +250,11 @@
it was not allowed.
'''
}
+ { bits: "9",
+ name: "fatal_lifecycle_escalation"
+ resval: 0,
+ desc: "OTBN received a life cycle escalation request from the system."
+ }
]
} // register : err_bits
{ name: "START_ADDR",
@@ -309,6 +314,11 @@
it was not allowed.
'''
}
+ { bits: "5",
+ name: "lifecycle_escalation"
+ resval: 0,
+ desc: "OTBN received a life cycle escalation request from the system."
+ }
]
} // register : fatal_alert_cause
{ name: "SEC_WIPE",
diff --git a/hw/ip/otbn/doc/_index.md b/hw/ip/otbn/doc/_index.md
index 41bac73..82c1641 100644
--- a/hw/ip/otbn/doc/_index.md
+++ b/hw/ip/otbn/doc/_index.md
@@ -587,8 +587,7 @@
### Reaction to Life Cycle Escalation Requests
OTBN receives and reacts to escalation signals from the [life cycle controller]({{< relref "/hw/ip/lc_ctrl/doc#security-escalation" >}}).
-
-An escalation request signaled through the `lc_escalate_en_i` signal results in the same action as a [fatal error](#design-details-fatal-errors) but does not raise a fatal alert.
+An incoming life cycle escalation is a fatal error of type `lifecycle_escalation` and treated as described in the section [Fatal Errors](#design-details-fatal-errors).
### Idle
diff --git a/hw/ip/otbn/dv/otbnsim/sim/err_bits.py b/hw/ip/otbn/dv/otbnsim/sim/err_bits.py
index e543e26..6772f9d 100644
--- a/hw/ip/otbn/dv/otbnsim/sim/err_bits.py
+++ b/hw/ip/otbn/dv/otbnsim/sim/err_bits.py
@@ -14,3 +14,4 @@
FATAL_DMEM = 1 << 6
FATAL_REG = 1 << 7
FATAL_ILLEGAL_BUS_ACCESS = 1 << 8
+FATAL_LIFECYCLE_ESCALATION = 1 << 9
diff --git a/hw/ip/otbn/dv/verilator/otbn_top_sim.sv b/hw/ip/otbn/dv/verilator/otbn_top_sim.sv
index 9abd46f..e380415 100644
--- a/hw/ip/otbn/dv/verilator/otbn_top_sim.sv
+++ b/hw/ip/otbn/dv/verilator/otbn_top_sim.sv
@@ -61,43 +61,45 @@
.ImemSizeByte ( ImemSizeByte ),
.DmemSizeByte ( DmemSizeByte )
) u_otbn_core (
- .clk_i ( IO_CLK ),
- .rst_ni ( IO_RST_N ),
+ .clk_i ( IO_CLK ),
+ .rst_ni ( IO_RST_N ),
- .start_i ( otbn_start ),
- .done_o ( otbn_done_d ),
+ .start_i ( otbn_start ),
+ .done_o ( otbn_done_d ),
- .err_bits_o ( otbn_err_bits_d ),
+ .err_bits_o ( otbn_err_bits_d ),
- .start_addr_i ( ImemStartAddr ),
+ .start_addr_i ( ImemStartAddr ),
- .imem_req_o ( imem_req ),
- .imem_addr_o ( imem_addr ),
- .imem_wdata_o ( ),
- .imem_rdata_i ( imem_rdata[31:0] ),
- .imem_rvalid_i ( imem_rvalid ),
- .imem_rerror_i ( imem_rerror ),
+ .imem_req_o ( imem_req ),
+ .imem_addr_o ( imem_addr ),
+ .imem_wdata_o ( ),
+ .imem_rdata_i ( imem_rdata[31:0] ),
+ .imem_rvalid_i ( imem_rvalid ),
+ .imem_rerror_i ( imem_rerror ),
- .dmem_req_o ( dmem_req ),
- .dmem_write_o ( dmem_write ),
- .dmem_addr_o ( dmem_addr ),
- .dmem_wdata_o ( dmem_wdata ),
- .dmem_wmask_o ( dmem_wmask ),
- .dmem_rmask_o ( ),
- .dmem_rdata_i ( dmem_rdata ),
- .dmem_rvalid_i ( dmem_rvalid ),
- .dmem_rerror_i ( dmem_rerror ),
+ .dmem_req_o ( dmem_req ),
+ .dmem_write_o ( dmem_write ),
+ .dmem_addr_o ( dmem_addr ),
+ .dmem_wdata_o ( dmem_wdata ),
+ .dmem_wmask_o ( dmem_wmask ),
+ .dmem_rmask_o ( ),
+ .dmem_rdata_i ( dmem_rdata ),
+ .dmem_rvalid_i ( dmem_rvalid ),
+ .dmem_rerror_i ( dmem_rerror ),
- .edn_rnd_req_o ( edn_rnd_req ),
- .edn_rnd_ack_i ( edn_rnd_ack ),
- .edn_rnd_data_i ( edn_rnd_data ),
+ .edn_rnd_req_o ( edn_rnd_req ),
+ .edn_rnd_ack_i ( edn_rnd_ack ),
+ .edn_rnd_data_i ( edn_rnd_data ),
- .edn_urnd_req_o ( edn_urnd_req ),
- .edn_urnd_ack_i ( edn_urnd_ack ),
- .edn_urnd_data_i ( edn_urnd_data ),
+ .edn_urnd_req_o ( edn_urnd_req ),
+ .edn_urnd_ack_i ( edn_urnd_ack ),
+ .edn_urnd_data_i ( edn_urnd_data ),
- .insn_cnt_o ( insn_cnt ),
- .illegal_bus_access_i ( 1'b0 )
+ .insn_cnt_o ( insn_cnt ),
+
+ .illegal_bus_access_i ( 1'b0 ),
+ .lifecycle_escalation_i ( 1'b0 )
);
// The top bits of IMEM rdata aren't currently used (they will eventually be used for integrity
diff --git a/hw/ip/otbn/rtl/otbn.sv b/hw/ip/otbn/rtl/otbn.sv
index af486cb..b7cceaf 100644
--- a/hw/ip/otbn/rtl/otbn.sv
+++ b/hw/ip/otbn/rtl/otbn.sv
@@ -133,9 +133,9 @@
.lc_en_o(lc_escalate_en)
);
- // TODO: Connect lifecycle signal.
- lc_ctrl_pkg::lc_tx_t unused_lc_escalate_en;
- assign unused_lc_escalate_en = lc_escalate_en;
+ // Reduce the life cycle escalation signal to a single bit to be used within this cycle.
+ logic lifecycle_escalation;
+ assign lifecycle_escalation = lc_escalate_en != lc_ctrl_pkg::Off;
// Interrupts ================================================================
@@ -628,6 +628,9 @@
assign hw2reg.err_bits.fatal_illegal_bus_access.de = done;
assign hw2reg.err_bits.fatal_illegal_bus_access.d = err_bits.fatal_illegal_bus_access;
+ assign hw2reg.err_bits.fatal_lifecycle_escalation.de = done;
+ assign hw2reg.err_bits.fatal_lifecycle_escalation.d = err_bits.fatal_lifecycle_escalation;
+
// START_ADDR register
assign start_addr = reg2hw.start_addr.q[ImemAddrWidth-1:0];
logic [top_pkg::TL_DW-ImemAddrWidth-1:0] unused_start_addr_bits;
@@ -646,6 +649,8 @@
assign hw2reg.fatal_alert_cause.reg_error.d = 0;
assign hw2reg.fatal_alert_cause.illegal_bus_access.de = illegal_bus_access_d;
assign hw2reg.fatal_alert_cause.illegal_bus_access.d = illegal_bus_access_d;
+ assign hw2reg.fatal_alert_cause.lifecycle_escalation.de = lifecycle_escalation;
+ assign hw2reg.fatal_alert_cause.lifecycle_escalation.d = lifecycle_escalation;
// INSN_CNT register
logic [31:0] insn_cnt;
@@ -806,42 +811,44 @@
.RndCnstUrndChunkLfsrPerm(RndCnstUrndChunkLfsrPerm)
) u_otbn_core (
.clk_i,
- .rst_ni (rst_n),
+ .rst_ni (rst_n),
- .start_i (start_rtl),
- .done_o (done_rtl),
+ .start_i (start_rtl),
+ .done_o (done_rtl),
- .err_bits_o (err_bits_rtl),
+ .err_bits_o (err_bits_rtl),
- .start_addr_i (start_addr),
+ .start_addr_i (start_addr),
- .imem_req_o (imem_req_core),
- .imem_addr_o (imem_addr_core),
- .imem_wdata_o (imem_wdata_core),
- .imem_rdata_i (imem_rdata_core),
- .imem_rvalid_i (imem_rvalid_core),
- .imem_rerror_i (imem_rerror_core),
+ .imem_req_o (imem_req_core),
+ .imem_addr_o (imem_addr_core),
+ .imem_wdata_o (imem_wdata_core),
+ .imem_rdata_i (imem_rdata_core),
+ .imem_rvalid_i (imem_rvalid_core),
+ .imem_rerror_i (imem_rerror_core),
- .dmem_req_o (dmem_req_core),
- .dmem_write_o (dmem_write_core),
- .dmem_addr_o (dmem_addr_core),
- .dmem_wdata_o (dmem_wdata_core),
- .dmem_wmask_o (dmem_wmask_core),
- .dmem_rmask_o (dmem_rmask_core_d),
- .dmem_rdata_i (dmem_rdata_core),
- .dmem_rvalid_i (dmem_rvalid_core),
- .dmem_rerror_i (dmem_rerror_core),
+ .dmem_req_o (dmem_req_core),
+ .dmem_write_o (dmem_write_core),
+ .dmem_addr_o (dmem_addr_core),
+ .dmem_wdata_o (dmem_wdata_core),
+ .dmem_wmask_o (dmem_wmask_core),
+ .dmem_rmask_o (dmem_rmask_core_d),
+ .dmem_rdata_i (dmem_rdata_core),
+ .dmem_rvalid_i (dmem_rvalid_core),
+ .dmem_rerror_i (dmem_rerror_core),
- .edn_rnd_req_o (edn_rnd_req),
- .edn_rnd_ack_i (edn_rnd_ack),
- .edn_rnd_data_i (edn_rnd_data),
+ .edn_rnd_req_o (edn_rnd_req),
+ .edn_rnd_ack_i (edn_rnd_ack),
+ .edn_rnd_data_i (edn_rnd_data),
- .edn_urnd_req_o (edn_urnd_req),
- .edn_urnd_ack_i (edn_urnd_ack),
- .edn_urnd_data_i (edn_urnd_data),
+ .edn_urnd_req_o (edn_urnd_req),
+ .edn_urnd_ack_i (edn_urnd_ack),
+ .edn_urnd_data_i (edn_urnd_data),
- .insn_cnt_o (insn_cnt_rtl),
- .illegal_bus_access_i (illegal_bus_access_q)
+ .insn_cnt_o (insn_cnt_rtl),
+
+ .illegal_bus_access_i (illegal_bus_access_q),
+ .lifecycle_escalation_i (lifecycle_escalation)
);
`else
otbn_core #(
@@ -852,42 +859,44 @@
.RndCnstUrndChunkLfsrPerm(RndCnstUrndChunkLfsrPerm)
) u_otbn_core (
.clk_i,
- .rst_ni (rst_n),
+ .rst_ni (rst_n),
- .start_i (start_q),
- .done_o (done),
+ .start_i (start_q),
+ .done_o (done),
- .err_bits_o (err_bits),
+ .err_bits_o (err_bits),
- .start_addr_i (start_addr),
+ .start_addr_i (start_addr),
- .imem_req_o (imem_req_core),
- .imem_addr_o (imem_addr_core),
- .imem_wdata_o (imem_wdata_core),
- .imem_rdata_i (imem_rdata_core),
- .imem_rvalid_i (imem_rvalid_core),
- .imem_rerror_i (imem_rerror_core),
+ .imem_req_o (imem_req_core),
+ .imem_addr_o (imem_addr_core),
+ .imem_wdata_o (imem_wdata_core),
+ .imem_rdata_i (imem_rdata_core),
+ .imem_rvalid_i (imem_rvalid_core),
+ .imem_rerror_i (imem_rerror_core),
- .dmem_req_o (dmem_req_core),
- .dmem_write_o (dmem_write_core),
- .dmem_addr_o (dmem_addr_core),
- .dmem_wdata_o (dmem_wdata_core),
- .dmem_wmask_o (dmem_wmask_core),
- .dmem_rmask_o (dmem_rmask_core_d),
- .dmem_rdata_i (dmem_rdata_core),
- .dmem_rvalid_i (dmem_rvalid_core),
- .dmem_rerror_i (dmem_rerror_core),
+ .dmem_req_o (dmem_req_core),
+ .dmem_write_o (dmem_write_core),
+ .dmem_addr_o (dmem_addr_core),
+ .dmem_wdata_o (dmem_wdata_core),
+ .dmem_wmask_o (dmem_wmask_core),
+ .dmem_rmask_o (dmem_rmask_core_d),
+ .dmem_rdata_i (dmem_rdata_core),
+ .dmem_rvalid_i (dmem_rvalid_core),
+ .dmem_rerror_i (dmem_rerror_core),
- .edn_rnd_req_o (edn_rnd_req),
- .edn_rnd_ack_i (edn_rnd_ack),
- .edn_rnd_data_i (edn_rnd_data),
+ .edn_rnd_req_o (edn_rnd_req),
+ .edn_rnd_ack_i (edn_rnd_ack),
+ .edn_rnd_data_i (edn_rnd_data),
- .edn_urnd_req_o (edn_urnd_req),
- .edn_urnd_ack_i (edn_urnd_ack),
- .edn_urnd_data_i (edn_urnd_data),
+ .edn_urnd_req_o (edn_urnd_req),
+ .edn_urnd_ack_i (edn_urnd_ack),
+ .edn_urnd_data_i (edn_urnd_data),
- .insn_cnt_o (insn_cnt),
- .illegal_bus_access_i (illegal_bus_access_q)
+ .insn_cnt_o (insn_cnt),
+
+ .illegal_bus_access_i (illegal_bus_access_q),
+ .lifecycle_escalation_i (lifecycle_escalation)
);
`endif
diff --git a/hw/ip/otbn/rtl/otbn_controller.sv b/hw/ip/otbn/rtl/otbn_controller.sv
index f5ee02a..f97960b 100644
--- a/hw/ip/otbn/rtl/otbn_controller.sv
+++ b/hw/ip/otbn/rtl/otbn_controller.sv
@@ -125,7 +125,8 @@
input logic state_reset_i,
output logic [31:0] insn_cnt_o,
- input logic illegal_bus_access_i
+ input logic illegal_bus_access_i,
+ input logic lifecycle_escalation_i
);
otbn_state_e state_q, state_d, state_raw;
@@ -327,15 +328,16 @@
end
end
- assign err_bits_o.fatal_illegal_bus_access = illegal_bus_access_i;
- assign err_bits_o.fatal_reg = rf_base_rd_data_err_i | rf_bignum_rd_data_err_i;
- assign err_bits_o.fatal_imem = insn_fetch_err_i;
- assign err_bits_o.fatal_dmem = lsu_rdata_err_i;
- assign err_bits_o.illegal_insn = insn_illegal_i | ispr_err | rf_indirect_err;
- assign err_bits_o.bad_data_addr = dmem_addr_err;
- assign err_bits_o.loop = loop_err;
- assign err_bits_o.call_stack = rf_base_call_stack_err_i;
- assign err_bits_o.bad_insn_addr = imem_addr_err;
+ assign err_bits_o.fatal_lifecycle_escalation = lifecycle_escalation_i;
+ assign err_bits_o.fatal_illegal_bus_access = illegal_bus_access_i;
+ assign err_bits_o.fatal_reg = rf_base_rd_data_err_i | rf_bignum_rd_data_err_i;
+ assign err_bits_o.fatal_imem = insn_fetch_err_i;
+ assign err_bits_o.fatal_dmem = lsu_rdata_err_i;
+ assign err_bits_o.illegal_insn = insn_illegal_i | ispr_err | rf_indirect_err;
+ assign err_bits_o.bad_data_addr = dmem_addr_err;
+ assign err_bits_o.loop = loop_err;
+ assign err_bits_o.call_stack = rf_base_call_stack_err_i;
+ assign err_bits_o.bad_insn_addr = imem_addr_err;
assign err = |err_bits_o;
diff --git a/hw/ip/otbn/rtl/otbn_core.sv b/hw/ip/otbn/rtl/otbn_core.sv
index 76a18f6..cc47588 100644
--- a/hw/ip/otbn/rtl/otbn_core.sv
+++ b/hw/ip/otbn/rtl/otbn_core.sv
@@ -68,9 +68,12 @@
output logic [31:0] insn_cnt_o,
- // Asserted by system when bus tries to access OTBN memories whilst OTBN is active. Results in an
+ // Asserted by system when bus tries to access OTBN memories whilst OTBN is active. Results in a
// fatal error.
- input logic illegal_bus_access_i
+ input logic illegal_bus_access_i,
+
+ // Indicates an incoming escalation from the life cycle manager. Results in a fatal error.
+ input logic lifecycle_escalation_i
);
// Fetch request (the next instruction)
logic [ImemAddrWidth-1:0] insn_fetch_req_addr;
@@ -353,7 +356,8 @@
.state_reset_i (state_reset),
.insn_cnt_o (insn_cnt),
- .illegal_bus_access_i
+ .illegal_bus_access_i,
+ .lifecycle_escalation_i
);
assign insn_cnt_o = insn_cnt;
diff --git a/hw/ip/otbn/rtl/otbn_pkg.sv b/hw/ip/otbn/rtl/otbn_pkg.sv
index 6c1c48a..6707749 100644
--- a/hw/ip/otbn/rtl/otbn_pkg.sv
+++ b/hw/ip/otbn/rtl/otbn_pkg.sv
@@ -54,6 +54,7 @@
//
// Note: These errors are duplicated in other places. If updating them here, update those too.
typedef struct packed {
+ logic fatal_lifecycle_escalation;
logic fatal_illegal_bus_access;
logic fatal_reg;
logic fatal_dmem;
diff --git a/hw/ip/otbn/rtl/otbn_reg_pkg.sv b/hw/ip/otbn/rtl/otbn_reg_pkg.sv
index 840d2b7..cca1fc1 100644
--- a/hw/ip/otbn/rtl/otbn_reg_pkg.sv
+++ b/hw/ip/otbn/rtl/otbn_reg_pkg.sv
@@ -104,6 +104,10 @@
logic d;
logic de;
} fatal_illegal_bus_access;
+ struct packed {
+ logic d;
+ logic de;
+ } fatal_lifecycle_escalation;
} otbn_hw2reg_err_bits_reg_t;
typedef struct packed {
@@ -127,6 +131,10 @@
logic d;
logic de;
} illegal_bus_access;
+ struct packed {
+ logic d;
+ logic de;
+ } lifecycle_escalation;
} otbn_hw2reg_fatal_alert_cause_reg_t;
typedef struct packed {
@@ -146,10 +154,10 @@
// HW -> register type
typedef struct packed {
- otbn_hw2reg_intr_state_reg_t intr_state; // [62:61]
- otbn_hw2reg_status_reg_t status; // [60:60]
- otbn_hw2reg_err_bits_reg_t err_bits; // [59:42]
- otbn_hw2reg_fatal_alert_cause_reg_t fatal_alert_cause; // [41:32]
+ otbn_hw2reg_intr_state_reg_t intr_state; // [66:65]
+ otbn_hw2reg_status_reg_t status; // [64:64]
+ otbn_hw2reg_err_bits_reg_t err_bits; // [63:44]
+ otbn_hw2reg_fatal_alert_cause_reg_t fatal_alert_cause; // [43:32]
otbn_hw2reg_insn_cnt_reg_t insn_cnt; // [31:0]
} otbn_hw2reg_t;
diff --git a/hw/ip/otbn/rtl/otbn_reg_top.sv b/hw/ip/otbn/rtl/otbn_reg_top.sv
index 63ca15e..3e0010e 100644
--- a/hw/ip/otbn/rtl/otbn_reg_top.sv
+++ b/hw/ip/otbn/rtl/otbn_reg_top.sv
@@ -185,6 +185,7 @@
logic err_bits_fatal_dmem_qs;
logic err_bits_fatal_reg_qs;
logic err_bits_fatal_illegal_bus_access_qs;
+ logic err_bits_fatal_lifecycle_escalation_qs;
logic start_addr_we;
logic [31:0] start_addr_wd;
logic fatal_alert_cause_bus_integrity_error_qs;
@@ -192,6 +193,7 @@
logic fatal_alert_cause_dmem_error_qs;
logic fatal_alert_cause_reg_error_qs;
logic fatal_alert_cause_illegal_bus_access_qs;
+ logic fatal_alert_cause_lifecycle_escalation_qs;
logic sec_wipe_we;
logic sec_wipe_dmem_wd;
logic sec_wipe_imem_wd;
@@ -569,6 +571,32 @@
);
+ // F[fatal_lifecycle_escalation]: 9:9
+ prim_subreg #(
+ .DW (1),
+ .SwAccess(prim_subreg_pkg::SwAccessRO),
+ .RESVAL (1'h0)
+ ) u_err_bits_fatal_lifecycle_escalation (
+ .clk_i (clk_i),
+ .rst_ni (rst_ni),
+
+ // from register interface
+ .we (1'b0),
+ .wd ('0),
+
+ // from internal hardware
+ .de (hw2reg.err_bits.fatal_lifecycle_escalation.de),
+ .d (hw2reg.err_bits.fatal_lifecycle_escalation.d),
+
+ // to internal hardware
+ .qe (),
+ .q (),
+
+ // to register interface (read)
+ .qs (err_bits_fatal_lifecycle_escalation_qs)
+ );
+
+
// R[start_addr]: V(False)
prim_subreg #(
@@ -728,6 +756,32 @@
);
+ // F[lifecycle_escalation]: 5:5
+ prim_subreg #(
+ .DW (1),
+ .SwAccess(prim_subreg_pkg::SwAccessRO),
+ .RESVAL (1'h0)
+ ) u_fatal_alert_cause_lifecycle_escalation (
+ .clk_i (clk_i),
+ .rst_ni (rst_ni),
+
+ // from register interface
+ .we (1'b0),
+ .wd ('0),
+
+ // from internal hardware
+ .de (hw2reg.fatal_alert_cause.lifecycle_escalation.de),
+ .d (hw2reg.fatal_alert_cause.lifecycle_escalation.d),
+
+ // to internal hardware
+ .qe (),
+ .q (),
+
+ // to register interface (read)
+ .qs (fatal_alert_cause_lifecycle_escalation_qs)
+ );
+
+
// R[sec_wipe]: V(False)
// F[dmem]: 0:0
@@ -900,6 +954,7 @@
reg_rdata_next[6] = err_bits_fatal_dmem_qs;
reg_rdata_next[7] = err_bits_fatal_reg_qs;
reg_rdata_next[8] = err_bits_fatal_illegal_bus_access_qs;
+ reg_rdata_next[9] = err_bits_fatal_lifecycle_escalation_qs;
end
addr_hit[7]: begin
@@ -912,6 +967,7 @@
reg_rdata_next[2] = fatal_alert_cause_dmem_error_qs;
reg_rdata_next[3] = fatal_alert_cause_reg_error_qs;
reg_rdata_next[4] = fatal_alert_cause_illegal_bus_access_qs;
+ reg_rdata_next[5] = fatal_alert_cause_lifecycle_escalation_qs;
end
addr_hit[9]: begin
diff --git a/sw/device/lib/dif/dif_otbn.c b/sw/device/lib/dif/dif_otbn.c
index d8485ed..bef2a76 100644
--- a/sw/device/lib/dif/dif_otbn.c
+++ b/sw/device/lib/dif/dif_otbn.c
@@ -32,6 +32,9 @@
static_assert(kDifOtbnErrBitsFatalIllegalBusAccess ==
(1 << OTBN_ERR_BITS_FATAL_ILLEGAL_BUS_ACCESS_BIT),
"Layout of error bits changed.");
+static_assert(kDifOtbnErrBitsFatalLifecycleEscalation ==
+ (1 << OTBN_ERR_BITS_FATAL_LIFECYCLE_ESCALATION_BIT),
+ "Layout of error bits changed.");
/**
* Data width of big number subset, in bytes.
diff --git a/sw/device/lib/dif/dif_otbn.h b/sw/device/lib/dif/dif_otbn.h
index 1a335c9..ff6dc54 100644
--- a/sw/device/lib/dif/dif_otbn.h
+++ b/sw/device/lib/dif/dif_otbn.h
@@ -95,6 +95,8 @@
* not allowed.
*/
kDifOtbnErrBitsFatalIllegalBusAccess = (1 << 8),
+ /** OTBN received a life cycle escalation request from the system */
+ kDifOtbnErrBitsFatalLifecycleEscalation = (1 << 9),
} dif_otbn_err_bits_t;
/**
diff --git a/sw/device/silicon_creator/lib/drivers/otbn.c b/sw/device/silicon_creator/lib/drivers/otbn.c
index 095b08d..be2babe 100644
--- a/sw/device/silicon_creator/lib/drivers/otbn.c
+++ b/sw/device/silicon_creator/lib/drivers/otbn.c
@@ -29,6 +29,8 @@
ASSERT_ERR_BIT_MATCH(kOtbnErrBitsFatalReg, OTBN_ERR_BITS_FATAL_REG_BIT);
ASSERT_ERR_BIT_MATCH(kOtbnErrBitsFatalIllegalBusAccess,
OTBN_ERR_BITS_FATAL_ILLEGAL_BUS_ACCESS_BIT);
+ASSERT_ERR_BIT_MATCH(kOtbnErrBitsFatalLifecycleEscalation,
+ OTBN_ERR_BITS_FATAL_LIFECYCLE_ESCALATION_BIT);
const size_t kOtbnDMemSizeBytes = OTBN_DMEM_SIZE_BYTES;
const size_t kOtbnIMemSizeBytes = OTBN_IMEM_SIZE_BYTES;
diff --git a/sw/device/silicon_creator/lib/drivers/otbn.h b/sw/device/silicon_creator/lib/drivers/otbn.h
index 48a1ccf..9f3c8db 100644
--- a/sw/device/silicon_creator/lib/drivers/otbn.h
+++ b/sw/device/silicon_creator/lib/drivers/otbn.h
@@ -71,6 +71,8 @@
* not allowed.
*/
kOtbnErrBitsFatalIllegalBusAccess = (1 << 8),
+ /** OTBN received a life cycle escalation request from the system */
+ kOtbnErrBitsFatalLifecycleEscalation = (1 << 9),
} otbn_err_bits_t;
/**
