[keymgr] Finalize keymgr hardening
- Fixes #7749
- Fixes #8301
Two more faults are added
- sideload control FSM faults
- reseed counter faults
Two more regwen are added
- reseed interval controls
- sideload clear placed under transactional regwen
Signed-off-by: Timothy Chen <timothytim@google.com>
diff --git a/hw/ip/keymgr/data/keymgr.hjson b/hw/ip/keymgr/data/keymgr.hjson
index 09412d4..9e7a223 100644
--- a/hw/ip/keymgr/data/keymgr.hjson
+++ b/hw/ip/keymgr/data/keymgr.hjson
@@ -382,6 +382,7 @@
desc: "sideload key slots clear"
swaccess: "rw",
hwaccess: "hro",
+ regwen: "CFG_REGWEN",
fields: [
{ bits: "2:0",
name: "VAL",
@@ -422,11 +423,27 @@
]
},
+ { name: "RESEED_INTERVAL_REGWEN",
+ desc: "regwen for reseed interval",
+ swaccess: "rw0c",
+ hwaccess: "none",
+ fields: [
+ { bits: "0",
+ name: "EN",
+ resval: "1"
+ desc: '''
+ Configuration enable for reseed interval
+ '''
+ },
+ ]
+ },
+
{ name: "RESEED_INTERVAL_SHADOWED",
- desc: "reseed interval for key manager entropy reseed",
+ desc: "Reseed interval for key manager entropy reseed",
shadowed: "true",
update_err_alert: "recov_operation_err",
storage_err_alert: "fatal_fault_err",
+ regwen: "RESEED_INTERVAL_REGWEN",
swaccess: "rw",
hwaccess: "hro",
fields: [
@@ -930,6 +947,16 @@
resval: "0x0"
desc: "Control FSM counter integrity error, asynchronous fault",
},
+ { bits: "8",
+ name: "RESEED_CNT",
+ resval: "0x0"
+ desc: "Reseed counter integrity error, asynchronous fault",
+ },
+ { bits: "9",
+ name: "SIDE_CTRL_FSM",
+ resval: "0x0"
+ desc: "Sideload control FSM integrity error, asynchronous fault",
+ },
]
},
diff --git a/hw/ip/keymgr/rtl/keymgr.sv b/hw/ip/keymgr/rtl/keymgr.sv
index c2da1d7..2160692 100644
--- a/hw/ip/keymgr/rtl/keymgr.sv
+++ b/hw/ip/keymgr/rtl/keymgr.sv
@@ -142,6 +142,7 @@
logic [LfsrWidth-1:0] seed;
logic reseed_req;
logic reseed_ack;
+ logic reseed_cnt_err;
keymgr_reseed_ctrl u_reseed_ctrl (
.clk_i,
@@ -154,7 +155,8 @@
.edn_o,
.edn_i,
.seed_en_o(seed_en),
- .seed_o(seed)
+ .seed_o(seed),
+ .cnt_err_o(reseed_cnt_err)
);
logic [63:0] lfsr;
@@ -197,6 +199,7 @@
/////////////////////////////////////
keymgr_stage_e stage_sel;
+ logic invalid_stage_sel;
keymgr_gen_out_e key_sel;
logic adv_en, id_en, gen_en;
logic wipe_key;
@@ -216,6 +219,7 @@
logic [FaultLastPos-1:0] fault_code;
logic sw_binding_unlock;
logic [CdiWidth-1:0] cdi_sel;
+ logic sideload_fsm_err;
for (genvar i = 0; i < Shares; i++) begin : gen_truncate_data
assign kmac_data_truncated[i] = kmac_data[i][KeyWidth-1:0];
@@ -230,6 +234,8 @@
.regfile_intg_err_i(regfile_intg_err),
.shadowed_update_err_i(shadowed_update_err),
.shadowed_storage_err_i(shadowed_storage_err),
+ .reseed_cnt_err_i(reseed_cnt_err),
+ .sideload_fsm_err_i(sideload_fsm_err),
.prng_reseed_req_o(reseed_req),
.prng_reseed_ack_i(reseed_ack),
.prng_en_o(ctrl_lfsr_en),
@@ -249,6 +255,7 @@
.root_key_i(otp_key_i),
.hw_sel_o(key_sel),
.stage_sel_o(stage_sel),
+ .invalid_stage_sel_o(invalid_stage_sel),
.cdi_sel_o(cdi_sel),
.wipe_key_o(wipe_key),
.adv_en_o(adv_en),
@@ -398,10 +405,10 @@
cipher_sel == Kmac ? RndCnstKmacSeed :
cipher_sel == Otbn ? RndCnstOtbnSeed : RndCnstNoneSeed;
assign output_key = (key_sel == HwKey) ? RndCnstHardOutputSeed : RndCnstSoftOutputSeed;
- assign gen_in = (stage_sel == Disable) ? {GenLfsrCopies{lfsr[31:0]}} : {reg2hw.key_version,
- reg2hw.salt,
- cipher_seed,
- output_key};
+ assign gen_in = invalid_stage_sel ? {GenLfsrCopies{lfsr[31:0]}} : {reg2hw.key_version,
+ reg2hw.salt,
+ cipher_seed,
+ output_key};
// Advance state operation input construction
for (genvar i = KeyMgrStages; i < 2**StageWidth; i++) begin : gen_key_version_fill
@@ -487,7 +494,8 @@
.prng_en_o(sideload_lfsr_en),
.aes_key_o,
.otbn_key_o,
- .kmac_key_o
+ .kmac_key_o,
+ .fsm_err_o(sideload_fsm_err)
);
for (genvar i = 0; i < 8; i++) begin : gen_sw_assigns
@@ -523,7 +531,6 @@
assign hw2reg.err_code.invalid_kmac_input.de = err_code[ErrInvalidIn];
assign hw2reg.err_code.invalid_shadow_update.de = err_code[ErrShadowUpdate];
- // detailed breakdown of the invalid_states field above
assign hw2reg.fault_status.cmd.de = fault_code[FaultKmacCmd];
assign hw2reg.fault_status.kmac_fsm.de = fault_code[FaultKmacFsm];
assign hw2reg.fault_status.kmac_op.de = fault_code[FaultKmacOp];
@@ -532,6 +539,8 @@
assign hw2reg.fault_status.shadow.de = fault_code[FaultShadow];
assign hw2reg.fault_status.ctrl_fsm_intg.de = fault_code[FaultCtrlFsm];
assign hw2reg.fault_status.ctrl_fsm_cnt.de = fault_code[FaultCtrlCnt];
+ assign hw2reg.fault_status.reseed_cnt.de = fault_code[FaultReseedCnt];
+ assign hw2reg.fault_status.side_ctrl_fsm.de = fault_code[FaultSideFsm];
assign hw2reg.fault_status.cmd.d = 1'b1;
assign hw2reg.fault_status.kmac_fsm.d = 1'b1;
assign hw2reg.fault_status.kmac_op.d = 1'b1;
@@ -540,6 +549,8 @@
assign hw2reg.fault_status.ctrl_fsm_intg.d = 1'b1;
assign hw2reg.fault_status.shadow.d = 1'b1;
assign hw2reg.fault_status.ctrl_fsm_cnt.d = 1'b1;
+ assign hw2reg.fault_status.reseed_cnt.d = 1'b1;
+ assign hw2reg.fault_status.side_ctrl_fsm.d = 1'b1;
// There are two types of alerts
// - alerts for hardware errors, these could not have been generated by software.
@@ -625,4 +636,8 @@
`ASSERT_INIT(KmacMaskCheck_A, KmacEnMasking == kmac_en_masking_i)
`endif
+ // Ensure all parameters are consistent
+ `ASSERT_INIT(FaultCntMatch_A, FaultLastPos == AsyncFaultLastIdx + SyncFaultLastIdx)
+ `ASSERT_INIT(ErrCntMatch_A, ErrLastPos == AsyncErrLastIdx + SyncErrLastIdx)
+
endmodule // keymgr
diff --git a/hw/ip/keymgr/rtl/keymgr_ctrl.sv b/hw/ip/keymgr/rtl/keymgr_ctrl.sv
index 1dabea3..1537bbf 100644
--- a/hw/ip/keymgr/rtl/keymgr_ctrl.sv
+++ b/hw/ip/keymgr/rtl/keymgr_ctrl.sv
@@ -7,7 +7,10 @@
`include "prim_assert.sv"
-module keymgr_ctrl import keymgr_pkg::*; #(
+module keymgr_ctrl
+ import keymgr_pkg::*;
+ import keymgr_reg_pkg::*;
+#(
parameter bit KmacEnMasking = 1'b1
) (
input clk_i,
@@ -20,6 +23,8 @@
input regfile_intg_err_i,
input shadowed_update_err_i,
input shadowed_storage_err_i,
+ input reseed_cnt_err_i,
+ input sideload_fsm_err_i,
// Software interface
input op_start_i,
@@ -40,6 +45,7 @@
input otp_ctrl_pkg::otp_keymgr_key_t root_key_i,
output keymgr_gen_out_e hw_sel_o,
output keymgr_stage_e stage_sel_o,
+ output logic invalid_stage_sel_o,
output logic [CdiWidth-1:0] cdi_sel_o,
// KMAC ctrl interface
@@ -258,8 +264,9 @@
assign key_o.valid = op_req;
assign cdi_sel_o = advance_sel ? cdi_cnt : op_cdi_sel_i;
+ assign invalid_stage_sel_o = ~(stage_sel_o inside {Creator, OwnerInt, Owner});
for (genvar i = 0; i < Shares; i++) begin : gen_key_out_assign
- assign key_o.key[i] = stage_sel_o == Disable ?
+ assign key_o.key[i] = invalid_stage_sel_o ?
{EntropyRounds{entropy_i[i]}} :
key_state_q[cdi_sel_o][i];
end
@@ -346,6 +353,7 @@
prim_count #(
.Width(CntWidth),
+ .OutSelDnCnt(1'b0),
.CntStyle(prim_count_pkg::DupCnt)
) u_cnt (
.clk_i,
@@ -771,6 +779,8 @@
assign async_fault_d[AsyncFaultShadow ] = shadowed_storage_err_i;
assign async_fault_d[AsyncFaultFsmIntg] = state_intg_err_q;
assign async_fault_d[AsyncFaultCntErr ] = cnt_err;
+ assign async_fault_d[AsyncFaultRCntErr] = reseed_cnt_err_i;
+ assign async_fault_d[AsyncFaultSideErr] = sideload_fsm_err_i;
// output to error code register
assign error_o[ErrInvalidOp] = op_done_o & sync_err[SyncErrInvalidOp];
@@ -778,14 +788,16 @@
assign error_o[ErrShadowUpdate] = async_err[AsyncErrShadowUpdate];
// output to fault code register
- assign fault_o[FaultKmacOp] = op_done_o & sync_fault[SyncFaultKmacOp];
- assign fault_o[FaultKmacOut] = op_done_o & sync_fault[SyncFaultKmacOut];
- assign fault_o[FaultKmacCmd] = async_fault[AsyncFaultKmacCmd];
- assign fault_o[FaultKmacFsm] = async_fault[AsyncFaultKmacFsm];
- assign fault_o[FaultRegIntg] = async_fault[AsyncFaultRegIntg];
- assign fault_o[FaultShadow] = async_fault[AsyncFaultShadow];
- assign fault_o[FaultCtrlFsm] = async_fault[AsyncFaultFsmIntg];
- assign fault_o[FaultCtrlCnt] = async_fault[AsyncFaultCntErr];
+ assign fault_o[FaultKmacOp] = op_done_o & sync_fault[SyncFaultKmacOp];
+ assign fault_o[FaultKmacOut] = op_done_o & sync_fault[SyncFaultKmacOut];
+ assign fault_o[FaultKmacCmd] = async_fault[AsyncFaultKmacCmd];
+ assign fault_o[FaultKmacFsm] = async_fault[AsyncFaultKmacFsm];
+ assign fault_o[FaultRegIntg] = async_fault[AsyncFaultRegIntg];
+ assign fault_o[FaultShadow] = async_fault[AsyncFaultShadow];
+ assign fault_o[FaultCtrlFsm] = async_fault[AsyncFaultFsmIntg];
+ assign fault_o[FaultCtrlCnt] = async_fault[AsyncFaultCntErr];
+ assign fault_o[FaultReseedCnt] = async_fault[AsyncFaultRCntErr];
+ assign fault_o[FaultSideFsm] = async_fault[AsyncFaultSideErr];
always_comb begin
status_o = OpIdle;
@@ -881,6 +893,11 @@
// Assertions
/////////////////////////////////
+ // This assertion will not work if fault_status ever takes on metafields such as
+ // qe / re etc.
+ `ASSERT_INIT(SameErrCnt_A, $bits(keymgr_reg2hw_fault_status_reg_t) ==
+ (SyncFaultLastIdx + AsyncFaultLastIdx))
+
// stage select should always be Disable whenever it is not enabled
`ASSERT(StageDisableSel_A, !en_i |-> stage_sel_o == Disable)
diff --git a/hw/ip/keymgr/rtl/keymgr_kmac_if.sv b/hw/ip/keymgr/rtl/keymgr_kmac_if.sv
index 88d2e11..1c6913f 100644
--- a/hw/ip/keymgr/rtl/keymgr_kmac_if.sv
+++ b/hw/ip/keymgr/rtl/keymgr_kmac_if.sv
@@ -133,7 +133,8 @@
logic cnt_err;
prim_count #(
.Width(CntWidth),
- .OutSelDnCnt(1'b1)
+ .OutSelDnCnt(1'b1),
+ .CntStyle(prim_count_pkg::CrossCnt)
) u_cnt (
.clk_i,
.rst_ni,
diff --git a/hw/ip/keymgr/rtl/keymgr_pkg.sv b/hw/ip/keymgr/rtl/keymgr_pkg.sv
index 64b2be2..b28c9ce 100644
--- a/hw/ip/keymgr/rtl/keymgr_pkg.sv
+++ b/hw/ip/keymgr/rtl/keymgr_pkg.sv
@@ -86,10 +86,10 @@
// Enumeration for operations
typedef enum logic [1:0] {
- Creator = 0,
- OwnerInt = 1,
- Owner = 2,
- Disable = 3
+ Creator,
+ OwnerInt,
+ Owner,
+ Disable
} keymgr_stage_e;
// Enumeration for sideload sel
@@ -157,13 +157,15 @@
SyncFaultLastIdx
} keymgr_sync_fault_e;
- typedef enum logic [2:0] {
+ typedef enum logic [3:0] {
AsyncFaultKmacCmd,
AsyncFaultKmacFsm,
AsyncFaultRegIntg,
AsyncFaultShadow,
AsyncFaultFsmIntg,
AsyncFaultCntErr,
+ AsyncFaultRCntErr,
+ AsyncFaultSideErr,
AsyncFaultLastIdx
} keymgr_async_fault_e;
@@ -187,6 +189,8 @@
FaultShadow,
FaultCtrlFsm,
FaultCtrlCnt,
+ FaultReseedCnt,
+ FaultSideFsm,
FaultLastPos
} keymgr_fault_pos_e;
diff --git a/hw/ip/keymgr/rtl/keymgr_reg_pkg.sv b/hw/ip/keymgr/rtl/keymgr_reg_pkg.sv
index 67a2976..92b5a79 100644
--- a/hw/ip/keymgr/rtl/keymgr_reg_pkg.sv
+++ b/hw/ip/keymgr/rtl/keymgr_reg_pkg.sv
@@ -133,6 +133,12 @@
struct packed {
logic q;
} ctrl_fsm_cnt;
+ struct packed {
+ logic q;
+ } reseed_cnt;
+ struct packed {
+ logic q;
+ } side_ctrl_fsm;
} keymgr_reg2hw_fault_status_reg_t;
typedef struct packed {
@@ -223,40 +229,48 @@
logic d;
logic de;
} ctrl_fsm_cnt;
+ struct packed {
+ logic d;
+ logic de;
+ } reseed_cnt;
+ struct packed {
+ logic d;
+ logic de;
+ } side_ctrl_fsm;
} keymgr_hw2reg_fault_status_reg_t;
// Register -> HW type
typedef struct packed {
- keymgr_reg2hw_intr_state_reg_t intr_state; // [940:940]
- keymgr_reg2hw_intr_enable_reg_t intr_enable; // [939:939]
- keymgr_reg2hw_intr_test_reg_t intr_test; // [938:937]
- keymgr_reg2hw_alert_test_reg_t alert_test; // [936:933]
- keymgr_reg2hw_control_reg_t control; // [932:925]
- keymgr_reg2hw_sideload_clear_reg_t sideload_clear; // [924:922]
- keymgr_reg2hw_reseed_interval_shadowed_reg_t reseed_interval_shadowed; // [921:906]
- keymgr_reg2hw_sw_binding_regwen_reg_t sw_binding_regwen; // [905:904]
- keymgr_reg2hw_sealing_sw_binding_mreg_t [7:0] sealing_sw_binding; // [903:648]
- keymgr_reg2hw_attest_sw_binding_mreg_t [7:0] attest_sw_binding; // [647:392]
- keymgr_reg2hw_salt_mreg_t [7:0] salt; // [391:136]
- keymgr_reg2hw_key_version_mreg_t [0:0] key_version; // [135:104]
- keymgr_reg2hw_max_creator_key_ver_shadowed_reg_t max_creator_key_ver_shadowed; // [103:72]
- keymgr_reg2hw_max_owner_int_key_ver_shadowed_reg_t max_owner_int_key_ver_shadowed; // [71:40]
- keymgr_reg2hw_max_owner_key_ver_shadowed_reg_t max_owner_key_ver_shadowed; // [39:8]
- keymgr_reg2hw_fault_status_reg_t fault_status; // [7:0]
+ keymgr_reg2hw_intr_state_reg_t intr_state; // [942:942]
+ keymgr_reg2hw_intr_enable_reg_t intr_enable; // [941:941]
+ keymgr_reg2hw_intr_test_reg_t intr_test; // [940:939]
+ keymgr_reg2hw_alert_test_reg_t alert_test; // [938:935]
+ keymgr_reg2hw_control_reg_t control; // [934:927]
+ keymgr_reg2hw_sideload_clear_reg_t sideload_clear; // [926:924]
+ keymgr_reg2hw_reseed_interval_shadowed_reg_t reseed_interval_shadowed; // [923:908]
+ keymgr_reg2hw_sw_binding_regwen_reg_t sw_binding_regwen; // [907:906]
+ keymgr_reg2hw_sealing_sw_binding_mreg_t [7:0] sealing_sw_binding; // [905:650]
+ keymgr_reg2hw_attest_sw_binding_mreg_t [7:0] attest_sw_binding; // [649:394]
+ keymgr_reg2hw_salt_mreg_t [7:0] salt; // [393:138]
+ keymgr_reg2hw_key_version_mreg_t [0:0] key_version; // [137:106]
+ keymgr_reg2hw_max_creator_key_ver_shadowed_reg_t max_creator_key_ver_shadowed; // [105:74]
+ keymgr_reg2hw_max_owner_int_key_ver_shadowed_reg_t max_owner_int_key_ver_shadowed; // [73:42]
+ keymgr_reg2hw_max_owner_key_ver_shadowed_reg_t max_owner_key_ver_shadowed; // [41:10]
+ keymgr_reg2hw_fault_status_reg_t fault_status; // [9:0]
} keymgr_reg2hw_t;
// HW -> register type
typedef struct packed {
- keymgr_hw2reg_intr_state_reg_t intr_state; // [562:561]
- keymgr_hw2reg_cfg_regwen_reg_t cfg_regwen; // [560:560]
- keymgr_hw2reg_control_reg_t control; // [559:558]
- keymgr_hw2reg_sw_binding_regwen_reg_t sw_binding_regwen; // [557:557]
- keymgr_hw2reg_sw_share0_output_mreg_t [7:0] sw_share0_output; // [556:293]
- keymgr_hw2reg_sw_share1_output_mreg_t [7:0] sw_share1_output; // [292:29]
- keymgr_hw2reg_working_state_reg_t working_state; // [28:25]
- keymgr_hw2reg_op_status_reg_t op_status; // [24:22]
- keymgr_hw2reg_err_code_reg_t err_code; // [21:16]
- keymgr_hw2reg_fault_status_reg_t fault_status; // [15:0]
+ keymgr_hw2reg_intr_state_reg_t intr_state; // [566:565]
+ keymgr_hw2reg_cfg_regwen_reg_t cfg_regwen; // [564:564]
+ keymgr_hw2reg_control_reg_t control; // [563:562]
+ keymgr_hw2reg_sw_binding_regwen_reg_t sw_binding_regwen; // [561:561]
+ keymgr_hw2reg_sw_share0_output_mreg_t [7:0] sw_share0_output; // [560:297]
+ keymgr_hw2reg_sw_share1_output_mreg_t [7:0] sw_share1_output; // [296:33]
+ keymgr_hw2reg_working_state_reg_t working_state; // [32:29]
+ keymgr_hw2reg_op_status_reg_t op_status; // [28:26]
+ keymgr_hw2reg_err_code_reg_t err_code; // [25:20]
+ keymgr_hw2reg_fault_status_reg_t fault_status; // [19:0]
} keymgr_hw2reg_t;
// Register offsets
@@ -267,59 +281,60 @@
parameter logic [BlockAw-1:0] KEYMGR_CFG_REGWEN_OFFSET = 8'h 10;
parameter logic [BlockAw-1:0] KEYMGR_CONTROL_OFFSET = 8'h 14;
parameter logic [BlockAw-1:0] KEYMGR_SIDELOAD_CLEAR_OFFSET = 8'h 18;
- parameter logic [BlockAw-1:0] KEYMGR_RESEED_INTERVAL_SHADOWED_OFFSET = 8'h 1c;
- parameter logic [BlockAw-1:0] KEYMGR_SW_BINDING_REGWEN_OFFSET = 8'h 20;
- parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_0_OFFSET = 8'h 24;
- parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_1_OFFSET = 8'h 28;
- parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_2_OFFSET = 8'h 2c;
- parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_3_OFFSET = 8'h 30;
- parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_4_OFFSET = 8'h 34;
- parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_5_OFFSET = 8'h 38;
- parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_6_OFFSET = 8'h 3c;
- parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_7_OFFSET = 8'h 40;
- parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_0_OFFSET = 8'h 44;
- parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_1_OFFSET = 8'h 48;
- parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_2_OFFSET = 8'h 4c;
- parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_3_OFFSET = 8'h 50;
- parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_4_OFFSET = 8'h 54;
- parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_5_OFFSET = 8'h 58;
- parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_6_OFFSET = 8'h 5c;
- parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_7_OFFSET = 8'h 60;
- parameter logic [BlockAw-1:0] KEYMGR_SALT_0_OFFSET = 8'h 64;
- parameter logic [BlockAw-1:0] KEYMGR_SALT_1_OFFSET = 8'h 68;
- parameter logic [BlockAw-1:0] KEYMGR_SALT_2_OFFSET = 8'h 6c;
- parameter logic [BlockAw-1:0] KEYMGR_SALT_3_OFFSET = 8'h 70;
- parameter logic [BlockAw-1:0] KEYMGR_SALT_4_OFFSET = 8'h 74;
- parameter logic [BlockAw-1:0] KEYMGR_SALT_5_OFFSET = 8'h 78;
- parameter logic [BlockAw-1:0] KEYMGR_SALT_6_OFFSET = 8'h 7c;
- parameter logic [BlockAw-1:0] KEYMGR_SALT_7_OFFSET = 8'h 80;
- parameter logic [BlockAw-1:0] KEYMGR_KEY_VERSION_OFFSET = 8'h 84;
- parameter logic [BlockAw-1:0] KEYMGR_MAX_CREATOR_KEY_VER_REGWEN_OFFSET = 8'h 88;
- parameter logic [BlockAw-1:0] KEYMGR_MAX_CREATOR_KEY_VER_SHADOWED_OFFSET = 8'h 8c;
- parameter logic [BlockAw-1:0] KEYMGR_MAX_OWNER_INT_KEY_VER_REGWEN_OFFSET = 8'h 90;
- parameter logic [BlockAw-1:0] KEYMGR_MAX_OWNER_INT_KEY_VER_SHADOWED_OFFSET = 8'h 94;
- parameter logic [BlockAw-1:0] KEYMGR_MAX_OWNER_KEY_VER_REGWEN_OFFSET = 8'h 98;
- parameter logic [BlockAw-1:0] KEYMGR_MAX_OWNER_KEY_VER_SHADOWED_OFFSET = 8'h 9c;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_0_OFFSET = 8'h a0;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_1_OFFSET = 8'h a4;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_2_OFFSET = 8'h a8;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_3_OFFSET = 8'h ac;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_4_OFFSET = 8'h b0;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_5_OFFSET = 8'h b4;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_6_OFFSET = 8'h b8;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_7_OFFSET = 8'h bc;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_0_OFFSET = 8'h c0;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_1_OFFSET = 8'h c4;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_2_OFFSET = 8'h c8;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_3_OFFSET = 8'h cc;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_4_OFFSET = 8'h d0;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_5_OFFSET = 8'h d4;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_6_OFFSET = 8'h d8;
- parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_7_OFFSET = 8'h dc;
- parameter logic [BlockAw-1:0] KEYMGR_WORKING_STATE_OFFSET = 8'h e0;
- parameter logic [BlockAw-1:0] KEYMGR_OP_STATUS_OFFSET = 8'h e4;
- parameter logic [BlockAw-1:0] KEYMGR_ERR_CODE_OFFSET = 8'h e8;
- parameter logic [BlockAw-1:0] KEYMGR_FAULT_STATUS_OFFSET = 8'h ec;
+ parameter logic [BlockAw-1:0] KEYMGR_RESEED_INTERVAL_REGWEN_OFFSET = 8'h 1c;
+ parameter logic [BlockAw-1:0] KEYMGR_RESEED_INTERVAL_SHADOWED_OFFSET = 8'h 20;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_BINDING_REGWEN_OFFSET = 8'h 24;
+ parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_0_OFFSET = 8'h 28;
+ parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_1_OFFSET = 8'h 2c;
+ parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_2_OFFSET = 8'h 30;
+ parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_3_OFFSET = 8'h 34;
+ parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_4_OFFSET = 8'h 38;
+ parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_5_OFFSET = 8'h 3c;
+ parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_6_OFFSET = 8'h 40;
+ parameter logic [BlockAw-1:0] KEYMGR_SEALING_SW_BINDING_7_OFFSET = 8'h 44;
+ parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_0_OFFSET = 8'h 48;
+ parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_1_OFFSET = 8'h 4c;
+ parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_2_OFFSET = 8'h 50;
+ parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_3_OFFSET = 8'h 54;
+ parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_4_OFFSET = 8'h 58;
+ parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_5_OFFSET = 8'h 5c;
+ parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_6_OFFSET = 8'h 60;
+ parameter logic [BlockAw-1:0] KEYMGR_ATTEST_SW_BINDING_7_OFFSET = 8'h 64;
+ parameter logic [BlockAw-1:0] KEYMGR_SALT_0_OFFSET = 8'h 68;
+ parameter logic [BlockAw-1:0] KEYMGR_SALT_1_OFFSET = 8'h 6c;
+ parameter logic [BlockAw-1:0] KEYMGR_SALT_2_OFFSET = 8'h 70;
+ parameter logic [BlockAw-1:0] KEYMGR_SALT_3_OFFSET = 8'h 74;
+ parameter logic [BlockAw-1:0] KEYMGR_SALT_4_OFFSET = 8'h 78;
+ parameter logic [BlockAw-1:0] KEYMGR_SALT_5_OFFSET = 8'h 7c;
+ parameter logic [BlockAw-1:0] KEYMGR_SALT_6_OFFSET = 8'h 80;
+ parameter logic [BlockAw-1:0] KEYMGR_SALT_7_OFFSET = 8'h 84;
+ parameter logic [BlockAw-1:0] KEYMGR_KEY_VERSION_OFFSET = 8'h 88;
+ parameter logic [BlockAw-1:0] KEYMGR_MAX_CREATOR_KEY_VER_REGWEN_OFFSET = 8'h 8c;
+ parameter logic [BlockAw-1:0] KEYMGR_MAX_CREATOR_KEY_VER_SHADOWED_OFFSET = 8'h 90;
+ parameter logic [BlockAw-1:0] KEYMGR_MAX_OWNER_INT_KEY_VER_REGWEN_OFFSET = 8'h 94;
+ parameter logic [BlockAw-1:0] KEYMGR_MAX_OWNER_INT_KEY_VER_SHADOWED_OFFSET = 8'h 98;
+ parameter logic [BlockAw-1:0] KEYMGR_MAX_OWNER_KEY_VER_REGWEN_OFFSET = 8'h 9c;
+ parameter logic [BlockAw-1:0] KEYMGR_MAX_OWNER_KEY_VER_SHADOWED_OFFSET = 8'h a0;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_0_OFFSET = 8'h a4;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_1_OFFSET = 8'h a8;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_2_OFFSET = 8'h ac;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_3_OFFSET = 8'h b0;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_4_OFFSET = 8'h b4;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_5_OFFSET = 8'h b8;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_6_OFFSET = 8'h bc;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE0_OUTPUT_7_OFFSET = 8'h c0;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_0_OFFSET = 8'h c4;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_1_OFFSET = 8'h c8;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_2_OFFSET = 8'h cc;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_3_OFFSET = 8'h d0;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_4_OFFSET = 8'h d4;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_5_OFFSET = 8'h d8;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_6_OFFSET = 8'h dc;
+ parameter logic [BlockAw-1:0] KEYMGR_SW_SHARE1_OUTPUT_7_OFFSET = 8'h e0;
+ parameter logic [BlockAw-1:0] KEYMGR_WORKING_STATE_OFFSET = 8'h e4;
+ parameter logic [BlockAw-1:0] KEYMGR_OP_STATUS_OFFSET = 8'h e8;
+ parameter logic [BlockAw-1:0] KEYMGR_ERR_CODE_OFFSET = 8'h ec;
+ parameter logic [BlockAw-1:0] KEYMGR_FAULT_STATUS_OFFSET = 8'h f0;
// Reset values for hwext registers and their fields
parameter logic [0:0] KEYMGR_INTR_TEST_RESVAL = 1'h 0;
@@ -341,6 +356,7 @@
KEYMGR_CFG_REGWEN,
KEYMGR_CONTROL,
KEYMGR_SIDELOAD_CLEAR,
+ KEYMGR_RESEED_INTERVAL_REGWEN,
KEYMGR_RESEED_INTERVAL_SHADOWED,
KEYMGR_SW_BINDING_REGWEN,
KEYMGR_SEALING_SW_BINDING_0,
@@ -397,7 +413,7 @@
} keymgr_id_e;
// Register width information to check illegal writes
- parameter logic [3:0] KEYMGR_PERMIT [60] = '{
+ parameter logic [3:0] KEYMGR_PERMIT [61] = '{
4'b 0001, // index[ 0] KEYMGR_INTR_STATE
4'b 0001, // index[ 1] KEYMGR_INTR_ENABLE
4'b 0001, // index[ 2] KEYMGR_INTR_TEST
@@ -405,59 +421,60 @@
4'b 0001, // index[ 4] KEYMGR_CFG_REGWEN
4'b 0011, // index[ 5] KEYMGR_CONTROL
4'b 0001, // index[ 6] KEYMGR_SIDELOAD_CLEAR
- 4'b 0011, // index[ 7] KEYMGR_RESEED_INTERVAL_SHADOWED
- 4'b 0001, // index[ 8] KEYMGR_SW_BINDING_REGWEN
- 4'b 1111, // index[ 9] KEYMGR_SEALING_SW_BINDING_0
- 4'b 1111, // index[10] KEYMGR_SEALING_SW_BINDING_1
- 4'b 1111, // index[11] KEYMGR_SEALING_SW_BINDING_2
- 4'b 1111, // index[12] KEYMGR_SEALING_SW_BINDING_3
- 4'b 1111, // index[13] KEYMGR_SEALING_SW_BINDING_4
- 4'b 1111, // index[14] KEYMGR_SEALING_SW_BINDING_5
- 4'b 1111, // index[15] KEYMGR_SEALING_SW_BINDING_6
- 4'b 1111, // index[16] KEYMGR_SEALING_SW_BINDING_7
- 4'b 1111, // index[17] KEYMGR_ATTEST_SW_BINDING_0
- 4'b 1111, // index[18] KEYMGR_ATTEST_SW_BINDING_1
- 4'b 1111, // index[19] KEYMGR_ATTEST_SW_BINDING_2
- 4'b 1111, // index[20] KEYMGR_ATTEST_SW_BINDING_3
- 4'b 1111, // index[21] KEYMGR_ATTEST_SW_BINDING_4
- 4'b 1111, // index[22] KEYMGR_ATTEST_SW_BINDING_5
- 4'b 1111, // index[23] KEYMGR_ATTEST_SW_BINDING_6
- 4'b 1111, // index[24] KEYMGR_ATTEST_SW_BINDING_7
- 4'b 1111, // index[25] KEYMGR_SALT_0
- 4'b 1111, // index[26] KEYMGR_SALT_1
- 4'b 1111, // index[27] KEYMGR_SALT_2
- 4'b 1111, // index[28] KEYMGR_SALT_3
- 4'b 1111, // index[29] KEYMGR_SALT_4
- 4'b 1111, // index[30] KEYMGR_SALT_5
- 4'b 1111, // index[31] KEYMGR_SALT_6
- 4'b 1111, // index[32] KEYMGR_SALT_7
- 4'b 1111, // index[33] KEYMGR_KEY_VERSION
- 4'b 0001, // index[34] KEYMGR_MAX_CREATOR_KEY_VER_REGWEN
- 4'b 1111, // index[35] KEYMGR_MAX_CREATOR_KEY_VER_SHADOWED
- 4'b 0001, // index[36] KEYMGR_MAX_OWNER_INT_KEY_VER_REGWEN
- 4'b 1111, // index[37] KEYMGR_MAX_OWNER_INT_KEY_VER_SHADOWED
- 4'b 0001, // index[38] KEYMGR_MAX_OWNER_KEY_VER_REGWEN
- 4'b 1111, // index[39] KEYMGR_MAX_OWNER_KEY_VER_SHADOWED
- 4'b 1111, // index[40] KEYMGR_SW_SHARE0_OUTPUT_0
- 4'b 1111, // index[41] KEYMGR_SW_SHARE0_OUTPUT_1
- 4'b 1111, // index[42] KEYMGR_SW_SHARE0_OUTPUT_2
- 4'b 1111, // index[43] KEYMGR_SW_SHARE0_OUTPUT_3
- 4'b 1111, // index[44] KEYMGR_SW_SHARE0_OUTPUT_4
- 4'b 1111, // index[45] KEYMGR_SW_SHARE0_OUTPUT_5
- 4'b 1111, // index[46] KEYMGR_SW_SHARE0_OUTPUT_6
- 4'b 1111, // index[47] KEYMGR_SW_SHARE0_OUTPUT_7
- 4'b 1111, // index[48] KEYMGR_SW_SHARE1_OUTPUT_0
- 4'b 1111, // index[49] KEYMGR_SW_SHARE1_OUTPUT_1
- 4'b 1111, // index[50] KEYMGR_SW_SHARE1_OUTPUT_2
- 4'b 1111, // index[51] KEYMGR_SW_SHARE1_OUTPUT_3
- 4'b 1111, // index[52] KEYMGR_SW_SHARE1_OUTPUT_4
- 4'b 1111, // index[53] KEYMGR_SW_SHARE1_OUTPUT_5
- 4'b 1111, // index[54] KEYMGR_SW_SHARE1_OUTPUT_6
- 4'b 1111, // index[55] KEYMGR_SW_SHARE1_OUTPUT_7
- 4'b 0001, // index[56] KEYMGR_WORKING_STATE
- 4'b 0001, // index[57] KEYMGR_OP_STATUS
- 4'b 0001, // index[58] KEYMGR_ERR_CODE
- 4'b 0001 // index[59] KEYMGR_FAULT_STATUS
+ 4'b 0001, // index[ 7] KEYMGR_RESEED_INTERVAL_REGWEN
+ 4'b 0011, // index[ 8] KEYMGR_RESEED_INTERVAL_SHADOWED
+ 4'b 0001, // index[ 9] KEYMGR_SW_BINDING_REGWEN
+ 4'b 1111, // index[10] KEYMGR_SEALING_SW_BINDING_0
+ 4'b 1111, // index[11] KEYMGR_SEALING_SW_BINDING_1
+ 4'b 1111, // index[12] KEYMGR_SEALING_SW_BINDING_2
+ 4'b 1111, // index[13] KEYMGR_SEALING_SW_BINDING_3
+ 4'b 1111, // index[14] KEYMGR_SEALING_SW_BINDING_4
+ 4'b 1111, // index[15] KEYMGR_SEALING_SW_BINDING_5
+ 4'b 1111, // index[16] KEYMGR_SEALING_SW_BINDING_6
+ 4'b 1111, // index[17] KEYMGR_SEALING_SW_BINDING_7
+ 4'b 1111, // index[18] KEYMGR_ATTEST_SW_BINDING_0
+ 4'b 1111, // index[19] KEYMGR_ATTEST_SW_BINDING_1
+ 4'b 1111, // index[20] KEYMGR_ATTEST_SW_BINDING_2
+ 4'b 1111, // index[21] KEYMGR_ATTEST_SW_BINDING_3
+ 4'b 1111, // index[22] KEYMGR_ATTEST_SW_BINDING_4
+ 4'b 1111, // index[23] KEYMGR_ATTEST_SW_BINDING_5
+ 4'b 1111, // index[24] KEYMGR_ATTEST_SW_BINDING_6
+ 4'b 1111, // index[25] KEYMGR_ATTEST_SW_BINDING_7
+ 4'b 1111, // index[26] KEYMGR_SALT_0
+ 4'b 1111, // index[27] KEYMGR_SALT_1
+ 4'b 1111, // index[28] KEYMGR_SALT_2
+ 4'b 1111, // index[29] KEYMGR_SALT_3
+ 4'b 1111, // index[30] KEYMGR_SALT_4
+ 4'b 1111, // index[31] KEYMGR_SALT_5
+ 4'b 1111, // index[32] KEYMGR_SALT_6
+ 4'b 1111, // index[33] KEYMGR_SALT_7
+ 4'b 1111, // index[34] KEYMGR_KEY_VERSION
+ 4'b 0001, // index[35] KEYMGR_MAX_CREATOR_KEY_VER_REGWEN
+ 4'b 1111, // index[36] KEYMGR_MAX_CREATOR_KEY_VER_SHADOWED
+ 4'b 0001, // index[37] KEYMGR_MAX_OWNER_INT_KEY_VER_REGWEN
+ 4'b 1111, // index[38] KEYMGR_MAX_OWNER_INT_KEY_VER_SHADOWED
+ 4'b 0001, // index[39] KEYMGR_MAX_OWNER_KEY_VER_REGWEN
+ 4'b 1111, // index[40] KEYMGR_MAX_OWNER_KEY_VER_SHADOWED
+ 4'b 1111, // index[41] KEYMGR_SW_SHARE0_OUTPUT_0
+ 4'b 1111, // index[42] KEYMGR_SW_SHARE0_OUTPUT_1
+ 4'b 1111, // index[43] KEYMGR_SW_SHARE0_OUTPUT_2
+ 4'b 1111, // index[44] KEYMGR_SW_SHARE0_OUTPUT_3
+ 4'b 1111, // index[45] KEYMGR_SW_SHARE0_OUTPUT_4
+ 4'b 1111, // index[46] KEYMGR_SW_SHARE0_OUTPUT_5
+ 4'b 1111, // index[47] KEYMGR_SW_SHARE0_OUTPUT_6
+ 4'b 1111, // index[48] KEYMGR_SW_SHARE0_OUTPUT_7
+ 4'b 1111, // index[49] KEYMGR_SW_SHARE1_OUTPUT_0
+ 4'b 1111, // index[50] KEYMGR_SW_SHARE1_OUTPUT_1
+ 4'b 1111, // index[51] KEYMGR_SW_SHARE1_OUTPUT_2
+ 4'b 1111, // index[52] KEYMGR_SW_SHARE1_OUTPUT_3
+ 4'b 1111, // index[53] KEYMGR_SW_SHARE1_OUTPUT_4
+ 4'b 1111, // index[54] KEYMGR_SW_SHARE1_OUTPUT_5
+ 4'b 1111, // index[55] KEYMGR_SW_SHARE1_OUTPUT_6
+ 4'b 1111, // index[56] KEYMGR_SW_SHARE1_OUTPUT_7
+ 4'b 0001, // index[57] KEYMGR_WORKING_STATE
+ 4'b 0001, // index[58] KEYMGR_OP_STATUS
+ 4'b 0001, // index[59] KEYMGR_ERR_CODE
+ 4'b 0011 // index[60] KEYMGR_FAULT_STATUS
};
endpackage
diff --git a/hw/ip/keymgr/rtl/keymgr_reg_top.sv b/hw/ip/keymgr/rtl/keymgr_reg_top.sv
index 9bf6d5c..cb498e1 100644
--- a/hw/ip/keymgr/rtl/keymgr_reg_top.sv
+++ b/hw/ip/keymgr/rtl/keymgr_reg_top.sv
@@ -134,6 +134,9 @@
logic sideload_clear_we;
logic [2:0] sideload_clear_qs;
logic [2:0] sideload_clear_wd;
+ logic reseed_interval_regwen_we;
+ logic reseed_interval_regwen_qs;
+ logic reseed_interval_regwen_wd;
logic reseed_interval_shadowed_re;
logic reseed_interval_shadowed_we;
logic [15:0] reseed_interval_shadowed_qs;
@@ -305,6 +308,8 @@
logic fault_status_shadow_qs;
logic fault_status_ctrl_fsm_intg_qs;
logic fault_status_ctrl_fsm_cnt_qs;
+ logic fault_status_reseed_cnt_qs;
+ logic fault_status_side_ctrl_fsm_qs;
// Register instances
// R[intr_state]: V(False)
@@ -531,7 +536,7 @@
.rst_ni (rst_ni),
// from register interface
- .we (sideload_clear_we),
+ .we (sideload_clear_we & cfg_regwen_qs),
.wd (sideload_clear_wd),
// from internal hardware
@@ -547,6 +552,32 @@
);
+ // R[reseed_interval_regwen]: V(False)
+ prim_subreg #(
+ .DW (1),
+ .SwAccess(prim_subreg_pkg::SwAccessW0C),
+ .RESVAL (1'h1)
+ ) u_reseed_interval_regwen (
+ .clk_i (clk_i),
+ .rst_ni (rst_ni),
+
+ // from register interface
+ .we (reseed_interval_regwen_we),
+ .wd (reseed_interval_regwen_wd),
+
+ // from internal hardware
+ .de (1'b0),
+ .d ('0),
+
+ // to internal hardware
+ .qe (),
+ .q (),
+
+ // to register interface (read)
+ .qs (reseed_interval_regwen_qs)
+ );
+
+
// R[reseed_interval_shadowed]: V(False)
prim_subreg_shadow #(
.DW (16),
@@ -559,7 +590,7 @@
// from register interface
.re (reseed_interval_shadowed_re),
- .we (reseed_interval_shadowed_we),
+ .we (reseed_interval_shadowed_we & reseed_interval_regwen_qs),
.wd (reseed_interval_shadowed_wd),
// from internal hardware
@@ -2205,9 +2236,59 @@
.qs (fault_status_ctrl_fsm_cnt_qs)
);
+ // F[reseed_cnt]: 8:8
+ prim_subreg #(
+ .DW (1),
+ .SwAccess(prim_subreg_pkg::SwAccessRO),
+ .RESVAL (1'h0)
+ ) u_fault_status_reseed_cnt (
+ .clk_i (clk_i),
+ .rst_ni (rst_ni),
+
+ // from register interface
+ .we (1'b0),
+ .wd ('0),
+
+ // from internal hardware
+ .de (hw2reg.fault_status.reseed_cnt.de),
+ .d (hw2reg.fault_status.reseed_cnt.d),
+
+ // to internal hardware
+ .qe (),
+ .q (reg2hw.fault_status.reseed_cnt.q),
+
+ // to register interface (read)
+ .qs (fault_status_reseed_cnt_qs)
+ );
+
+ // F[side_ctrl_fsm]: 9:9
+ prim_subreg #(
+ .DW (1),
+ .SwAccess(prim_subreg_pkg::SwAccessRO),
+ .RESVAL (1'h0)
+ ) u_fault_status_side_ctrl_fsm (
+ .clk_i (clk_i),
+ .rst_ni (rst_ni),
+
+ // from register interface
+ .we (1'b0),
+ .wd ('0),
+
+ // from internal hardware
+ .de (hw2reg.fault_status.side_ctrl_fsm.de),
+ .d (hw2reg.fault_status.side_ctrl_fsm.d),
+
+ // to internal hardware
+ .qe (),
+ .q (reg2hw.fault_status.side_ctrl_fsm.q),
+
+ // to register interface (read)
+ .qs (fault_status_side_ctrl_fsm_qs)
+ );
- logic [59:0] addr_hit;
+
+ logic [60:0] addr_hit;
always_comb begin
addr_hit = '0;
addr_hit[ 0] = (reg_addr == KEYMGR_INTR_STATE_OFFSET);
@@ -2217,59 +2298,60 @@
addr_hit[ 4] = (reg_addr == KEYMGR_CFG_REGWEN_OFFSET);
addr_hit[ 5] = (reg_addr == KEYMGR_CONTROL_OFFSET);
addr_hit[ 6] = (reg_addr == KEYMGR_SIDELOAD_CLEAR_OFFSET);
- addr_hit[ 7] = (reg_addr == KEYMGR_RESEED_INTERVAL_SHADOWED_OFFSET);
- addr_hit[ 8] = (reg_addr == KEYMGR_SW_BINDING_REGWEN_OFFSET);
- addr_hit[ 9] = (reg_addr == KEYMGR_SEALING_SW_BINDING_0_OFFSET);
- addr_hit[10] = (reg_addr == KEYMGR_SEALING_SW_BINDING_1_OFFSET);
- addr_hit[11] = (reg_addr == KEYMGR_SEALING_SW_BINDING_2_OFFSET);
- addr_hit[12] = (reg_addr == KEYMGR_SEALING_SW_BINDING_3_OFFSET);
- addr_hit[13] = (reg_addr == KEYMGR_SEALING_SW_BINDING_4_OFFSET);
- addr_hit[14] = (reg_addr == KEYMGR_SEALING_SW_BINDING_5_OFFSET);
- addr_hit[15] = (reg_addr == KEYMGR_SEALING_SW_BINDING_6_OFFSET);
- addr_hit[16] = (reg_addr == KEYMGR_SEALING_SW_BINDING_7_OFFSET);
- addr_hit[17] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_0_OFFSET);
- addr_hit[18] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_1_OFFSET);
- addr_hit[19] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_2_OFFSET);
- addr_hit[20] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_3_OFFSET);
- addr_hit[21] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_4_OFFSET);
- addr_hit[22] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_5_OFFSET);
- addr_hit[23] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_6_OFFSET);
- addr_hit[24] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_7_OFFSET);
- addr_hit[25] = (reg_addr == KEYMGR_SALT_0_OFFSET);
- addr_hit[26] = (reg_addr == KEYMGR_SALT_1_OFFSET);
- addr_hit[27] = (reg_addr == KEYMGR_SALT_2_OFFSET);
- addr_hit[28] = (reg_addr == KEYMGR_SALT_3_OFFSET);
- addr_hit[29] = (reg_addr == KEYMGR_SALT_4_OFFSET);
- addr_hit[30] = (reg_addr == KEYMGR_SALT_5_OFFSET);
- addr_hit[31] = (reg_addr == KEYMGR_SALT_6_OFFSET);
- addr_hit[32] = (reg_addr == KEYMGR_SALT_7_OFFSET);
- addr_hit[33] = (reg_addr == KEYMGR_KEY_VERSION_OFFSET);
- addr_hit[34] = (reg_addr == KEYMGR_MAX_CREATOR_KEY_VER_REGWEN_OFFSET);
- addr_hit[35] = (reg_addr == KEYMGR_MAX_CREATOR_KEY_VER_SHADOWED_OFFSET);
- addr_hit[36] = (reg_addr == KEYMGR_MAX_OWNER_INT_KEY_VER_REGWEN_OFFSET);
- addr_hit[37] = (reg_addr == KEYMGR_MAX_OWNER_INT_KEY_VER_SHADOWED_OFFSET);
- addr_hit[38] = (reg_addr == KEYMGR_MAX_OWNER_KEY_VER_REGWEN_OFFSET);
- addr_hit[39] = (reg_addr == KEYMGR_MAX_OWNER_KEY_VER_SHADOWED_OFFSET);
- addr_hit[40] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_0_OFFSET);
- addr_hit[41] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_1_OFFSET);
- addr_hit[42] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_2_OFFSET);
- addr_hit[43] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_3_OFFSET);
- addr_hit[44] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_4_OFFSET);
- addr_hit[45] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_5_OFFSET);
- addr_hit[46] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_6_OFFSET);
- addr_hit[47] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_7_OFFSET);
- addr_hit[48] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_0_OFFSET);
- addr_hit[49] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_1_OFFSET);
- addr_hit[50] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_2_OFFSET);
- addr_hit[51] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_3_OFFSET);
- addr_hit[52] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_4_OFFSET);
- addr_hit[53] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_5_OFFSET);
- addr_hit[54] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_6_OFFSET);
- addr_hit[55] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_7_OFFSET);
- addr_hit[56] = (reg_addr == KEYMGR_WORKING_STATE_OFFSET);
- addr_hit[57] = (reg_addr == KEYMGR_OP_STATUS_OFFSET);
- addr_hit[58] = (reg_addr == KEYMGR_ERR_CODE_OFFSET);
- addr_hit[59] = (reg_addr == KEYMGR_FAULT_STATUS_OFFSET);
+ addr_hit[ 7] = (reg_addr == KEYMGR_RESEED_INTERVAL_REGWEN_OFFSET);
+ addr_hit[ 8] = (reg_addr == KEYMGR_RESEED_INTERVAL_SHADOWED_OFFSET);
+ addr_hit[ 9] = (reg_addr == KEYMGR_SW_BINDING_REGWEN_OFFSET);
+ addr_hit[10] = (reg_addr == KEYMGR_SEALING_SW_BINDING_0_OFFSET);
+ addr_hit[11] = (reg_addr == KEYMGR_SEALING_SW_BINDING_1_OFFSET);
+ addr_hit[12] = (reg_addr == KEYMGR_SEALING_SW_BINDING_2_OFFSET);
+ addr_hit[13] = (reg_addr == KEYMGR_SEALING_SW_BINDING_3_OFFSET);
+ addr_hit[14] = (reg_addr == KEYMGR_SEALING_SW_BINDING_4_OFFSET);
+ addr_hit[15] = (reg_addr == KEYMGR_SEALING_SW_BINDING_5_OFFSET);
+ addr_hit[16] = (reg_addr == KEYMGR_SEALING_SW_BINDING_6_OFFSET);
+ addr_hit[17] = (reg_addr == KEYMGR_SEALING_SW_BINDING_7_OFFSET);
+ addr_hit[18] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_0_OFFSET);
+ addr_hit[19] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_1_OFFSET);
+ addr_hit[20] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_2_OFFSET);
+ addr_hit[21] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_3_OFFSET);
+ addr_hit[22] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_4_OFFSET);
+ addr_hit[23] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_5_OFFSET);
+ addr_hit[24] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_6_OFFSET);
+ addr_hit[25] = (reg_addr == KEYMGR_ATTEST_SW_BINDING_7_OFFSET);
+ addr_hit[26] = (reg_addr == KEYMGR_SALT_0_OFFSET);
+ addr_hit[27] = (reg_addr == KEYMGR_SALT_1_OFFSET);
+ addr_hit[28] = (reg_addr == KEYMGR_SALT_2_OFFSET);
+ addr_hit[29] = (reg_addr == KEYMGR_SALT_3_OFFSET);
+ addr_hit[30] = (reg_addr == KEYMGR_SALT_4_OFFSET);
+ addr_hit[31] = (reg_addr == KEYMGR_SALT_5_OFFSET);
+ addr_hit[32] = (reg_addr == KEYMGR_SALT_6_OFFSET);
+ addr_hit[33] = (reg_addr == KEYMGR_SALT_7_OFFSET);
+ addr_hit[34] = (reg_addr == KEYMGR_KEY_VERSION_OFFSET);
+ addr_hit[35] = (reg_addr == KEYMGR_MAX_CREATOR_KEY_VER_REGWEN_OFFSET);
+ addr_hit[36] = (reg_addr == KEYMGR_MAX_CREATOR_KEY_VER_SHADOWED_OFFSET);
+ addr_hit[37] = (reg_addr == KEYMGR_MAX_OWNER_INT_KEY_VER_REGWEN_OFFSET);
+ addr_hit[38] = (reg_addr == KEYMGR_MAX_OWNER_INT_KEY_VER_SHADOWED_OFFSET);
+ addr_hit[39] = (reg_addr == KEYMGR_MAX_OWNER_KEY_VER_REGWEN_OFFSET);
+ addr_hit[40] = (reg_addr == KEYMGR_MAX_OWNER_KEY_VER_SHADOWED_OFFSET);
+ addr_hit[41] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_0_OFFSET);
+ addr_hit[42] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_1_OFFSET);
+ addr_hit[43] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_2_OFFSET);
+ addr_hit[44] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_3_OFFSET);
+ addr_hit[45] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_4_OFFSET);
+ addr_hit[46] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_5_OFFSET);
+ addr_hit[47] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_6_OFFSET);
+ addr_hit[48] = (reg_addr == KEYMGR_SW_SHARE0_OUTPUT_7_OFFSET);
+ addr_hit[49] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_0_OFFSET);
+ addr_hit[50] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_1_OFFSET);
+ addr_hit[51] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_2_OFFSET);
+ addr_hit[52] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_3_OFFSET);
+ addr_hit[53] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_4_OFFSET);
+ addr_hit[54] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_5_OFFSET);
+ addr_hit[55] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_6_OFFSET);
+ addr_hit[56] = (reg_addr == KEYMGR_SW_SHARE1_OUTPUT_7_OFFSET);
+ addr_hit[57] = (reg_addr == KEYMGR_WORKING_STATE_OFFSET);
+ addr_hit[58] = (reg_addr == KEYMGR_OP_STATUS_OFFSET);
+ addr_hit[59] = (reg_addr == KEYMGR_ERR_CODE_OFFSET);
+ addr_hit[60] = (reg_addr == KEYMGR_FAULT_STATUS_OFFSET);
end
assign addrmiss = (reg_re || reg_we) ? ~|addr_hit : 1'b0 ;
@@ -2336,7 +2418,8 @@
(addr_hit[56] & (|(KEYMGR_PERMIT[56] & ~reg_be))) |
(addr_hit[57] & (|(KEYMGR_PERMIT[57] & ~reg_be))) |
(addr_hit[58] & (|(KEYMGR_PERMIT[58] & ~reg_be))) |
- (addr_hit[59] & (|(KEYMGR_PERMIT[59] & ~reg_be)))));
+ (addr_hit[59] & (|(KEYMGR_PERMIT[59] & ~reg_be))) |
+ (addr_hit[60] & (|(KEYMGR_PERMIT[60] & ~reg_be)))));
end
assign intr_state_we = addr_hit[0] & reg_we & !reg_error;
@@ -2365,162 +2448,165 @@
assign sideload_clear_we = addr_hit[6] & reg_we & !reg_error;
assign sideload_clear_wd = reg_wdata[2:0];
- assign reseed_interval_shadowed_re = addr_hit[7] & reg_re & !reg_error;
- assign reseed_interval_shadowed_we = addr_hit[7] & reg_we & !reg_error;
+ assign reseed_interval_regwen_we = addr_hit[7] & reg_we & !reg_error;
+
+ assign reseed_interval_regwen_wd = reg_wdata[0];
+ assign reseed_interval_shadowed_re = addr_hit[8] & reg_re & !reg_error;
+ assign reseed_interval_shadowed_we = addr_hit[8] & reg_we & !reg_error;
assign reseed_interval_shadowed_wd = reg_wdata[15:0];
- assign sw_binding_regwen_re = addr_hit[8] & reg_re & !reg_error;
- assign sw_binding_regwen_we = addr_hit[8] & reg_we & !reg_error;
+ assign sw_binding_regwen_re = addr_hit[9] & reg_re & !reg_error;
+ assign sw_binding_regwen_we = addr_hit[9] & reg_we & !reg_error;
assign sw_binding_regwen_wd = reg_wdata[0];
- assign sealing_sw_binding_0_we = addr_hit[9] & reg_we & !reg_error;
+ assign sealing_sw_binding_0_we = addr_hit[10] & reg_we & !reg_error;
assign sealing_sw_binding_0_wd = reg_wdata[31:0];
- assign sealing_sw_binding_1_we = addr_hit[10] & reg_we & !reg_error;
+ assign sealing_sw_binding_1_we = addr_hit[11] & reg_we & !reg_error;
assign sealing_sw_binding_1_wd = reg_wdata[31:0];
- assign sealing_sw_binding_2_we = addr_hit[11] & reg_we & !reg_error;
+ assign sealing_sw_binding_2_we = addr_hit[12] & reg_we & !reg_error;
assign sealing_sw_binding_2_wd = reg_wdata[31:0];
- assign sealing_sw_binding_3_we = addr_hit[12] & reg_we & !reg_error;
+ assign sealing_sw_binding_3_we = addr_hit[13] & reg_we & !reg_error;
assign sealing_sw_binding_3_wd = reg_wdata[31:0];
- assign sealing_sw_binding_4_we = addr_hit[13] & reg_we & !reg_error;
+ assign sealing_sw_binding_4_we = addr_hit[14] & reg_we & !reg_error;
assign sealing_sw_binding_4_wd = reg_wdata[31:0];
- assign sealing_sw_binding_5_we = addr_hit[14] & reg_we & !reg_error;
+ assign sealing_sw_binding_5_we = addr_hit[15] & reg_we & !reg_error;
assign sealing_sw_binding_5_wd = reg_wdata[31:0];
- assign sealing_sw_binding_6_we = addr_hit[15] & reg_we & !reg_error;
+ assign sealing_sw_binding_6_we = addr_hit[16] & reg_we & !reg_error;
assign sealing_sw_binding_6_wd = reg_wdata[31:0];
- assign sealing_sw_binding_7_we = addr_hit[16] & reg_we & !reg_error;
+ assign sealing_sw_binding_7_we = addr_hit[17] & reg_we & !reg_error;
assign sealing_sw_binding_7_wd = reg_wdata[31:0];
- assign attest_sw_binding_0_we = addr_hit[17] & reg_we & !reg_error;
+ assign attest_sw_binding_0_we = addr_hit[18] & reg_we & !reg_error;
assign attest_sw_binding_0_wd = reg_wdata[31:0];
- assign attest_sw_binding_1_we = addr_hit[18] & reg_we & !reg_error;
+ assign attest_sw_binding_1_we = addr_hit[19] & reg_we & !reg_error;
assign attest_sw_binding_1_wd = reg_wdata[31:0];
- assign attest_sw_binding_2_we = addr_hit[19] & reg_we & !reg_error;
+ assign attest_sw_binding_2_we = addr_hit[20] & reg_we & !reg_error;
assign attest_sw_binding_2_wd = reg_wdata[31:0];
- assign attest_sw_binding_3_we = addr_hit[20] & reg_we & !reg_error;
+ assign attest_sw_binding_3_we = addr_hit[21] & reg_we & !reg_error;
assign attest_sw_binding_3_wd = reg_wdata[31:0];
- assign attest_sw_binding_4_we = addr_hit[21] & reg_we & !reg_error;
+ assign attest_sw_binding_4_we = addr_hit[22] & reg_we & !reg_error;
assign attest_sw_binding_4_wd = reg_wdata[31:0];
- assign attest_sw_binding_5_we = addr_hit[22] & reg_we & !reg_error;
+ assign attest_sw_binding_5_we = addr_hit[23] & reg_we & !reg_error;
assign attest_sw_binding_5_wd = reg_wdata[31:0];
- assign attest_sw_binding_6_we = addr_hit[23] & reg_we & !reg_error;
+ assign attest_sw_binding_6_we = addr_hit[24] & reg_we & !reg_error;
assign attest_sw_binding_6_wd = reg_wdata[31:0];
- assign attest_sw_binding_7_we = addr_hit[24] & reg_we & !reg_error;
+ assign attest_sw_binding_7_we = addr_hit[25] & reg_we & !reg_error;
assign attest_sw_binding_7_wd = reg_wdata[31:0];
- assign salt_0_we = addr_hit[25] & reg_we & !reg_error;
+ assign salt_0_we = addr_hit[26] & reg_we & !reg_error;
assign salt_0_wd = reg_wdata[31:0];
- assign salt_1_we = addr_hit[26] & reg_we & !reg_error;
+ assign salt_1_we = addr_hit[27] & reg_we & !reg_error;
assign salt_1_wd = reg_wdata[31:0];
- assign salt_2_we = addr_hit[27] & reg_we & !reg_error;
+ assign salt_2_we = addr_hit[28] & reg_we & !reg_error;
assign salt_2_wd = reg_wdata[31:0];
- assign salt_3_we = addr_hit[28] & reg_we & !reg_error;
+ assign salt_3_we = addr_hit[29] & reg_we & !reg_error;
assign salt_3_wd = reg_wdata[31:0];
- assign salt_4_we = addr_hit[29] & reg_we & !reg_error;
+ assign salt_4_we = addr_hit[30] & reg_we & !reg_error;
assign salt_4_wd = reg_wdata[31:0];
- assign salt_5_we = addr_hit[30] & reg_we & !reg_error;
+ assign salt_5_we = addr_hit[31] & reg_we & !reg_error;
assign salt_5_wd = reg_wdata[31:0];
- assign salt_6_we = addr_hit[31] & reg_we & !reg_error;
+ assign salt_6_we = addr_hit[32] & reg_we & !reg_error;
assign salt_6_wd = reg_wdata[31:0];
- assign salt_7_we = addr_hit[32] & reg_we & !reg_error;
+ assign salt_7_we = addr_hit[33] & reg_we & !reg_error;
assign salt_7_wd = reg_wdata[31:0];
- assign key_version_we = addr_hit[33] & reg_we & !reg_error;
+ assign key_version_we = addr_hit[34] & reg_we & !reg_error;
assign key_version_wd = reg_wdata[31:0];
- assign max_creator_key_ver_regwen_we = addr_hit[34] & reg_we & !reg_error;
+ assign max_creator_key_ver_regwen_we = addr_hit[35] & reg_we & !reg_error;
assign max_creator_key_ver_regwen_wd = reg_wdata[0];
- assign max_creator_key_ver_shadowed_re = addr_hit[35] & reg_re & !reg_error;
- assign max_creator_key_ver_shadowed_we = addr_hit[35] & reg_we & !reg_error;
+ assign max_creator_key_ver_shadowed_re = addr_hit[36] & reg_re & !reg_error;
+ assign max_creator_key_ver_shadowed_we = addr_hit[36] & reg_we & !reg_error;
assign max_creator_key_ver_shadowed_wd = reg_wdata[31:0];
- assign max_owner_int_key_ver_regwen_we = addr_hit[36] & reg_we & !reg_error;
+ assign max_owner_int_key_ver_regwen_we = addr_hit[37] & reg_we & !reg_error;
assign max_owner_int_key_ver_regwen_wd = reg_wdata[0];
- assign max_owner_int_key_ver_shadowed_re = addr_hit[37] & reg_re & !reg_error;
- assign max_owner_int_key_ver_shadowed_we = addr_hit[37] & reg_we & !reg_error;
+ assign max_owner_int_key_ver_shadowed_re = addr_hit[38] & reg_re & !reg_error;
+ assign max_owner_int_key_ver_shadowed_we = addr_hit[38] & reg_we & !reg_error;
assign max_owner_int_key_ver_shadowed_wd = reg_wdata[31:0];
- assign max_owner_key_ver_regwen_we = addr_hit[38] & reg_we & !reg_error;
+ assign max_owner_key_ver_regwen_we = addr_hit[39] & reg_we & !reg_error;
assign max_owner_key_ver_regwen_wd = reg_wdata[0];
- assign max_owner_key_ver_shadowed_re = addr_hit[39] & reg_re & !reg_error;
- assign max_owner_key_ver_shadowed_we = addr_hit[39] & reg_we & !reg_error;
+ assign max_owner_key_ver_shadowed_re = addr_hit[40] & reg_re & !reg_error;
+ assign max_owner_key_ver_shadowed_we = addr_hit[40] & reg_we & !reg_error;
assign max_owner_key_ver_shadowed_wd = reg_wdata[31:0];
- assign sw_share0_output_0_re = addr_hit[40] & reg_re & !reg_error;
+ assign sw_share0_output_0_re = addr_hit[41] & reg_re & !reg_error;
assign sw_share0_output_0_wd = '1;
- assign sw_share0_output_1_re = addr_hit[41] & reg_re & !reg_error;
+ assign sw_share0_output_1_re = addr_hit[42] & reg_re & !reg_error;
assign sw_share0_output_1_wd = '1;
- assign sw_share0_output_2_re = addr_hit[42] & reg_re & !reg_error;
+ assign sw_share0_output_2_re = addr_hit[43] & reg_re & !reg_error;
assign sw_share0_output_2_wd = '1;
- assign sw_share0_output_3_re = addr_hit[43] & reg_re & !reg_error;
+ assign sw_share0_output_3_re = addr_hit[44] & reg_re & !reg_error;
assign sw_share0_output_3_wd = '1;
- assign sw_share0_output_4_re = addr_hit[44] & reg_re & !reg_error;
+ assign sw_share0_output_4_re = addr_hit[45] & reg_re & !reg_error;
assign sw_share0_output_4_wd = '1;
- assign sw_share0_output_5_re = addr_hit[45] & reg_re & !reg_error;
+ assign sw_share0_output_5_re = addr_hit[46] & reg_re & !reg_error;
assign sw_share0_output_5_wd = '1;
- assign sw_share0_output_6_re = addr_hit[46] & reg_re & !reg_error;
+ assign sw_share0_output_6_re = addr_hit[47] & reg_re & !reg_error;
assign sw_share0_output_6_wd = '1;
- assign sw_share0_output_7_re = addr_hit[47] & reg_re & !reg_error;
+ assign sw_share0_output_7_re = addr_hit[48] & reg_re & !reg_error;
assign sw_share0_output_7_wd = '1;
- assign sw_share1_output_0_re = addr_hit[48] & reg_re & !reg_error;
+ assign sw_share1_output_0_re = addr_hit[49] & reg_re & !reg_error;
assign sw_share1_output_0_wd = '1;
- assign sw_share1_output_1_re = addr_hit[49] & reg_re & !reg_error;
+ assign sw_share1_output_1_re = addr_hit[50] & reg_re & !reg_error;
assign sw_share1_output_1_wd = '1;
- assign sw_share1_output_2_re = addr_hit[50] & reg_re & !reg_error;
+ assign sw_share1_output_2_re = addr_hit[51] & reg_re & !reg_error;
assign sw_share1_output_2_wd = '1;
- assign sw_share1_output_3_re = addr_hit[51] & reg_re & !reg_error;
+ assign sw_share1_output_3_re = addr_hit[52] & reg_re & !reg_error;
assign sw_share1_output_3_wd = '1;
- assign sw_share1_output_4_re = addr_hit[52] & reg_re & !reg_error;
+ assign sw_share1_output_4_re = addr_hit[53] & reg_re & !reg_error;
assign sw_share1_output_4_wd = '1;
- assign sw_share1_output_5_re = addr_hit[53] & reg_re & !reg_error;
+ assign sw_share1_output_5_re = addr_hit[54] & reg_re & !reg_error;
assign sw_share1_output_5_wd = '1;
- assign sw_share1_output_6_re = addr_hit[54] & reg_re & !reg_error;
+ assign sw_share1_output_6_re = addr_hit[55] & reg_re & !reg_error;
assign sw_share1_output_6_wd = '1;
- assign sw_share1_output_7_re = addr_hit[55] & reg_re & !reg_error;
+ assign sw_share1_output_7_re = addr_hit[56] & reg_re & !reg_error;
assign sw_share1_output_7_wd = '1;
- assign op_status_we = addr_hit[57] & reg_we & !reg_error;
+ assign op_status_we = addr_hit[58] & reg_we & !reg_error;
assign op_status_wd = reg_wdata[1:0];
- assign err_code_we = addr_hit[58] & reg_we & !reg_error;
+ assign err_code_we = addr_hit[59] & reg_we & !reg_error;
assign err_code_invalid_op_wd = reg_wdata[0];
@@ -2565,216 +2651,220 @@
end
addr_hit[7]: begin
- reg_rdata_next[15:0] = reseed_interval_shadowed_qs;
+ reg_rdata_next[0] = reseed_interval_regwen_qs;
end
addr_hit[8]: begin
- reg_rdata_next[0] = sw_binding_regwen_qs;
+ reg_rdata_next[15:0] = reseed_interval_shadowed_qs;
end
addr_hit[9]: begin
- reg_rdata_next[31:0] = sealing_sw_binding_0_qs;
+ reg_rdata_next[0] = sw_binding_regwen_qs;
end
addr_hit[10]: begin
- reg_rdata_next[31:0] = sealing_sw_binding_1_qs;
+ reg_rdata_next[31:0] = sealing_sw_binding_0_qs;
end
addr_hit[11]: begin
- reg_rdata_next[31:0] = sealing_sw_binding_2_qs;
+ reg_rdata_next[31:0] = sealing_sw_binding_1_qs;
end
addr_hit[12]: begin
- reg_rdata_next[31:0] = sealing_sw_binding_3_qs;
+ reg_rdata_next[31:0] = sealing_sw_binding_2_qs;
end
addr_hit[13]: begin
- reg_rdata_next[31:0] = sealing_sw_binding_4_qs;
+ reg_rdata_next[31:0] = sealing_sw_binding_3_qs;
end
addr_hit[14]: begin
- reg_rdata_next[31:0] = sealing_sw_binding_5_qs;
+ reg_rdata_next[31:0] = sealing_sw_binding_4_qs;
end
addr_hit[15]: begin
- reg_rdata_next[31:0] = sealing_sw_binding_6_qs;
+ reg_rdata_next[31:0] = sealing_sw_binding_5_qs;
end
addr_hit[16]: begin
- reg_rdata_next[31:0] = sealing_sw_binding_7_qs;
+ reg_rdata_next[31:0] = sealing_sw_binding_6_qs;
end
addr_hit[17]: begin
- reg_rdata_next[31:0] = attest_sw_binding_0_qs;
+ reg_rdata_next[31:0] = sealing_sw_binding_7_qs;
end
addr_hit[18]: begin
- reg_rdata_next[31:0] = attest_sw_binding_1_qs;
+ reg_rdata_next[31:0] = attest_sw_binding_0_qs;
end
addr_hit[19]: begin
- reg_rdata_next[31:0] = attest_sw_binding_2_qs;
+ reg_rdata_next[31:0] = attest_sw_binding_1_qs;
end
addr_hit[20]: begin
- reg_rdata_next[31:0] = attest_sw_binding_3_qs;
+ reg_rdata_next[31:0] = attest_sw_binding_2_qs;
end
addr_hit[21]: begin
- reg_rdata_next[31:0] = attest_sw_binding_4_qs;
+ reg_rdata_next[31:0] = attest_sw_binding_3_qs;
end
addr_hit[22]: begin
- reg_rdata_next[31:0] = attest_sw_binding_5_qs;
+ reg_rdata_next[31:0] = attest_sw_binding_4_qs;
end
addr_hit[23]: begin
- reg_rdata_next[31:0] = attest_sw_binding_6_qs;
+ reg_rdata_next[31:0] = attest_sw_binding_5_qs;
end
addr_hit[24]: begin
- reg_rdata_next[31:0] = attest_sw_binding_7_qs;
+ reg_rdata_next[31:0] = attest_sw_binding_6_qs;
end
addr_hit[25]: begin
- reg_rdata_next[31:0] = salt_0_qs;
+ reg_rdata_next[31:0] = attest_sw_binding_7_qs;
end
addr_hit[26]: begin
- reg_rdata_next[31:0] = salt_1_qs;
+ reg_rdata_next[31:0] = salt_0_qs;
end
addr_hit[27]: begin
- reg_rdata_next[31:0] = salt_2_qs;
+ reg_rdata_next[31:0] = salt_1_qs;
end
addr_hit[28]: begin
- reg_rdata_next[31:0] = salt_3_qs;
+ reg_rdata_next[31:0] = salt_2_qs;
end
addr_hit[29]: begin
- reg_rdata_next[31:0] = salt_4_qs;
+ reg_rdata_next[31:0] = salt_3_qs;
end
addr_hit[30]: begin
- reg_rdata_next[31:0] = salt_5_qs;
+ reg_rdata_next[31:0] = salt_4_qs;
end
addr_hit[31]: begin
- reg_rdata_next[31:0] = salt_6_qs;
+ reg_rdata_next[31:0] = salt_5_qs;
end
addr_hit[32]: begin
- reg_rdata_next[31:0] = salt_7_qs;
+ reg_rdata_next[31:0] = salt_6_qs;
end
addr_hit[33]: begin
- reg_rdata_next[31:0] = key_version_qs;
+ reg_rdata_next[31:0] = salt_7_qs;
end
addr_hit[34]: begin
- reg_rdata_next[0] = max_creator_key_ver_regwen_qs;
+ reg_rdata_next[31:0] = key_version_qs;
end
addr_hit[35]: begin
- reg_rdata_next[31:0] = max_creator_key_ver_shadowed_qs;
+ reg_rdata_next[0] = max_creator_key_ver_regwen_qs;
end
addr_hit[36]: begin
- reg_rdata_next[0] = max_owner_int_key_ver_regwen_qs;
+ reg_rdata_next[31:0] = max_creator_key_ver_shadowed_qs;
end
addr_hit[37]: begin
- reg_rdata_next[31:0] = max_owner_int_key_ver_shadowed_qs;
+ reg_rdata_next[0] = max_owner_int_key_ver_regwen_qs;
end
addr_hit[38]: begin
- reg_rdata_next[0] = max_owner_key_ver_regwen_qs;
+ reg_rdata_next[31:0] = max_owner_int_key_ver_shadowed_qs;
end
addr_hit[39]: begin
- reg_rdata_next[31:0] = max_owner_key_ver_shadowed_qs;
+ reg_rdata_next[0] = max_owner_key_ver_regwen_qs;
end
addr_hit[40]: begin
- reg_rdata_next[31:0] = sw_share0_output_0_qs;
+ reg_rdata_next[31:0] = max_owner_key_ver_shadowed_qs;
end
addr_hit[41]: begin
- reg_rdata_next[31:0] = sw_share0_output_1_qs;
+ reg_rdata_next[31:0] = sw_share0_output_0_qs;
end
addr_hit[42]: begin
- reg_rdata_next[31:0] = sw_share0_output_2_qs;
+ reg_rdata_next[31:0] = sw_share0_output_1_qs;
end
addr_hit[43]: begin
- reg_rdata_next[31:0] = sw_share0_output_3_qs;
+ reg_rdata_next[31:0] = sw_share0_output_2_qs;
end
addr_hit[44]: begin
- reg_rdata_next[31:0] = sw_share0_output_4_qs;
+ reg_rdata_next[31:0] = sw_share0_output_3_qs;
end
addr_hit[45]: begin
- reg_rdata_next[31:0] = sw_share0_output_5_qs;
+ reg_rdata_next[31:0] = sw_share0_output_4_qs;
end
addr_hit[46]: begin
- reg_rdata_next[31:0] = sw_share0_output_6_qs;
+ reg_rdata_next[31:0] = sw_share0_output_5_qs;
end
addr_hit[47]: begin
- reg_rdata_next[31:0] = sw_share0_output_7_qs;
+ reg_rdata_next[31:0] = sw_share0_output_6_qs;
end
addr_hit[48]: begin
- reg_rdata_next[31:0] = sw_share1_output_0_qs;
+ reg_rdata_next[31:0] = sw_share0_output_7_qs;
end
addr_hit[49]: begin
- reg_rdata_next[31:0] = sw_share1_output_1_qs;
+ reg_rdata_next[31:0] = sw_share1_output_0_qs;
end
addr_hit[50]: begin
- reg_rdata_next[31:0] = sw_share1_output_2_qs;
+ reg_rdata_next[31:0] = sw_share1_output_1_qs;
end
addr_hit[51]: begin
- reg_rdata_next[31:0] = sw_share1_output_3_qs;
+ reg_rdata_next[31:0] = sw_share1_output_2_qs;
end
addr_hit[52]: begin
- reg_rdata_next[31:0] = sw_share1_output_4_qs;
+ reg_rdata_next[31:0] = sw_share1_output_3_qs;
end
addr_hit[53]: begin
- reg_rdata_next[31:0] = sw_share1_output_5_qs;
+ reg_rdata_next[31:0] = sw_share1_output_4_qs;
end
addr_hit[54]: begin
- reg_rdata_next[31:0] = sw_share1_output_6_qs;
+ reg_rdata_next[31:0] = sw_share1_output_5_qs;
end
addr_hit[55]: begin
- reg_rdata_next[31:0] = sw_share1_output_7_qs;
+ reg_rdata_next[31:0] = sw_share1_output_6_qs;
end
addr_hit[56]: begin
- reg_rdata_next[2:0] = working_state_qs;
+ reg_rdata_next[31:0] = sw_share1_output_7_qs;
end
addr_hit[57]: begin
- reg_rdata_next[1:0] = op_status_qs;
+ reg_rdata_next[2:0] = working_state_qs;
end
addr_hit[58]: begin
+ reg_rdata_next[1:0] = op_status_qs;
+ end
+
+ addr_hit[59]: begin
reg_rdata_next[0] = err_code_invalid_op_qs;
reg_rdata_next[1] = err_code_invalid_kmac_input_qs;
reg_rdata_next[2] = err_code_invalid_shadow_update_qs;
end
- addr_hit[59]: begin
+ addr_hit[60]: begin
reg_rdata_next[0] = fault_status_cmd_qs;
reg_rdata_next[1] = fault_status_kmac_fsm_qs;
reg_rdata_next[2] = fault_status_kmac_op_qs;
@@ -2783,6 +2873,8 @@
reg_rdata_next[5] = fault_status_shadow_qs;
reg_rdata_next[6] = fault_status_ctrl_fsm_intg_qs;
reg_rdata_next[7] = fault_status_ctrl_fsm_cnt_qs;
+ reg_rdata_next[8] = fault_status_reseed_cnt_qs;
+ reg_rdata_next[9] = fault_status_side_ctrl_fsm_qs;
end
default: begin
diff --git a/hw/ip/keymgr/rtl/keymgr_reseed_ctrl.sv b/hw/ip/keymgr/rtl/keymgr_reseed_ctrl.sv
index bba83cc..30ef369 100644
--- a/hw/ip/keymgr/rtl/keymgr_reseed_ctrl.sv
+++ b/hw/ip/keymgr/rtl/keymgr_reseed_ctrl.sv
@@ -26,7 +26,10 @@
// interface to lfsr
output logic seed_en_o,
- output logic [LfsrWidth-1:0] seed_o
+ output logic [LfsrWidth-1:0] seed_o,
+
+ // error condition
+ output logic cnt_err_o
);
localparam int unsigned EdnRounds = LfsrWidth / EdnWidth;
@@ -64,21 +67,24 @@
end
end
- // whenever reseed count drops to 0, issue a request and wait for ack
+ // whenever reseed count reaches reseed_interval, issue a request and wait for ack
logic [15:0] reseed_cnt;
- always_ff @(posedge clk_i or negedge rst_ni) begin
- if (!rst_ni) begin
- reseed_cnt <= '{default: 1};
- end else if(edn_done) begin
- reseed_cnt <= reseed_interval_i;
- end else if(reseed_req_i) begin
- reseed_cnt <= '0;
- end else if(|reseed_cnt && !first_use) begin
- reseed_cnt <= reseed_cnt - 1'b1;
- end
- end
+ prim_count #(
+ .Width(16),
+ .OutSelDnCnt(0),
+ .CntStyle(prim_count_pkg::DupCnt)
+ ) u_reseed_cnt (
+ .clk_i,
+ .rst_ni,
+ .clr_i(edn_done),
+ .set_i(reseed_req_i & ~edn_req),
+ .set_cnt_i(reseed_interval_i),
+ .en_i(~edn_req & ~first_use),
+ .cnt_o(reseed_cnt),
+ .err_o(cnt_err_o)
+ );
- assign edn_req = (reseed_cnt == '0);
+ assign edn_req = (reseed_cnt == reseed_interval_i);
assign reseed_ack_o = reseed_req_i & edn_done;
assign seed_en_o = edn_done;
diff --git a/hw/ip/keymgr/rtl/keymgr_sideload_key_ctrl.sv b/hw/ip/keymgr/rtl/keymgr_sideload_key_ctrl.sv
index f535fe5..c7143e2 100644
--- a/hw/ip/keymgr/rtl/keymgr_sideload_key_ctrl.sv
+++ b/hw/ip/keymgr/rtl/keymgr_sideload_key_ctrl.sv
@@ -22,33 +22,63 @@
output logic prng_en_o,
output hw_key_req_t aes_key_o,
output hw_key_req_t kmac_key_o,
- output otbn_key_req_t otbn_key_o
+ output otbn_key_req_t otbn_key_o,
+ output logic fsm_err_o
);
- // Enumeration for working state
- typedef enum logic [2:0] {
- StSideloadReset,
- StSideloadIdle,
- StSideloadWipe,
- StSideloadStop
+ // Encoding generated with:
+ // $ ./util/design/sparse-fsm-encode.py -d 5 -m 4 -n 10 \
+ // -s 1700801647 --language=sv
+ //
+ // Hamming distance histogram:
+ //
+ // 0: --
+ // 1: --
+ // 2: --
+ // 3: --
+ // 4: --
+ // 5: |||||||||||||||||||| (33.33%)
+ // 6: |||||||||| (16.67%)
+ // 7: |||||||||||||||||||| (33.33%)
+ // 8: |||||||||| (16.67%)
+ // 9: --
+ // 10: --
+ //
+ // Minimum Hamming distance: 5
+ // Maximum Hamming distance: 8
+ // Minimum Hamming weight: 3
+ // Maximum Hamming weight: 7
+ //
+ localparam int StateWidth = 10;
+ typedef enum logic [StateWidth-1:0] {
+ StSideloadReset = 10'b0011111011,
+ StSideloadIdle = 10'b0101000101,
+ StSideloadWipe = 10'b1110110010,
+ StSideloadStop = 10'b1000001010
} keymgr_sideload_e;
keymgr_sideload_e state_q, state_d;
- logic keys_en;
+ // This primitive is used to place a size-only constraint on the
+ // flops in order to prevent FSM state encoding optimizations.
+ logic [StateWidth-1:0] state_raw_q;
+ assign state_q = keymgr_sideload_e'(state_raw_q);
+ prim_flop #(
+ .Width(StateWidth),
+ .ResetValue(StateWidth'(StSideloadReset))
+ ) u_state_regs (
+ .clk_i,
+ .rst_ni,
+ .d_i ( state_d ),
+ .q_o ( state_raw_q )
+ );
+
+ logic keys_en;
logic [Shares-1:0][KeyWidth-1:0] data_truncated;
for(genvar i = 0; i < Shares; i++) begin : gen_truncate_data
assign data_truncated[i] = data_i[i][KeyWidth-1:0];
end
- always_ff @(posedge clk_i or negedge rst_ni) begin
- if (!rst_ni) begin
- state_q <= StSideloadReset;
- end else begin
- state_q <= state_d;
- end
- end
-
// clear all keys when selected by software, or when
// wipe command is received
logic clr_all_keys;
@@ -68,6 +98,7 @@
always_comb begin
keys_en = 1'b0;
state_d = state_q;
+ fsm_err_o = 1'b0;
unique case (state_q)
StSideloadReset: begin
@@ -97,7 +128,10 @@
keys_en = 1'b0;
end
- default:;
+ default: begin
+ fsm_err_o = 1'b1;
+ end
+
endcase // unique case (state_q)
end
diff --git a/hw/ip/prim/rtl/prim_count.sv b/hw/ip/prim/rtl/prim_count.sv
index b1deb61..0d82952 100644
--- a/hw/ip/prim/rtl/prim_count.sv
+++ b/hw/ip/prim/rtl/prim_count.sv
@@ -34,6 +34,9 @@
output logic err_o
);
+ // if output selects downcount, it MUST be the cross count style
+ `ASSERT_INIT(CntStyleMatch_A, OutSelDnCnt ? CntStyle == CrossCnt : 1'b1 )
+
localparam int CntCopies = (CntStyle == DupCnt) ? 2 : 1;
cmp_valid_e cmp_valid;
@@ -53,6 +56,7 @@
for (genvar i = 0; i < CntCopies; i++) begin : gen_cnts
// up-count
assign up_cnt_d[i] = (clr_i) ? '0 :
+ (set_i & CntStyle == DupCnt) ? set_cnt_i :
(en_i & up_cnt_q[i] < max_val) ? up_cnt_q[i] + 1'b1 :
up_cnt_q[i];
