[fpv/aes] Support SEC_CM tests
FPV re-uses sva core files, and currently due to the fault injection, it
includes UVM files and causes a compile error.
In this PR, the proposed solution is to put fault injection to a
separate core file.
Signed-off-by: Cindy Chen <chencindy@opentitan.org>
diff --git a/hw/ip/aes/dv/aes_base_sim_cfg.hjson b/hw/ip/aes/dv/aes_base_sim_cfg.hjson
index 489d52d..c2d9aa2 100644
--- a/hw/ip/aes/dv/aes_base_sim_cfg.hjson
+++ b/hw/ip/aes/dv/aes_base_sim_cfg.hjson
@@ -41,7 +41,8 @@
sim_tops: [ "aes_bind",
"aes_cov_bind",
"sec_cm_prim_sparse_fsm_flop_bind",
- "sec_cm_prim_onehot_check_bind"]
+ "sec_cm_prim_onehot_check_bind",
+ "aes_err_injection_bind"]
// TODO remove v2s refine for v2s
xcelium_cov_refine_files: ["{proj_root}/hw/ip/aes/dv/cov/refines/aes_remove_for_v2s.vRefine"]
diff --git a/hw/ip/aes/dv/aes_sim.core b/hw/ip/aes/dv/aes_sim.core
index 939ad60..f3efa9b 100644
--- a/hw/ip/aes/dv/aes_sim.core
+++ b/hw/ip/aes/dv/aes_sim.core
@@ -13,6 +13,7 @@
depend:
- lowrisc:dv:aes_test
- lowrisc:dv:aes_sva
+ - lowrisc:dv:aes_err_injection
- lowrisc:dv:aes_cov
files:
- tb/tb.sv
diff --git a/hw/ip/aes/dv/err_injection_if/aes_err_injection.core b/hw/ip/aes/dv/err_injection_if/aes_err_injection.core
new file mode 100644
index 0000000..de8f7a6
--- /dev/null
+++ b/hw/ip/aes/dv/err_injection_if/aes_err_injection.core
@@ -0,0 +1,22 @@
+CAPI=2:
+# Copyright lowRISC contributors.
+# Licensed under the Apache License, Version 2.0, see LICENSE for details.
+# SPDX-License-Identifier: Apache-2.0
+name: "lowrisc:dv:aes_err_injection:0.1"
+description: "AES error injection modules and bind file."
+filesets:
+ files_dv:
+ depend:
+ - lowrisc:tlul:headers
+ - lowrisc:ip:aes
+ - lowrisc:dv:aes_env
+ files:
+ - aes_err_injection_bind.sv
+ - signal_force.sv
+ - force_if.sv
+ file_type: systemVerilogSource
+
+targets:
+ default: &default_target
+ filesets:
+ - files_dv
diff --git a/hw/ip/aes/dv/err_injection_if/aes_err_injection_bind.sv b/hw/ip/aes/dv/err_injection_if/aes_err_injection_bind.sv
new file mode 100644
index 0000000..2296cf9
--- /dev/null
+++ b/hw/ip/aes/dv/err_injection_if/aes_err_injection_bind.sv
@@ -0,0 +1,41 @@
+// Copyright lowRISC contributors.
+// Licensed under the Apache License, Version 2.0, see LICENSE for details.
+// SPDX-License-Identifier: Apache-2.0
+module aes_err_injection_bind;
+
+ // bind fault inject if to control_fsm
+ bind aes_control_fsm signal_force
+ #(.Signal("aes_ctrl_cs"),
+ .IfName("aes_fi_vif"),
+ .SignalWidth(aes_env_pkg::StateWidth)
+ )
+ u_fi
+ (
+ .clk (clk_i),
+ .rst_ni (rst_ni)
+ );
+
+ // bind fault inject if to cipher fsm
+ bind aes_cipher_control_fsm signal_force
+ #(.Signal("aes_cipher_ctrl_cs"),
+ .IfName("aes_cipher_fi_vif"),
+ .SignalWidth(aes_env_pkg::StateWidth)
+ )
+ u_cipher_fi
+ (
+ .clk (clk_i),
+ .rst_ni (rst_ni)
+ );
+
+ // bind fault inject if to round counter
+ bind aes_ctr_fsm signal_force
+ #(.Signal("aes_ctr_cs"),
+ .IfName("aes_ctr_fi_vif"),
+ .SignalWidth(aes_env_pkg::StateWidth)
+ )
+ u_ctr_fi
+ (
+ .clk (clk_i),
+ .rst_ni (rst_ni)
+ );
+endmodule
diff --git a/hw/ip/aes/dv/sva/force_if.sv b/hw/ip/aes/dv/err_injection_if/force_if.sv
similarity index 100%
rename from hw/ip/aes/dv/sva/force_if.sv
rename to hw/ip/aes/dv/err_injection_if/force_if.sv
diff --git a/hw/ip/aes/dv/sva/signal_force.sv b/hw/ip/aes/dv/err_injection_if/signal_force.sv
similarity index 100%
rename from hw/ip/aes/dv/sva/signal_force.sv
rename to hw/ip/aes/dv/err_injection_if/signal_force.sv
diff --git a/hw/ip/aes/dv/sva/aes_bind.sv b/hw/ip/aes/dv/sva/aes_bind.sv
index 33c51ad..a374240 100644
--- a/hw/ip/aes/dv/sva/aes_bind.sv
+++ b/hw/ip/aes/dv/sva/aes_bind.sv
@@ -65,41 +65,4 @@
.lfsr_q_4 (gen_lfsrs[4].u_lfsr_chunk.lfsr_q)
);
end
-
- // bind fault inject if to control_fsm
- bind aes_control_fsm signal_force
- #(.Signal("aes_ctrl_cs"),
- .IfName("aes_fi_vif"),
- .SignalWidth(aes_env_pkg::StateWidth)
- )
- u_fi
- (
- .clk (clk_i),
- .rst_ni (rst_ni)
- );
-
- // bind fault inject if to cipher fsm
- bind aes_cipher_control_fsm signal_force
- #(.Signal("aes_cipher_ctrl_cs"),
- .IfName("aes_cipher_fi_vif"),
- .SignalWidth(aes_env_pkg::StateWidth)
- )
- u_cipher_fi
- (
- .clk (clk_i),
- .rst_ni (rst_ni)
- );
-
- // bind fault inject if to round counter
- bind aes_ctr_fsm signal_force
- #(.Signal("aes_ctr_cs"),
- .IfName("aes_ctr_fi_vif"),
- .SignalWidth(aes_env_pkg::StateWidth)
- )
- u_ctr_fi
- (
- .clk (clk_i),
- .rst_ni (rst_ni)
- );
-
endmodule
diff --git a/hw/ip/aes/dv/sva/aes_sva.core b/hw/ip/aes/dv/sva/aes_sva.core
index ba1f847..1df8cbf 100644
--- a/hw/ip/aes/dv/sva/aes_sva.core
+++ b/hw/ip/aes/dv/sva/aes_sva.core
@@ -10,14 +10,11 @@
- lowrisc:tlul:headers
- lowrisc:fpv:csr_assert_gen
- lowrisc:ip:aes
- - lowrisc:dv:aes_env
files:
- aes_bind.sv
- aes_idle_check.sv
- aes_reseed_if.sv
- aes_masking_reseed_if.sv
- - signal_force.sv
- - force_if.sv
file_type: systemVerilogSource
files_formal:
diff --git a/hw/top_earlgrey/formal/top_earlgrey_fpv_cfgs.hjson b/hw/top_earlgrey/formal/top_earlgrey_fpv_cfgs.hjson
index decbd67..b6e8610 100644
--- a/hw/top_earlgrey/formal/top_earlgrey_fpv_cfgs.hjson
+++ b/hw/top_earlgrey/formal/top_earlgrey_fpv_cfgs.hjson
@@ -412,11 +412,23 @@
// FPV only verifies the security countermeasure assertions,
// so will not collect FPV coverage.
{
- name: aes_sec_cm
+ name: aes_masking_sec_cm
dut: aes
fusesoc_core: lowrisc:dv:aes_sva
import_cfgs: ["{proj_root}/hw/formal/tools/dvsim/common_fpv_cfg.hjson"]
- rel_path: "hw/ip/aes/{sub_flow}/{tool}"
+ rel_path: "hw/ip/aes/masking/{sub_flow}/{tool}"
+ defines: "EN_MASKING=1"
+ cov: false
+ task: "FpvSecCm"
+ stopats: ["*u_state_regs.state_o"]
+ }
+ {
+ name: aes_no_masking_sec_cm
+ dut: aes
+ fusesoc_core: lowrisc:dv:aes_sva
+ import_cfgs: ["{proj_root}/hw/formal/tools/dvsim/common_fpv_cfg.hjson"]
+ rel_path: "hw/ip/aes/no_masking/{sub_flow}/{tool}"
+ defines: "EN_MASKING=0"
cov: false
task: "FpvSecCm"
stopats: ["*u_state_regs.state_o"]
