| # Copyright lowRISC contributors. |
| # Licensed under the Apache License, Version 2.0, see LICENSE for details. |
| # SPDX-License-Identifier: Apache-2.0 |
| |
| load("@lowrisc_opentitan//rules:otp.bzl", "otp_image", "otp_json", "otp_partition") |
| |
| package(default_visibility = ["//visibility:public"]) |
| |
| exports_files(glob(["autogen/**"])) |
| |
| filegroup( |
| name = "all_files", |
| srcs = glob(["**"]), |
| ) |
| |
| filegroup( |
| name = "all_hjson_files", |
| srcs = glob(["**/*.hjson"]), |
| ) |
| |
| # A fork from opentitan's hw/ip/otp_ctrl/data:img_rma target. However, there is |
| # no otp_json_alert_digest_cfg overlay for it requires opentitantool to generate |
| # the new OWNER_SW_CFG_ROM_ALERT_DIGEST_* values. |
| otp_image( |
| name = "otp_img_rma", |
| src = "@lowrisc_opentitan//hw/ip/otp_ctrl/data:otp_json_rma", |
| overlays = [ |
| "@lowrisc_opentitan//hw/ip/otp_ctrl/data:otp_json_creator_sw_cfg", |
| "@lowrisc_opentitan//hw/ip/otp_ctrl/data:otp_json_owner_sw_cfg", |
| "@lowrisc_opentitan//hw/ip/otp_ctrl/data:otp_json_hw_cfg", |
| ], |
| ) |
| |
| ################ |
| |
| otp_json( |
| name = "otp_json_empty", |
| partitions = [ |
| otp_partition( |
| name = "SECRET0", |
| items = { |
| "TEST_UNLOCK_TOKEN": "0", |
| "TEST_EXIT_TOKEN": "0", |
| }, |
| lock = False, |
| ), |
| otp_partition( |
| name = "SECRET1", |
| items = { |
| "FLASH_ADDR_KEY_SEED": "0", |
| "FLASH_DATA_KEY_SEED": "0", |
| "SRAM_DATA_KEY_SEED": "0", |
| }, |
| lock = False, |
| ), |
| otp_partition( |
| name = "SECRET2", |
| items = { |
| "RMA_TOKEN": "0", |
| "CREATOR_ROOT_KEY_SHARE0": "0", |
| "CREATOR_ROOT_KEY_SHARE1": "0", |
| }, |
| lock = False, |
| ), |
| otp_partition( |
| name = "LIFE_CYCLE", |
| count = 8, |
| # Should we set this to TEST_UNLOCKED0? |
| state = "TEST_UNLOCKED0", |
| ), |
| ], |
| seed = "0", |
| ) |
| |
| otp_json( |
| name = "otp_json_creator_sw_cfg", |
| partitions = [ |
| otp_partition( |
| name = "CREATOR_SW_CFG", |
| items = { |
| "CREATOR_SW_CFG_DIGEST": "0x0", |
| # Use software mod_exp implementation for signature |
| # verification. See the definition of `hardened_bool_t` in |
| # sw/device/lib/base/hardened.h. |
| "CREATOR_SW_CFG_SIGVERIFY_RSA_MOD_EXP_IBEX_EN": "0", |
| # Mark the first three keys as valid and remaining as invalid |
| # since we currently have only three keys. See the definition of |
| # `hardened_byte_bool_t` in sw/device/lib/base/hardened.h. |
| "CREATOR_SW_CFG_SIGVERIFY_RSA_KEY_EN": "0", |
| # Enable use of entropy for countermeasures. See the definition |
| # of `hardened_bool_t` in sw/device/lib/base/hardened.h. |
| "CREATOR_SW_CFG_RNG_EN": "0", |
| # ROM execution is enabled if this item is set to a non-zero |
| # value. |
| "CREATOR_SW_CFG_ROM_EXEC_EN": "0", |
| # Value to write to the cpuctrl CSR in `rom_init()`. |
| # See: |
| # https://ibex-core.readthedocs.io/en/latest/03_reference/cs_registers.html#cpu-control-register-cpuctrl |
| "CREATOR_SW_CFG_CPUCTRL": "0", |
| "CREATOR_SW_CFG_JITTER_EN": "0", |
| # Value of the min_security_version_rom_ext field of the |
| # default boot data. |
| "CREATOR_SW_CFG_MIN_SEC_VER_ROM_EXT": "0x0", |
| # Value of the min_security_version_bl0 field of the default |
| # boot data. |
| "CREATOR_SW_CFG_MIN_SEC_VER_BL0": "0x0", |
| # Enable the default boot data in PROD and PROD_END life cycle |
| # states. See the definition of `hardened_bool_t` in |
| # sw/device/lib/base/hardened.h. |
| "CREATOR_SW_CFG_DEFAULT_BOOT_DATA_IN_PROD_EN": "0", |
| # Enable AST initialization. |
| "CREATOR_SW_CFG_AST_INIT_EN": "0", |
| # TODO: This enables a busyloop in the ROM to give time to |
| # trigger an RMA lifecycle transition via JTAG. The current |
| # value of 10 cycles is useful for test code which verifies |
| # the path through the ROM. This value is not useful for a |
| # real chip. |
| "CREATOR_SW_CFG_RMA_SPIN_EN": "0", |
| "CREATOR_SW_CFG_RMA_SPIN_CYCLES": "0", |
| # Entropy source health check default values. This needs to be |
| # populated when `CREATOR_SW_CFG_RNG_EN` is set to true. |
| "CREATOR_SW_CFG_RNG_REPCNT_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_REPCNTS_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_ADAPTP_HI_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_ADAPTP_LO_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_BUCKET_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_MARKOV_HI_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_MARKOV_LO_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_EXTHT_HI_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_EXTHT_LO_THRESHOLDS": "0", |
| "CREATOR_SW_CFG_RNG_ALERT_THRESHOLD": "0", |
| "CREATOR_SW_CFG_RNG_HEALTH_CONFIG_DIGEST": "0", |
| }, |
| ), |
| ], |
| ) |
| |
| otp_json( |
| name = "otp_json_owner_sw_cfg", |
| partitions = [ |
| otp_partition( |
| name = "OWNER_SW_CFG", |
| items = { |
| "OWNER_SW_CFG_DIGEST": "0x0", |
| # Enable bootstrap. See `hardened_bool_t` in |
| # sw/device/lib/base/hardened.h. |
| "OWNER_SW_CFG_ROM_BOOTSTRAP_EN": "0", |
| # Set to 0x739 to use the ROM_EXT hash measurement as the key |
| # manager attestation binding value. |
| "OWNER_SW_CFG_ROM_KEYMGR_ROM_EXT_MEAS_EN": "0x0", |
| # Report errors without any redaction. |
| "OWNER_SW_CFG_ROM_ERROR_REPORTING": "0", |
| # Set the enables to kAlertEnableNone. |
| # See `alert_enable_t` in |
| # sw/device/silicon_creator/lib/drivers/alert.h |
| "OWNER_SW_CFG_ROM_ALERT_CLASS_EN": "0", |
| # Set the esclation policies to kAlertEscalateNone. |
| # See `alert_escalate_t` in |
| # sw/device/silicon_creator/lib/drivers/alert.h |
| "OWNER_SW_CFG_ROM_ALERT_ESCALATION": "0", |
| # Set the classifiactions to kAlertClassX. |
| # See `alert_class_t` in |
| # sw/device/silicon_creator/lib/drivers/alert.h |
| "OWNER_SW_CFG_ROM_ALERT_CLASSIFICATION": ["0"] * 80, |
| # Set the classifiactions to kAlertClassX. See `alert_class_t` in |
| # sw/device/silicon_creator/lib/drivers/alert.h |
| "OWNER_SW_CFG_ROM_LOCAL_ALERT_CLASSIFICATION": ["0"] * 16, |
| # Set the alert accumulation thresholds to 0 per class. |
| "OWNER_SW_CFG_ROM_ALERT_ACCUM_THRESH": ["0x00000000"] * 4, |
| # Set the alert timeout cycles to 0 per class. |
| "OWNER_SW_CFG_ROM_ALERT_TIMEOUT_CYCLES": ["0x00000000"] * 4, |
| # Set the alert phase cycles to 0,10,10,0xFFFFFFFF for classes |
| # A and B, and to all zeros for classes C and D. |
| "OWNER_SW_CFG_ROM_ALERT_PHASE_CYCLES": [ |
| "0x0", |
| "0", |
| "0", |
| "0", |
| "0x0", |
| "0", |
| "0", |
| "0", |
| "0x0", |
| "0x0", |
| "0x0", |
| "0x0", |
| "0x0", |
| "0x0", |
| "0x0", |
| "0x0", |
| ], |
| }, |
| ), |
| ], |
| ) |
| |
| otp_json( |
| name = "otp_json_hw_cfg", |
| partitions = [ |
| otp_partition( |
| name = "HW_CFG", |
| items = { |
| "DEVICE_ID": "0", |
| # Cryptolib and chip-level tests require access to the CSRNG |
| # software interfaces. |
| "EN_CSRNG_SW_APP_READ": False, |
| "EN_SRAM_IFETCH": False, |
| # Cryptolib and chip-level tests require access to the |
| # entropy_src FW data interface. |
| "EN_ENTROPY_SRC_FW_READ": False, |
| # Cryptolib and chip-level tests require access to the |
| # entropy_src FW override interface. |
| "EN_ENTROPY_SRC_FW_OVER": False, |
| }, |
| lock = False, |
| ), |
| ], |
| ) |
| |
| otp_image( |
| name = "otp_img_empty", |
| src = ":otp_json_empty", |
| overlays = [ |
| ":otp_json_creator_sw_cfg", |
| ":otp_json_owner_sw_cfg", |
| ":otp_json_hw_cfg", |
| ], |
| ) |