lowRISC · vogelpi · Jul 13, 2020 · May 6, 2020 · May 6, 2020 · May 8, 2020
@@ -9,6 +9,7 @@ filesets:
     depend:
       - lowrisc:prim:all
       - lowrisc:ip:tlul
+      - lowrisc:ip:keymgr_pkg
     files:
       - rtl/aes_pkg.sv
       - rtl/aes_reg_pkg.sv

@@ -7,7 +7,6 @@
   name: "aes",
   clock_primary: "clk_i",
   bus_device: "tlul",
-  regwidth: "32",
   # Note: All parameters are local, they are not actually configurable.
   # Selecting values different from the default values below might cause undefined behavior.
   param_list: [
@@ -30,6 +29,29 @@
       local:   "true"
     }
   ],
+  inter_signal_list: [
+    { name:    "keymgr_key",
+      type:    "uni",
+      act:     "rcv",
+      package: "keymgr_pkg",
+      struct:  "hw_key_req",
+      width:   "1"
+    }
+    // TODO: CSRNG peripheral interface/RNG distribution network interface needs to be defined first, see https://github.com/lowRISC/opentitan/issues/2693.
+    /*{ name:    "entropy",
+      type:    "req_rsp",
+      act:     "req",
+      package: "csrng_pkg",
+      struct:  "csrng_entropy",
+      width:   "1"
+    },*/
+  ],
+  alert_list: [
+    { name: "ctrl_err",
+      desc: "This alert is triggered upon detecting an error in the Control Register",
+    }
+  ],
+  regwidth: "32",
   registers: [
 ##############################################################################
 # initial key registers

@@ -110,9 +110,6 @@ The initialization vector (IV) register and the register to hold the previous in
 
 ## Hardware Interfaces
 
-In the current implementation, the AES unit has no security alerts.
-These will eventually be added in future versions.
-
 {{< hwcfg "hw/ip/aes/data/aes.hjson" >}}
 
 

diff --git a/hw/ip/aes/dv/tb/tb.sv b/hw/ip/aes/dv/tb/tb.sv
@@ -15,6 +15,8 @@ module tb;
 
   wire clk, rst_n;
   wire [NUM_MAX_INTERRUPTS-1:0] interrupts;
+  prim_alert_pkg::alert_rx_t [aes_pkg::NumAlerts-1:0] alert_rx;
+  assign alert_rx[0] = 4'b0101;
 
   // interfaces
   clk_rst_if clk_rst_if(.clk(clk), .rst_n(rst_n));
@@ -28,8 +30,13 @@ module tb;
     .clk_i                (clk        ),
     .rst_ni               (rst_n      ),
 
+    .keymgr_key_i         ( '0        ),
+
     .tl_i                 (tl_if.h2d  ),
-    .tl_o                 (tl_if.d2h  )
+    .tl_o                 (tl_if.d2h  ),
+
+    .alert_rx_i           ( alert_rx  ),
+    .alert_tx_o           (           )
   );
 
   initial begin

@@ -13,19 +13,24 @@ module aes #(
   input                     clk_i,
   input                     rst_ni,
 
+  // Key manager interface
+  input   keymgr_pkg::hw_key_req_t keymgr_key_i,
+
   // Entropy source interface
-  // TODO: This still needs to be connected.
-  // See https://github.com/lowRISC/opentitan/issues/1005
-  //output logic              entropy_req_o,
-  //input  logic              entropy_ack_i,
-  //input  logic [63:0]       entropy_i,
+  // TODO: CSRNG peripheral interface/RNG distribution network interface needs to be defined first,
+  // see https://github.com/lowRISC/opentitan/issues/2693.
 
   // Bus interface
   input  tlul_pkg::tl_h2d_t tl_i,
-  output tlul_pkg::tl_d2h_t tl_o
+  output tlul_pkg::tl_d2h_t tl_o,
+
+  // Alerts
+  input  prim_alert_pkg::alert_rx_t [aes_pkg::NumAlerts-1:0] alert_rx_i,
+  output prim_alert_pkg::alert_tx_t [aes_pkg::NumAlerts-1:0] alert_tx_o
 );
 
   import aes_reg_pkg::*;
+  import aes_pkg::*;
 
   aes_reg2hw_t reg2hw;
   aes_hw2reg_t hw2reg;
@@ -80,8 +85,24 @@ module aes #(
     .entropy_i    ( 64'hFEDCBA9876543210 )
   );
 
+  // Generate alert senders for the bronze netlist.
+  logic [NumAlerts-1:0] alert;
+  assign alert = '0;
+  for (genvar i = 0; i < NumAlerts; i++) begin : gen_alert_tx
+    prim_alert_sender #(
+      .AsyncOn(AlertAsyncOn[i])
+    ) i_prim_alert_sender (
+      .clk_i      ( clk_i         ),
+      .rst_ni     ( rst_ni        ),
+      .alert_i    ( alert[i]      ),
+      .alert_rx_i ( alert_rx_i[i] ),
+      .alert_tx_o ( alert_tx_o[i] )
+    );
+  end
+
   // All outputs should have a known value after reset
   `ASSERT_KNOWN(TlODValidKnown, tl_o.d_valid)
   `ASSERT_KNOWN(TlOAReadyKnown, tl_o.a_ready)
+  `ASSERT_KNOWN(AlertTxKnown, alert_tx_o)
 
 endmodule
@@ -47,6 +47,32 @@ module aes_cipher_core #(
 
   import aes_pkg::*;
 
+  // Generate gates to represent hardening cost for the bronze netlist.
+  prim_gate_gen #(
+    .DataWidth ( 32    ),
+    .NumGates  ( 43000 )
+  ) aes_cipher_core_hardening (
+    .clk_i   ( clk_i             ),
+    .rst_ni  ( rst_ni            ),
+    .valid_i ( in_valid_i        ),
+    .data_i  ( prng_data_i[31:0] ),
+    .data_o  (                   ),
+    .valid_o (                   )
+  );
+
+  // Generate gates to represent cost of high-bandwidth, local PRNG for the bronze netlist.
+  prim_gate_gen #(
+    .DataWidth ( 32    ),
+    .NumGates  ( 30000 )
+  ) aes_cipher_core_prng (
+    .clk_i   ( clk_i             ),
+    .rst_ni  ( rst_ni            ),
+    .valid_i ( in_valid_i        ),
+    .data_i  ( prng_data_i[31:0] ),
+    .data_o  (                   ),
+    .valid_o (                   )
+  );
+
   // Signals
   logic [3:0][3:0][7:0] state_d;
   logic [3:0][3:0][7:0] state_q;

@@ -179,6 +179,29 @@ module aes_core #(
     end
   end
 
+  // Initial key registers (mask share)
+  // NOTE: These are not functional, we just want the gates for the bronze netlist.
+  logic [7:0]       key_init_share1_we;
+  logic [7:0][31:0] key_init_share1_d;
+  logic [7:0][31:0] key_init_share1_q;
+  assign key_init_share1_we = key_init_we;
+
+  always_comb begin : key_init_share1_mux
+    unique case (key_init_sel)
+      KEY_INIT_INPUT: key_init_share1_d = key_init;
+      KEY_INIT_CLEAR: key_init_share1_d = {prng_data_i, prng_data_i, prng_data_i, prng_data_i};
+      default:        key_init_share1_d = key_init_share1_q;
+    endcase
+  end
+
+  always_ff @(posedge clk_i) begin : key_init_share1_reg
+    for (int i=0; i<8; i++) begin
+      if (key_init_share1_we[i]) begin
+        key_init_share1_q[i] <= key_init_share1_d[i];
+      end
+    end
+  end
+
   // IV registers
   always_comb begin : iv_mux
     unique case (iv_sel)

@@ -6,6 +6,9 @@
 
 package aes_pkg;
 
+parameter int NumAlerts = 1;
+parameter logic [NumAlerts-1:0] AlertAsyncOn = NumAlerts'(1'b1);
+
 typedef enum logic {
   AES_ENC = 1'b0,
   AES_DEC = 1'b1

diff --git a/hw/top_earlgrey/data/autogen/top_earlgrey.gen.hjson b/hw/top_earlgrey/data/autogen/top_earlgrey.gen.hjson
@@ -2064,10 +2064,31 @@
       available_output_list: []
       available_inout_list: []
       interrupt_list: []
-      alert_list: []
+      alert_list:
+      [
+        {
+          name: ctrl_err
+          width: 1
+          type: alert
+          async: 0
+        }
+      ]
       wakeup_list: []
       scan: "false"
       scan_reset: "false"
+      inter_signal_list:
+      [
+        {
+          name: keymgr_key
+          type: uni
+          act: rcv
+          package: keymgr_pkg
+          struct: hw_key_req
+          width: "1"
+          inst_name: aes
+          index: -1
+        }
+      ]
     }
     {
       name: hmac
@@ -6489,6 +6510,7 @@
   ]
   alert_module:
   [
+    aes
     hmac
     kmac
     sensor_ctrl
@@ -6497,6 +6519,13 @@
   ]
   alert:
   [
+    {
+      name: aes_ctrl_err
+      width: 1
+      type: alert
+      async: 0
+      module_name: aes
+    }
     {
       name: hmac_msg_push_sha_disabled
       width: 1
@@ -7465,6 +7494,16 @@
         top_signame: lifecycle_strap_sample
         index: -1
       }
+      {
+        name: keymgr_key
+        type: uni
+        act: rcv
+        package: keymgr_pkg
+        struct: hw_key_req
+        width: "1"
+        inst_name: aes
+        index: -1
+      }
       {
         struct: hw_key_req
         type: uni

diff --git a/hw/top_earlgrey/data/top_earlgrey.hjson b/hw/top_earlgrey/data/top_earlgrey.hjson
@@ -533,7 +533,7 @@
   // ===== ALERT HANDLER ======================================================
   // list all modules that expose alerts
   // first item goes to LSB of the interrupt source
-  alert_module: [ "hmac", "kmac", "sensor_ctrl", "otp_ctrl", "otbn"]
+  alert_module: [ "aes", "hmac", "kmac", "sensor_ctrl", "otp_ctrl", "otbn"]
 
   // generated list of alerts:
   alert: [

diff --git a/hw/top_earlgrey/ip/alert_handler/data/autogen/alert_handler.hjson b/hw/top_earlgrey/ip/alert_handler/data/autogen/alert_handler.hjson
@@ -29,7 +29,7 @@
     { name: "NAlerts",
       desc: "Number of peripheral inputs",
       type: "int",
-      default: "15",
+      default: "16",
       local: "true"
     },
     { name: "EscCntDw",
@@ -53,7 +53,7 @@
     { name: "AsyncOn",
       desc: "Number of peripheral outputs",
       type: "logic [NAlerts-1:0]",
-      default: "15'b000111000",
+      default: "16'b0001110000",
       local: "true"
     },
     { name: "N_CLASSES",

diff --git a/hw/top_earlgrey/ip/alert_handler/rtl/autogen/alert_handler_reg_pkg.sv b/hw/top_earlgrey/ip/alert_handler/rtl/autogen/alert_handler_reg_pkg.sv
@@ -7,11 +7,11 @@
 package alert_handler_reg_pkg;
 
   // Param list
-  parameter int NAlerts = 15;
+  parameter int NAlerts = 16;
   parameter int EscCntDw = 32;
   parameter int AccuCntDw = 16;
   parameter int LfsrSeed = 2147483647;
-  parameter logic [NAlerts-1:0] AsyncOn = 15'b000111000;
+  parameter logic [NAlerts-1:0] AsyncOn = 16'b0001110000;
   parameter int N_CLASSES = 4;
   parameter int N_ESC_SEV = 4;
   parameter int N_PHASES = 4;
@@ -455,14 +455,14 @@ package alert_handler_reg_pkg;
   // Register to internal design logic //
   ///////////////////////////////////////
   typedef struct packed {
-    alert_handler_reg2hw_intr_state_reg_t intr_state; // [884:881]
-    alert_handler_reg2hw_intr_enable_reg_t intr_enable; // [880:877]
-    alert_handler_reg2hw_intr_test_reg_t intr_test; // [876:869]
-    alert_handler_reg2hw_regen_reg_t regen; // [868:868]
-    alert_handler_reg2hw_ping_timeout_cyc_reg_t ping_timeout_cyc; // [867:844]
-    alert_handler_reg2hw_alert_en_mreg_t [14:0] alert_en; // [843:829]
-    alert_handler_reg2hw_alert_class_mreg_t [14:0] alert_class; // [828:799]
-    alert_handler_reg2hw_alert_cause_mreg_t [14:0] alert_cause; // [798:784]
+    alert_handler_reg2hw_intr_state_reg_t intr_state; // [888:885]
+    alert_handler_reg2hw_intr_enable_reg_t intr_enable; // [884:881]
+    alert_handler_reg2hw_intr_test_reg_t intr_test; // [880:873]
+    alert_handler_reg2hw_regen_reg_t regen; // [872:872]
+    alert_handler_reg2hw_ping_timeout_cyc_reg_t ping_timeout_cyc; // [871:848]
+    alert_handler_reg2hw_alert_en_mreg_t [15:0] alert_en; // [847:832]
+    alert_handler_reg2hw_alert_class_mreg_t [15:0] alert_class; // [831:800]
+    alert_handler_reg2hw_alert_cause_mreg_t [15:0] alert_cause; // [799:784]
     alert_handler_reg2hw_loc_alert_en_mreg_t [3:0] loc_alert_en; // [783:780]
     alert_handler_reg2hw_loc_alert_class_mreg_t [3:0] loc_alert_class; // [779:772]
     alert_handler_reg2hw_loc_alert_cause_mreg_t [3:0] loc_alert_cause; // [771:768]
@@ -504,8 +504,8 @@ package alert_handler_reg_pkg;
   // Internal design logic to register //
   ///////////////////////////////////////
   typedef struct packed {
-    alert_handler_hw2reg_intr_state_reg_t intr_state; // [257:254]
-    alert_handler_hw2reg_alert_cause_mreg_t [14:0] alert_cause; // [253:224]
+    alert_handler_hw2reg_intr_state_reg_t intr_state; // [259:256]
+    alert_handler_hw2reg_alert_cause_mreg_t [15:0] alert_cause; // [255:224]
     alert_handler_hw2reg_loc_alert_cause_mreg_t [3:0] loc_alert_cause; // [223:216]
     alert_handler_hw2reg_classa_clren_reg_t classa_clren; // [215:216]
     alert_handler_hw2reg_classa_accum_cnt_reg_t classa_accum_cnt; // [215:216]