Skip to content

ot_kmac: Implement error processing + misc. fixes #171

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Sep 4, 2025
Merged

ot_kmac: Implement error processing + misc. fixes #171

merged 4 commits into from
Sep 4, 2025

Conversation

AlexJones0
Copy link

This PR contains a a few misc. fixes/improvements based on issues encountered whilst running OpenTitan tests - these changes are explained in the commit messages.

The largest change of this PR is the fourth commit, which introduces error handling through software setting of the CMD.ERR_PROCESSED bit. The logic here is based primarily on the RTL's error handling FSM states in kmac_app.sv

@rivos-eblot
Copy link

rivos-eblot commented Sep 3, 2025
edited
Loading

(leaving this one to @loiclefort , I do not know the KMAC)

loiclefort
loiclefort reviewed Sep 3, 2025
View reviewed changes
@AlexJones0 AlexJones0 marked this pull request as draft September 3, 2025 18:27
@AlexJones0 AlexJones0 marked this pull request as ready for review September 3, 2025 19:08
@AlexJones0 AlexJones0 force-pushed the kmac_improvements branch 2 times, most recently from b67c626 to 9e4c912 Compare September 3, 2025 19:38
loiclefort
loiclefort reviewed Sep 3, 2025
View reviewed changes
@AlexJones0
[ot] hw/opentitan: ot_kmac: Only zero capacity for SW KMAC w/ sideload
90b93b4 
As is explained in comments in the code, the current RTL actually
exposes the entirety of the internal Keccak state, including the
resultant capacity that is not a valid part of the digest, meaning that
this capacity should be visible through the state registers.

This is the case for all operations, except for SW-initiated operations
that use a sideloaded key for KMAC. In this case, HW does indeed zero
the capacity as one might expect - see:
https://github.com/lowRISC/opentitan/blob/a14e715d0f425bc4986be526bc52bdeb901756bf/hw/ip/kmac/rtl/kmac_app.sv#L727-L728

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0
[ot] hw/opentitan: ot_kmac: Handle re-entrant app requests
a05dd14 
The KMAC app request API already errors if we have an existing request
pending from an APP, but there is an edge case with re-entrancy.

Consider:
1. A device calls a kmac->app_request(data).
2. The KMAC processes the data and responds, calling dev_app->fn(resp)
3. As a result of the response, the device wants to process more KMAC
   requests, so it sends another app request.
4. KMAC thinks the app is not pending but still sees the current app
   set, so it thinks it is receiving more data. It will try and process
   that data and then then transition to idle, but the data that was
   expected to be processed has not been processed.

This re-entrancy should be allowed because we are essentially just
trying to "queue" an operation now that the previous one is completed,
and we want it to run after the KMAC is idle again (i.e. state reset).
So, by simply modifying the existing check we can use the existing app
request/pending mechanisms to allow safe re-entrancy (also without
potential for stack issues).

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0
[ot] hw/opentitan: ot_kmac: Error on invalid sideloaded key for SW KMAC
8eaafed 
The RTL actually does error even in SW-initiated KMAC commands that are
making use of an invalid sideloaded key, with the `app_id` that is
reported in the error code just defaulting to zero.

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0
[ot] hw/opentitan: ot_kmac: Implement SW error handling
5d59b42 
Previously, the KMAC `CMD.ERR_PROCESSED` bit was just clearing the
alerts, but not actually doing anything to the internal KMAC state.

This commit implements full error handling for both HW and SW operation
errors. The logic is the same for both types - upon an erroneous
command, the user must write the `err_processed` bit, upon which the
KMAC will flush its internal state by sending a `Process` command,
followed by an `Absorb` command when done. The key differences are:
 - For HW app interface errors: as soon as all the data is received, HW
   is responded to so we don't stall HW, but the FSM won't return to
   idle until SW acknowledges the error. If SW acknowledges the error
   before the HW request data is finished sending, then KMAC first waits
   for the full request, then responds, then returns to idle.
-  For SW app interface errors: the internal KMAC state is flushed as
   soon as the error is processed, ignoring any further message feed or
   commands and immediately processing, and then finishing ('Done')
   when absorbed, before returning to idle.

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0 AlexJones0 merged commit bf439a7 into lowRISC:ot-earlgrey-9.2.0 Sep 4, 2025
8 checks passed
This was referenced Sep 15, 2025
Open
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@loiclefort loiclefort loiclefort approved these changes

@jwnrt jwnrt jwnrt approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@AlexJones0 @rivos-eblot @loiclefort @jwnrt