Skip to content

ot_keymgr: Add main FSM with keymgr initialization #184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Sep 17, 2025
Merged

ot_keymgr: Add main FSM with keymgr initialization #184

merged 6 commits into from
Sep 17, 2025

Conversation

AlexJones0
Copy link

@AlexJones0 AlexJones0 commented Sep 15, 2025
edited
Loading

This PR is the second of a series of 4 PRs to implement OpenTitan's keymgr IP, as used in Earlgrey, split to ease review. You can see all the relevant keymgr commits in #188.

This PR implements the initialization logic and FSM states for the keymgr, allowing the keymgr to begin operation upon writing a START command to the keymgr. This includes lifecycle controller enablement, entropy reseeding from the EDN, Creator root key loading from the OTP, and implementation of operation status updates. Future PRs will continue to implement the main FSM and keymgr operations.

See the commit messages for more details about each change.

@AlexJones0 AlexJones0 force-pushed the eg-keymgr-initialisation branch from 3f9630a to aecde3f Compare September 15, 2025 13:36
@luismarques
Copy link

Progresses lowRISC/opentitan#27894

@AlexJones0 AlexJones0 mentioned this pull request Sep 16, 2025
Merged
@AlexJones0 AlexJones0 force-pushed the eg-keymgr-initialisation branch 2 times, most recently from bcde680 to 45f864d Compare September 16, 2025 14:37
loiclefort
loiclefort reviewed Sep 16, 2025
View reviewed changes
@AlexJones0 AlexJones0 force-pushed the eg-keymgr-initialisation branch from 45f864d to 58707a6 Compare September 17, 2025 11:42
@AlexJones0
[ot] hw/opentitan: ot_keymgr: Initial keymgr FSM with reset state
1d32e16 
Introduce the initial logic comprising the keymgr FSM, stubbing out all
internal FSM states apart from the `RESET` state, which is implemented.
Note however that this will not currently function, because keymgr
enablement via lc_ctrl has not yet been added.

Adds logic for scheduling the FSM using a short timer (200 ns) instead
of a BottomHalf because of potential reliability issues. Using a BH /
Timer allows deferring execution to the end of I/O calls.

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0
[ot] hw/opentitan: ot_keymgr: Add lc_ctrl keymgr enable connection
64c9fe9 
When the keymgr is disabled by the lc_ctrl, this also temporarily locks
the CFG_REGWEN.

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0
[ot] hw/riscv: ot_earlgrey: Connect lc_ctrl keymgr broadcast signal
4a0acc7 
Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0
[ot] hw/opentitan: ot_keymgr: Reseed entropy from the EDN
d9c2246 
Add a device link to endpoint 0 of EDN0 through which the Keymgr can
request entropy for refreshing its seed. Implements the `ENTROPY_RESEED`
and `RANDOM` states for the Keymgr FSM which use this connection.

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0
[ot] hw/opentitan: ot_keymgr: Add root key loading from OTP
a9388e5 
Adds a connection between the keymgr and the otp_ctrl, using the
implemented `otp_ctrl` methods to retrieve the creator root key from
OTP. Also change the behaviour of the `ROOT_KEY` FSM state so that an
invalid root key (or disablement) will cause a transition to the `WIPE`
state.

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0 AlexJones0 force-pushed the eg-keymgr-initialisation branch from 58707a6 to bf10efb Compare September 17, 2025 12:00
@AlexJones0 AlexJones0 marked this pull request as ready for review September 17, 2025 12:01
@AlexJones0 AlexJones0 mentioned this pull request Sep 17, 2025
Merged
@AlexJones0
Copy link
Author

Also see #188 which is the final keymgr PR - alongside #185 this shows all the new passing keymgr tests.

jwnrt
jwnrt reviewed Sep 17, 2025
View reviewed changes
@AlexJones0 AlexJones0 force-pushed the eg-keymgr-initialisation branch from bf10efb to aea5683 Compare September 17, 2025 13:51
@AlexJones0 AlexJones0 requested a review from jwnrt September 17, 2025 13:53
@AlexJones0
[ot] hw/opentitan: ot_keymgr: Add operation status & init FSM state
c4401a3 
This commit focuses on creating a (mostly complete) implementation of
the `INIT` keymgr FSM state, which performs some checks before starting
an advance or disable operation. These are both stubbed out for now.

Logic (which is the same as the keymgr_dpe logic) is added for updating
the `OP_STATUS`, so that it latches and reflects the last requested
operation. Also, functionality is added to lock `CFG_REGWEN` during an
operation.

Signed-off-by: Alex Jones <alex.jones@lowrisc.org>
@AlexJones0 AlexJones0 force-pushed the eg-keymgr-initialisation branch from aea5683 to c4401a3 Compare September 17, 2025 13:59
@AlexJones0 AlexJones0 merged commit f3b9e47 into lowRISC:ot-earlgrey-9.2.0 Sep 17, 2025
8 of 9 checks passed
@AlexJones0 AlexJones0 mentioned this pull request Sep 19, 2025
Closed
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@loiclefort loiclefort loiclefort approved these changes

@jwnrt jwnrt jwnrt approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@AlexJones0 @luismarques @loiclefort @jwnrt