[keymgr] Don't update and reseed PRNG in Disabled/Invalid state forever

Previously, keymgr would keep updating and reseeding the PRNG forever once entering the StCtrlDisabled or StCtrlInvalid state. This is not ideal from an entropy and power consumption viewpoint. This commit changes the design to - once one of the two states is entered - to keep updating the PRNG (which also triggers the reseed operation) until two more PRNG reseed operation have happened. This also includes the keymgr_DPE specific changes of lowRISC#23071. This is related to lowRISC#22997. Signed-off-by: Pirmin Vogel <[email protected]>
Razer6 · Aug 29, 2024 · a48bff7 · a48bff7
1 parent 8b9796d
commit a48bff7
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 2 deletions.
diff --git a/hw/ip/keymgr_dpe/rtl/keymgr_dpe.sv b/hw/ip/keymgr_dpe/rtl/keymgr_dpe.sv
@@ -179,6 +179,7 @@ module keymgr_dpe
   logic [LfsrWidth-1:0] seed;
   logic reseed_req;
   logic reseed_ack;
+  logic reseed_done;
   logic reseed_cnt_err;
 
   keymgr_reseed_ctrl u_reseed_ctrl (
@@ -188,6 +189,7 @@ module keymgr_dpe
     .rst_edn_ni,
     .reseed_req_i(reseed_req),
     .reseed_ack_o(reseed_ack),
+    .reseed_done_o(reseed_done),
     .reseed_interval_i(reg2hw.reseed_interval_shadowed.q),
     .edn_o,
     .edn_i,
@@ -292,6 +294,7 @@ module keymgr_dpe
     .sideload_fsm_err_i(sideload_fsm_err),
     .prng_reseed_req_o(reseed_req),
     .prng_reseed_ack_i(reseed_ack),
+    .prng_reseed_done_i(reseed_done),
     .prng_en_o(ctrl_lfsr_en),
     .entropy_i(ctrl_rand),
     .op_i(keymgr_dpe_ops_e'(reg2hw.control_shadowed.operation.q)),

diff --git a/hw/ip/keymgr_dpe/rtl/keymgr_dpe_ctrl.sv b/hw/ip/keymgr_dpe/rtl/keymgr_dpe_ctrl.sv
@@ -78,6 +78,7 @@ module keymgr_dpe_ctrl
 
   // prng control interface
   input [Shares-1:0][RandWidth-1:0] entropy_i,
+  input prng_reseed_done_i,
   input prng_reseed_ack_i,
   output logic prng_reseed_req_o,
   output logic prng_en_o
@@ -210,7 +211,24 @@ module keymgr_dpe_ctrl
   //  interaction between main fsm and prng
   ///////////////////////////
 
-  assign prng_en_o = random_req | fsm_at_disabled | fsm_at_invalid | wipe_req;
+  // Upon entering StCtrlDisabled or StCtrlInvalid, the PRNG is kept advancing until it has been
+  // reseeded twice (through the reseeding mechansism inside keymgr_reseed_ctrl.sv).
+  logic [1:0] prng_en_dis_inv_d, prng_en_dis_inv_q;
+  logic prng_en_dis_inv_set;
+
+  assign prng_en_dis_inv_d =
+      prng_en_dis_inv_set ? 2'b11 :
+      prng_reseed_done_i  ? {1'b0, prng_en_dis_inv_q[1]} : prng_en_dis_inv_q;
+
+  always_ff @(posedge clk_i or negedge rst_ni) begin
+    if (!rst_ni) begin
+      prng_en_dis_inv_q <= '0;
+    end else begin
+      prng_en_dis_inv_q <= prng_en_dis_inv_d;
+    end
+  end
+
+  assign prng_en_o = random_req | wipe_req | prng_en_dis_inv_q[0];
 
   //////////////////////////
   // Main Control FSM
@@ -411,7 +429,10 @@ module keymgr_dpe_ctrl
     // invalid operation issued
     invalid_op = 1'b0;
 
-    // enable prng toggling
+    // Don't request final PRNG updating and reseeding.
+    prng_en_dis_inv_set = 1'b0;
+
+    // Request PRNG reseeding.
     prng_reseed_req_o = 1'b0;
 
     // signal the cycle that loads UDS
@@ -431,6 +452,7 @@ module keymgr_dpe_ctrl
         // if there was a structural fault before anything then move to invalid directly
         if (inv_state) begin
           state_d = StCtrlDpeInvalid;
+          prng_en_dis_inv_set = 1'b1;
         end else if (advance_cmd) begin
           state_d = StCtrlDpeEntropyReseed;
         end
@@ -445,6 +467,7 @@ module keymgr_dpe_ctrl
         invalid_op = ~en_i;
         if (!en_i) begin
           state_d = StCtrlDpeInvalid;
+          prng_en_dis_inv_set = 1'b1;
         end else if (prng_reseed_ack_i) begin
           state_d = StCtrlDpeRandom;
         end
@@ -462,6 +485,7 @@ module keymgr_dpe_ctrl
         invalid_op = ~en_i;
         if (!en_i) begin
           state_d = StCtrlDpeInvalid;
+          prng_en_dis_inv_set = 1'b1;
         end else if (int'(cnt) == EntropyRounds - 1) begin
           random_ack = 1'b1;
           state_d = StCtrlDpeRootKey;
@@ -479,6 +503,7 @@ module keymgr_dpe_ctrl
         // Since we did not store the root key, we do not have to wipe it.
         if (!en_i | inv_state | ~root_key_i.valid) begin
           state_d = StCtrlDpeInvalid;
+          prng_en_dis_inv_set = 1'b1;
         end else begin
           state_d = StCtrlDpeAvailable;
         end
@@ -515,11 +540,13 @@ module keymgr_dpe_ctrl
         invalid_op = op_start_i;
 
         state_d = StCtrlDpeInvalid;
+        prng_en_dis_inv_set = 1'b1;
       end
 
       StCtrlDpeDisabling: begin
         op_req = op_start_i;
         state_d = StCtrlDpeDisabled;
+        prng_en_dis_inv_set = 1'b1;
       end
 
       // TODO(#384): Revisit allowing transactions during Disabled and Invalid.