Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[kmac/rtl] Abort when sideload key is invalid during operation
The KMAC HW IP block features an option to load keys from Key Manager via a HW key sideload interface. Prior to this commit, KMAC would: - when used via the SW application interface: *not check at all* if the sideload key is valid (issue #10704, #16855); - when used via a HW application interface: check if the sideload key is valid *only for a single cycle* when the application interface gets configured (state `StAppCfg` in `kmac_app`). This could lead to cases where KMAC would use an invalid sideload key. This commit fixes the problem by checking whether the sideload key is valid in *every* FSM state in which the sideload key is used. If the sideload key is invalid even for a single cycle (the FSM cannot know whether the key is being used in this exact cycle or not), `kmac_app`'s FSM goes into the `StKeyMgrErrKeyNotValid` state. In that state, the FSM signals the `keymgr_pkg::ErrKeyNotValid` error code in KMAC's `err_code` CSR. The FSM then transitions to the `StError` state, where it drains data from the HW application interface by keeping `app_o.ready` high. The digest output remains all-zero (it can only take a non-zero value in the `StAppWait` state). The FSM exits the `StError` state after SW has signalled that it has processed the error by writing the `processed` bit in the `CFG_SHADOWED` CSR *and* the active HW app interface has sent the last data item. This commit resolves #10704 and implements the RTL part of #16855. Covering this in DV remains open, although the existing tests (which don't cover this) keep their previous pass rates. Signed-off-by: Andreas Kurth <[email protected]>
- Loading branch information
1 parent
b41a891
commit db8e322